NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
ReadyNAS NV+ and ssl
I'm using a ReadyNAS NV+. The web interface only supports TLS 1.0. Many browsers are beginning to pull support for TLS 1.0 as it's old and insecure. Chrome no longer supports it and no longer allows an exception for it. This was brought up at least once before on the forums here, but was never really resolved[1]. Simply keeping an older browser around just to administer a single device doesn't seem practical, and with auto update on everything these days the list of possible browsers continues to shrink. It's only a matter of time before it becomes impossible to access the https admin console. The possibility of turning off SSL and using HTTP is the epitome of "throwing the baby out with the bathwater". What are the possible paths to supporting newer version fo TLS? There's hasn't been an update to the firmware (4.1.16) for about 5 years[2]. If Netgear is going to support NV+ going forward we clearly need a new one. Is it possible a plugin could do this?
[2] https://kb.netgear.com/000038792/RAIDiator-Version-4-1-16-Sparc
4 Replies
bachrach44 wrote:
If Netgear is going to support NV+ going forward we clearly need a new one.
Let's start here. Netgear stopped selling the NV+ v1 in 2011, and issued the final firmware for it in 2017. They've made it quite clear that they are no longer supporting it.
bachrach44 wrote:
Is it possible a plugin could do this?
Yes - if one could create the necessary sparc build environment, then one could create an add-on patch. WhoCares_ did this for 4.2.x and 5.3.x systems (which have easier build environments), but not for 4.1.x.
Not clear that anyone is willing to take this on.
Work around by downloading an old browser and disabling updates.
https://ftp.mozilla.org/pub/firefox/releases/90.0b7/win64/en-US/
JulzB wrote:
Work around by downloading an old browser and disabling updates.
https://ftp.mozilla.org/pub/firefox/releases/90.0b7/win64/en-US/
More information on this is found here: https://community.netgear.com/t5/New-ReadyNAS-Users-General/Workaround-for-ERR-SSL-VERSION-OR-CIPHER-MISMATCH-problem-for/m-p/2198243
bachrach44 wrote:The possibility of turning off SSL and using HTTP is the epitome of "throwing the baby out with the bathwater".
I can't imagine a business still relying on such an outdated product. So, assuming it's in your home, do you really think somebody is going to try and sniff your home network just to break into your NAS?
If you do, how many computers access the NAS and is a separate wired-only network an option?
But you are right that access will likely become more and more difficult as technology progresses. So, it's probably time for you to start looking at options for a replacement.
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
