NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Hello Netgear Development Team,
I procured the Netgear Orbi 763s to have an excellent wireless backbone and to access my home LAN resources outside my home ( e.g from the office, at friends'/relatives' places, or any remote location).
With the Orbi 763s firmware version V6.3.6.2_1.2.66, I just have to copy the configuration file to the OpenVPN folder to be able to connect to my home resource from anywhere around the world.
The problem with this setup is that there is a lack of control:
1) Firstly, if my OpenVPN configuration file gets leaked, somebody will be able to access my home resource with just the OpenVPN configuration file and I won't even know until my systems are compromised or data are stolen.
2) If my phone or laptop gets stolen, there is no way I can prevent the thief to access my home resource if he/she manages to break through the phone/laptop.
3) When I share the VPN access with my family members, I want to be able to identify who has connected to the home resource at a given time. With the current method, I have no way to have this information.
4) In addition, I want to add multi-factor authentication, like email /sms code to log in to OpenVPN.
#rbk763
2 Comments
Something you should contact NG support about and let them know more directly.
You should have password code enabled at least on the phone or any mobile devices that you travel with. Should it get stolen, makes it hard to break into. Also keep location and Find My Device enabled so if it does get stolen, you can factory reset the device remotely. That's your responsibility. Not NGs.
Having no VPN authentication for incoming sessions creates a serious security concern. Without authentication, there is no way to ensure that only authorized personnel are accessing the network. This could leave the network vulnerable to unauthorized users, who could potentially gain access to confidential data or postnet network operations. To protect the network and its data, it is important to ensure that all incoming sessions to the VPN are authenticated.
