NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

alokeprasad's avatar
alokeprasad
Mentor
Nov 09, 2018

Secure connection to Readynas Duo v1

It has been a while since I did a local access to my Duo ( https://192.168.1.100/admin/ ) I am getting certificate errors now in Chrome (ERR_SSL_VERSION_OR_CIPHER_MISMATCH); Firefox v63.0.1 (SSL_ER...
Other Discussions
alokeprasad's avatar
alokeprasad
Mentor
Nov 12, 2018

Latest versions of browsers are enforcing TLS even if I type http:\\ ...

They are not finding a way for secure access to the device.

 

I an not accessing the device over WAN.  This is over my internal LAN (my side of the router.

The 192.186.x.x are locally available addresses anyway...

StephenB's avatar
StephenB
Guru - Experienced User
Nov 12, 2018
alokeprasad wrote:

Latest versions of browsers are enforcing TLS even if I type http:\\ ...

They are not finding a way for secure access to the device.

 

They won't if you disable https on the Duo (which is an option under services).  Though the trick now is to get it to connect once, so you can do that.

 

You could try using IE perhaps in compatibility mode, or temporarily installing an older version of FireFox or Chrome.

 

FWIW, I am not seeing this issue on my own Duo and NV+, and both have https enabled.  FireFox and Chrome say they are up to date, though Chrome is version 70.0.3538.102, not version 71.

  • alokeprasad's avatar
    alokeprasad
    Mentor
    Nov 17, 2018

    I was able to connect to Duo v1 using Safari on an iPad.  The browser there allowed me to bypass the warnings and connect anyway to the Duo.

    How/where do I disable encrypted TLS/https access to the device?

    I expect that will be good enough security as this is inside my LAN and with a local non-routable IP address 192.168.1.100

     

    PS: Will it help to re-start the device?

     

    Aloke

    • StephenB's avatar
      StephenB
      Guru - Experienced User
      Nov 19, 2018
      alokeprasad wrote:

       

      How/where do I disable encrypted TLS/https access to the device?

       

      services->standard file protocols has a checkbox for https.

       

      alokeprasad wrote:

       

      PS: Will it help to re-start the device?

       

      It might.

      • alokeprasad's avatar
        alokeprasad
        Mentor
        Nov 21, 2018

        That option is checked and greyed out.  I can't change it.

        The only other option checked on that screen is CIFS.

        Besides, that screen description says "Select the file sharing protocol you wish to enable." I just want CIFS.

         

        So, the HTTP option is unchecked.  For some reason, the HTTPS file sharing protocol is forced-enabled with Port 443, SSL Key Host 192.168.125.56 (why that IP?).  Which device should be set to be the source for the SSL Key host?

         

        I don't even have a device with that IP address on my LAN (verified by checking my X10 router Genie).

         

        Aloke

        PS: The Help Screen for that page says for HTTPS "This service cannot be disabled"

        PPS: What IP address should I enter for the SSL key host?

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More