NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
1. Looks like it's using SHA1 which is obsolete: Fri Mar 3 07:54:22 2017 us=826132 Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Fri Mar 3 07:54:22 2017 us=826220 Data...
To expand on this: I would like to see configurable SSL certificates. In other words, I do not trust (nor should I) the out of the box certificates used by the VPN service on the router. Please implement a facility for configuring the SSL certificates in addition to managing authentication as someone suggested above.
To take this a step further, implementing two-factor authentication would be ideal where a user could configure their smartphone as the second factor - something that utilizes the standards implemented in the Microsoft and Google Authenticator apps would be a modern way to accomplish this.
VPN's are becoming more common in the consumer market - IoT devices such as security cameras, thermostats and even lightbubs can't be trusted on the open internet thus a secure method of remote management is needed (how else are you going to turn up the heat before you get home?).
A use case I saw recently was someone port forwarding through the firwall/router right to a camera. The camera did not implement SSL on its browser-based management interface so not only was this insecure device available on the public internet, login credentials (which were likely factory default) were sent unencrypted. Configurations like these are trivial to "hack" and must be avoided at all costs.