Reply

Re: How to enable SSH on BR200 Firewall?

ticedoff8
Aspirant

How to enable SSH on BR200 Firewall?

I have a new BR200 firewall (replaced an old ProSafe FVS318G).

How do I enable SSH in the BR200?

I've looked in all the GUI screens in Basic & Advanced and cannot find anything about enabling SSH

Message 1 of 9
DaneA
NETGEAR Moderator

Re: How to enable SSH on BR200 Firewall?

@ticedoff8,

 

As far as I have checked the BR200 user manual here, SSH is not mentioned.  It is possible that SSH access is only for the higher tier of NETGEAR Support.

 

 

Regards,

 

DaneA

NETGEAR Community Team

Message 2 of 9
MrJoshW
NETGEAR Expert

Re: How to enable SSH on BR200 Firewall?

Hello,

 

SSH is not a feature on the BR200 unit as we do not allow internal access to the unit at this time.

Message 3 of 9
ticedoff8
Aspirant

Re: How to enable SSH on BR200 Firewall?

NETGEAR Moderator

"As far as I have checked the BR200 user manual here, SSH is not mentioned.  It is possible that SSH access is only for the higher tier of NETGEAR Support."

Yes, I checked the manual too.

 

I have the WAC720 ProSafe wireless gateway that does have SSH and that is the only way I could dig myself out of the hole that was created when I upgraded its firmware and the new firmware did not support one of the "special" characters that I used in the password. Because it had SSH, I could PuTTY into the WAC720 using the old password and change it without having to start over again.
I would place the BR200 on the same tier as the WAC720 in terms of business class network devices.

 

This seems like a omission by NETGEAR.

"SSH is not a feature on the BR200 unit as we do not allow internal access to the unit at this time."
Being that the BR200 is relatively new, is anything on the roadmap for future releases of firmware that will enable / include SSH to the BR200?

 

Message 4 of 9
schumaku
Guru

Re: How to enable SSH on BR200 Firewall?

The WAC720/730 has a more or less unofficial CLI (not a Linux shell) accessible by SSH.

 

The BR200 does not have a CLI, so no need to open up an SSH access. For the unlucky password situation (caused by a late spec change i guess), a factory reset would have resolved the issue, too.

 

 

Message 5 of 9
ticedoff8
Aspirant

Re: How to enable SSH on BR200 Firewall?

"The WAC720/730 has a more or less unofficial CLI (not a Linux shell) accessible by SSH.

 

The BR200 does not have a CLI, so no need to open up an SSH access. For the unlucky password situation (caused by a late spec change i guess), a factory reset would have resolved the issue, too."

The WAC720 has a serial port - that is how I was able to log in and change the password because I had not previously enabled the SSH log-in. But, the serial port saved me. Because there is a serial port, the CLI on the WAC720 is not "unofficial" - it is built-in.

 

The ProSAFE FVS318G Firewall has a serial port too. And, the CLI was better than it's GUI. The GUI on the FVS318G was basically a lame GUI-adaptation of the CLI. I replaced the FVS318G with the BR200 because the FVS318G was only getting 30Mb/S on a 100Mb/S ISP uplink even though the FVS318G has all 1GbE ports (design limitations). I didn’t notice the BR200 didn’t have a serial port until I took it out of the box.

 

While the BR200 doesn't have a CLI today, it definitely needs one.

Suggesting a CLI is not needed in the BR200 is like suggesting that Cisco / Arista / Juniper products don't need a CLI. There is more to configuration, debugging and password recovery than a GUI can provide.

 

At least the BR200 is getting better throughput than the FVS318G.

Message 6 of 9
MrJoshW
NETGEAR Expert

Re: How to enable SSH on BR200 Firewall?

We do plan to make improvements to the BR200, but cannot confirm what features are in the pipeline for this product. Be sure to be on the lookout for any updates to the BR200 in the near future.

Message 7 of 9
jdrch
Apprentice

Re: How to enable SSH on BR200 Firewall?

Not sure you'd want SSH anyway as the Linux kernel version is pretty ancient (2.x, IIRC, based on an nmap scan I ran.) At that age SSH would be much more of a security risk than a benefit. 

Mechanical engineer by day, home sysadmin by night
Model: BR500|Insight Instant VPN Router
Message 8 of 9
schumaku
Guru

Re: How to enable SSH on BR200 Firewall?

Agree @jdrch . However, some simple testing tools like ping or traceroute, either from the local UI and/or Insight, or from a local shell would be the minimum.

Message 9 of 9
Discussion stats
  • 8 replies
  • 547 views
  • 2 kudos
  • 5 in conversation
Announcements