NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

Morganino's avatar
Morganino
Tutor
Jun 26, 2017
Solved

Netgear R7000 and OpenVPN for Android App

Hi, since last OpenVPN for Android App update (v.0.6.73) downloadable at the following link: https://play.google.com/store/apps/details?id=de.blinkt.openvpn OpenSSL version was upgraded to 1.1 and...
Features
Firmware
Netgear router tech support number 1-844-330-2330 Netgear router support phone number Netgear router tech support phone number Netgear tech support phone number
Security
  • Diggie3's avatar
    Diggie3
    Feb 28, 2018

    Thanks everyone for feedback so far. Attached is version 1.0.1. I fixed some typos, added a suggestion to clean up your tftp folder when you're done, and made a note about the OpenVPN version that's most compatible with the document.

     

    Some users looking to work through this doc may find that they can avoid Step 1 by visiting this hidden page:

     

    http://192.168.1.1/debug.htm

     

    If the debug page loads and there is an "Enable Telnet" option then you got lucky. Note that either the debug page or the option to "Enable Telnet" may not exist on your device or firmware version. Remember to check that this option is disabled after you're finished because having telnet enabled is a security risk.

BusterGonad's avatar
BusterGonad
Aspirant
Apr 21, 2018

Just followed the excellent guide on my R7000.  However, when I export the certificates from the VPN settings on the router - they are still the old ones.  Which is odd, since they should have been overwritten in the last step (when unzipping newkeys.zip).  Last step appeared succesfully and then rebooted, but even after reboot - still retrieving the old certs from the portal.

 

Diggie3's avatar
Diggie3
Luminary
Apr 21, 2018
There are two possibilities:
- newkeys.zip has the old keys inside
- you weren't cd'd into the right folder when you unzipped

Well, there are of course many possibilities but those are the most likely!
  • BusterGonad's avatar
    BusterGonad
    Aspirant
    Apr 22, 2018

    Hey Diggie3 - thanks for responding.

     

    On closer inspection turns out my router is a D7000 not a R7000 (did try to update the thread last night but the storm knocked out my internet connection).

     

    Definitely had the new certs copied over ok, they just get replaced after the reboot.  Guessing the D7000 either needs some extra steps or won't support updating :(

     

    Thanks for the guide anyway - was good fun following :)

  • ElfjeTwaalfje's avatar
    ElfjeTwaalfje
    Tutor
    Apr 22, 2018

    Hi Diggie3, great effort and considerate of you to share your knowledge. I read your document and started working through the steps time permitting. I like to share 3 observations so far.

    1- At PUTTY step 2b you mention port 22 where in the screen you show 23. Port 23 is also in the result of 1h.

    2- Given the long time telnet is enabled if I follow your sequence, why not first calculate the new keys, then enable telnet and so on. Then telnet is not open for that long.

    3- The PDf is secured. I understand why. However all information needs to be typed over, including URLs to the software used.

    4- Keys now generated. Had to change the paths in VARS.bat to point to the proper %home% and bin path.

     

    Question: when updating the firmware, do I need to redo the change of keys?

  • ElfjeTwaalfje's avatar
    ElfjeTwaalfje
    Tutor
    Apr 26, 2018

    Just finished. Instructions worked great and resultcis good, as expected. I did them in the sequence as nitrd in my earlier post. I also had to temparary change my router password, as identified by Someone67387463