NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Dear Netgear & Orbi Pro Supporter
I recently bought the Orbi SXR80 router and want to use VPN to remotely connect to my office. But I am amazed that the certificates for the connection cannot be changed in the administration interface. VPN is unusable because if the certificate falls into the wrong hands, anyone can connect to my device via VPN. This happens quickly if a cell phone is lost or stolen. Why not add a function to change the certificate? This should be very easy to do. According to the following link, this was apparently already planned:
This function is also required by other users:
https://community.netgear.com/t5/Orbi-Pro-WiFi-for-Small-Business/How-to-renew-VPN-private-key/m-p/1689399
I urgently ask you to install this function, because without a VPN switched on is a major security problem!
Kind regrads
Carlos
12 Comments
I recently purchased a different Netgear device (RAX70). I was surprised that this is the case with most other models too. It's quite disappointing and would be really easy to implement. I''ve found 5 year old threads mentioning this issue. Given how long there have been call to fix this issue and Netgear's apparent lack of respect for it's customers I'll return my freshly purchased router. I'd suggest anyone else having a similar problem should do the same.
The VPN implementation is not fit for purpose.
Can't agree more.
However: There is more required. From the security prospective, each user or each technical VPN connection requires a dedicated user account and a personal certificate.
Completely not acceptable if a single certificate installed with many users and devices (resp. the private key) needs to replaced on many devices.
