NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
ReadyNAS says "No IP Address": I can connect to it, but it cannot connect to Internet
I was having trouble loading Spotty on LMS Web interface due to the outdated standard SSL version on this device. Following laborious instructions on this Forum I managed to update SSL, and now I ca...
They look OK:
--- 8.8.8.8 ping statistics ---
28 packets transmitted, 28 packets received, 0% packet loss
round-trip min/avg/max = 28.250/30.859/37.911 ms
root@HAL9000:~# nslookup dns.google.com
Server: 209.18.47.62
Address 1: 209.18.47.62 dns-cac-lb-02.rr.com
Name: dns.google.com
Address 1: 2001:4860:4860::8844 dns.google
Address 2: 2001:4860:4860::8888 dns.google
Address 3: 8.8.4.4 dns.google
Address 4: 8.8.8.8 dns.google
But STILL I get the comms error when the ReadyNAS tries to access the outside world. e.g. BIOS Update Check. Weird.
ncameron wrote:
They look OK:
But STILL I get the comms error when the ReadyNAS tries to access the outside world. e.g. BIOS Update Check. Weird.
This may be limited to services that use TLS/SSL.
Try
openssl s_client -connect www.google.com:443and see what happens.
Tried that. I get a long result which I have posted here three times, but never sticks - so I think it's too long.
The highlights are:
CONNECTED(00000003)
depth=2 C = US, O = Google Trust Services LLC, CN = GTS Root R1
verify error:num=20:unable to get local issuer certificate
verify return:0
---
Certificate chain
0 s:/CN=www.google.com
i:/C=US/O=Google Trust Services LLC/CN=GTS CA 1C3
1 s:/C=US/O=Google Trust Services LLC/CN=GTS CA 1C3
i:/C=US/O=Google Trust Services LLC/CN=GTS Root R1
2 s:/C=US/O=Google Trust Services LLC/CN=GTS Root R1
i:/C=BE/O=GlobalSign nv-sa/OU=Root CA/CN=GlobalSign Root CAThen certificate details; then:
subject=/CN=www.google.com
issuer=/C=US/O=Google Trust Services LLC/CN=GTS CA 1C3
---
No client certificate CA names sent
---
SSL handshake has read 4901 bytes and written 415 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-GCM-SHA256
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES128-GCM-SHA256
Session-ID: B7DFFDB1747B843CC6A897757CAA578305FA3BAF5313E281BD6DA43651763C2C
Session-ID-ctx:
Master-Key: 0F9BB680075A2F425EB86FE290C233D7345188FBD22B3EC2B18612E25F2E2E58757F41005E5D86D7FE2CC50B56EA87B8
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 100800 (seconds)
TLS session ticket:And finally:
Verify return code: 20 (unable to get local issuer certificate)
So it looks like in trying to update SSL I have screwed it up. But how do I get a working certificate if I can't connect to anything?!
Thanks for all your help by the way...
ncameron wrote:
Tried that. I get a long result which I have posted here three times, but never sticks - so I think it's too long.
There is an automatic spam filter, and it looks like it caught your earlier posts for some reason. Mods review it when they have time, so you might see them released in a while.
ncameron wrote:
But how do I get a working certificate if I can't connect to anything?!
No idea how to fix it. You could try an OS reinstall and see if that works. It'd be prudent to make a backup of your data, in case you lose all access.
Another thought - if you have a spare disk (not in the array), then you could do a factory install with only the spare in place.
Then copy the OS partition to an external drive. That might help you identify the files that you modified, and get back stock files that work.
Well, I was preparing myself for an inevitable OS reinstall if this wen on; it worked fine.
But now I have the same slightly broken LMS installation as before due to an outdated SSL version. However, that is preferable to no Internet access.
Thanks for your help...
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
