NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
Something is blocking OS4.2 and 5.1 admin access in Windows 10
It has been a while since I used my OS4.2 and OS5 NASes. I recently had the need to access an OS4.2.31 one, which has the add-on installed to allow it to communicate with TLS 1.1, and my browser (I tried both Chrome and Edge) on my Win10 desktop said it took too long to respond (not that it responded with an insecure protocol). I tried my Win11 laptop, and I could get in fine. I then tried another Win10 computer, and it was also not responding. I then powered up my OS5 NAS, which also has the appropriate add-on, and it behaved the same way. There is no issue with my OS6 NASes.
So, something seems to be blocking the TLS1.1 protocol on two Win10 machines. My first suspect was my firewall. I turned it off and nothing changed. (I run the same one on the Win11 laptop, BTW.) I verified that TLS 1.1 and 1.0 are enabled in Internet Options. I ran a Win7 VM on that computer and it had no issue, so it's not hardware between the computer and the NAS. I also ran a Win10 VM, and it got in, but that VM has not had a Windows update in some time.
I could do what I needed to via the VM, but I'm stumped as to what the problem could be, and I'm likely not the only person to run into it. So, does anyone have any suggestions?
StephenB , have you seen anything like this before?
OK, so here is the solution for anyone with this issue and using Norton360:
Go to the Norton 360 settings -- right click on the system tray icon and select Settings. On the settings menu, select Security on the left, then Advanced Security at the bottom, and Web on the left of that page. When you mouse over Safe Web, a settings gear icon appears -- select that. From there you can just disable HTTPS scanning. But it's better to go to the Exceptions tab and add your NAS IP and name as an exception to the scanning. Just the name should be enough, but I put them both in.
Since it's designed for URL's, not IP addresses, you can't put in a range. So if you have more than one OS4.x or 5.x ReadyNAS, you're going to have to add each as an exception.
5 Replies
Replies have been turned off for this discussion
Sandshark wrote:
I recently had the need to access an OS4.2.31 one, which has the add-on installed to allow it to communicate with TLS 1.1,
I think you mean TLS 1.2???
Sandshark wrote:
StephenB , have you seen anything like this before?
I don't have any OS 4.2 or OS 5 systems running.
I can still access OS 4.1 using https://nas-ip-address/admin after setting security.tls.version.min to 1 in FireFox That is using a Win 11 Pro (23H2) PC.
Did you try disabling your antivirus software? I believe Avast will block the connection, others might do that also.
Do the add-ons for OS4.2 and 5 use TLS 1.2 or 1.1? I didn't think 1.2 was considered unsafe and would be blocked by anything.
Yes, as I said, the first thing I tried is disabling the firewall within my anti-virus software. I also tried disabling the other protections, even though I could see no reason they would have an effect, and nothing helped.
BTW, the problem has now "migrated" to my Win11 machine, too. I suspect now that it only worked because I don't leave it on and whatever update caused this had not yet been applied, but now has since I've left it on.
Given it was working fine on the Win11 machine yesterday, so they were clearly using an acceptable version of TLS, I see no reason the install Firefox and try TLS 1.1. Besides, the message is that the NAS failed to respond, so something is blocking the response. It's not my browser complaining that the protocol is insecure.
Sandshark wrote:
Do the add-ons for OS4.2 and 5 use TLS 1.2 or 1.1?
TLS 1.2. See the comments here:
Both TLS 1.0 and 1.1 were deprecated by the browsers back in 2020 - not just TLS 1.0
Sandshark wrote:
I didn't think 1.2 was considered unsafe and would be blocked by anything.
TLS 1.2 is significantly better than TLS 1.1 and considered safe as long as weak ciphers and algorithms are removed.
Try running inetcpl.cpl Go to the advanced tab, and scroll down to the bottom of the pane. This is what I see on my Win 11 laptop:
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
