NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
Netgear R7000 and OpenVPN for Android App
Hi, since last OpenVPN for Android App update (v.0.6.73) downloadable at the following link: https://play.google.com/store/apps/details?id=de.blinkt.openvpn OpenSSL version was upgraded to 1.1 and...
Thanks everyone for feedback so far. Attached is version 1.0.1. I fixed some typos, added a suggestion to clean up your tftp folder when you're done, and made a note about the OpenVPN version that's most compatible with the document.
Some users looking to work through this doc may find that they can avoid Step 1 by visiting this hidden page:
If the debug page loads and there is an "Enable Telnet" option then you got lucky. Note that either the debug page or the option to "Enable Telnet" may not exist on your device or firmware version. Remember to check that this option is disabled after you're finished because having telnet enabled is a security risk.
Thanks everyone for feedback so far. Attached is version 1.0.1. I fixed some typos, added a suggestion to clean up your tftp folder when you're done, and made a note about the OpenVPN version that's most compatible with the document.
Some users looking to work through this doc may find that they can avoid Step 1 by visiting this hidden page:
If the debug page loads and there is an "Enable Telnet" option then you got lucky. Note that either the debug page or the option to "Enable Telnet" may not exist on your device or firmware version. Remember to check that this option is disabled after you're finished because having telnet enabled is a security risk.
Diggie3 - Thank you very much for the information provided in the guide. I was able to follow the steps and update my R7000.
Just wanted to share some information I found during my process in hopes someone else doesn't have to struggle through the frustration I experienced.
I followed all of the steps without issue until I reached step 2b: Connect to the router. No matter what I did, I was unable to connect via Telnet. The step 1h: Enable Telnet, returned the message Sent Telnet enabled payload to '192.168.0.1', it would appear that it was successful but no Telnet connections were accepted.
It took some time to figure it out, but it seems there was an issue with my choice of password and the enable script. I use a long, complex password to secure my router's admin account. For kicks I changed it to something short and simple, sent the payload again, and was able to connect via Telnet.
If you use a long and/or complex password for your account, and are unable to connect via Telnet after sending the payload in step 1h, you may consider temporarily changing your password to something simple during this process then resetting it back to your desired choice once complete.
Just followed the excellent guide on my R7000. However, when I export the certificates from the VPN settings on the router - they are still the old ones. Which is odd, since they should have been overwritten in the last step (when unzipping newkeys.zip). Last step appeared succesfully and then rebooted, but even after reboot - still retrieving the old certs from the portal.
- There are two possibilities:
- newkeys.zip has the old keys inside
- you weren't cd'd into the right folder when you unzipped
Well, there are of course many possibilities but those are the most likely! Hey Diggie3 - thanks for responding.
On closer inspection turns out my router is a D7000 not a R7000 (did try to update the thread last night but the storm knocked out my internet connection).
Definitely had the new certs copied over ok, they just get replaced after the reboot. Guessing the D7000 either needs some extra steps or won't support updating :(
Thanks for the guide anyway - was good fun following :)
Hi Diggie3, great effort and considerate of you to share your knowledge. I read your document and started working through the steps time permitting. I like to share 3 observations so far.
1- At PUTTY step 2b you mention port 22 where in the screen you show 23. Port 23 is also in the result of 1h.
2- Given the long time telnet is enabled if I follow your sequence, why not first calculate the new keys, then enable telnet and so on. Then telnet is not open for that long.
3- The PDf is secured. I understand why. However all information needs to be typed over, including URLs to the software used.
4- Keys now generated. Had to change the paths in VARS.bat to point to the proper %home% and bin path.
Question: when updating the firmware, do I need to redo the change of keys?
Just finished. Instructions worked great and resultcis good, as expected. I did them in the sequence as nitrd in my earlier post. I also had to temparary change my router password, as identified by Someone67387463.
