Reply

Do you see the same strange IP address show up in the rou...

skC3700-10
Aspirant

C3700-100NAS Router forwarding my traffic to Africa IP when my or my wife's cell phone connects

Greetings,

 

I think I have a serious security breach, but I can't figure out if its the router or our i-phone's that are infected.  I'm thinking more towards the router, because I have attached screen shots that show before my iphone connects, after my iphone connects and it is given a normal private ip in the 192.168.0.0/24 range, then in a few seconds if I refresh the private ip changes to 102.146.28.0!!!

 

I did a whois on that IP and it is from an ISP in the Africa Region!  

If I turn off my wifi on my phone then and refresh the list of devices again it will of course go off the network and not be seen again until my iphone or my wife's connects to the network.  The phones still receive the proper IP though of that private range so I think maybe I got infiltrated by VPN filter big security issue recently, but I have followed the steps to get rid of the malware by factory restore then upgrading with the bug fix from Netgear and then locking down all access except for my known devices mac addresses.  

 

I installed antimalware TotalAV on my macbook and my iphone along with a VPN to encrypt my traffic on my iphone.  They didn't find anything at all.  Do I just need to buy a new router?  And any idea what is causing this?refresh after initial connectionrefresh after initial connectionno iphone connectedno iphone connectediphone initial connectioniphone initial connection

 

Model: C3700|N600 Cable Gateway Docsis 3.0
Message 1 of 7

Accepted Solutions
jg121234
Tutor

That is so strange.  I'm out of ideas on this one.  As a...

That is so strange.  I'm out of ideas on this one.  As a work-around you can set the IP address on the phone to manual instead of DHCP under WIFI settings.  You would need to do this for 2.4G and 5G if you connect to both.

Set the IP address to something like 192.168.0.150 

Set the Gateway address to 192.168.1.1

Set the DNS address to 192.168.1.1 for the primary and 8.8.8.8 for the backup.

Obviously this is just a workaround and not a real solution to what is going on...

 

View solution in original post

Message 6 of 7

All Replies
jg121234
Tutor

What does it say on the actual iPhone when it is connecte...

What does it say on the actual iPhone when it is connected?  Go under Settings/Wi-Fi/ then click the connected wifi network.  Is the configure IP setting set to Automatic or Manual?  What are the settings?  How about the DNS and HTTP PROXY settings?  Normally they should Automatic and Off respectively.

Also, take a look under Settings/General/VPN  Are there any VPNs set up in there?  If so, what do the settings look like?

Message 2 of 7
skC3700-10
Aspirant

Re: What does it say on the actual iPhone when it is connecte...

The settings on my iPhone appear normal with the expected ip using dhcp to obtain the settings automatically from the router. I see the expected up and no proxy is configured. I recently setup a vpn through phone guardian that connects to their server in the expected up range. I just recently set that up though as the issue was happening before I had set it up so I don’t think there is any issue with the von settings.
Message 3 of 7
jg121234
Tutor

Do you see the same strange IP address show up in the rou...

Do you see the same strange IP address show up in the router under Advanced/Administration/Attached Devices?  

Also, what are the settings under Advanced/Setup/LAN Setup?  DHCP address range?  Do you have any Address Reservations set up?

Message 4 of 7
skC3700-10
Aspirant

Re: Do you see the same strange IP address show up in the rou...

Yes I do see it in attached devices.  See picture.  No I do not have any predefined ranges, it was the default for this model of router.  See picture.

 

attached devices screenattached devices screenScreen Shot 2018-06-13 at 10.42.34 PM.png

Message 5 of 7
jg121234
Tutor

That is so strange.  I'm out of ideas on this one.  As a...

That is so strange.  I'm out of ideas on this one.  As a work-around you can set the IP address on the phone to manual instead of DHCP under WIFI settings.  You would need to do this for 2.4G and 5G if you connect to both.

Set the IP address to something like 192.168.0.150 

Set the Gateway address to 192.168.1.1

Set the DNS address to 192.168.1.1 for the primary and 8.8.8.8 for the backup.

Obviously this is just a workaround and not a real solution to what is going on...

 

View solution in original post

Message 6 of 7
skC3700-10
Aspirant

Re: That is so strange. I'm out of ideas on this one. As a...

Thanks all for your ideas!  I was hoping to find the root cause, but since I haven't had any luck in my searches online and you guys are out of ideas, I applied the work around to just staticly assign ip's to my devices and turn off dhcp.  This appears to have done the trick as the iphones now connect with the ip's I configured and don't redirect to africa.  Either way I'm getting a new router.  Thanks!

Message 7 of 7
Top Contributors
Discussion stats
  • 6 replies
  • 4342 views
  • 1 kudo
  • 2 in conversation
Announcements

Orbi WiFi 6E