× Introducing the Orbi 970 Series Mesh System with WiFi 7 technology. For more information visit the NETGEAR Press Room.
Orbi WiFi 7 RBE973
Reply

NETGEAR SUPPORT: "VPN is REQUIRED for Nighthawk REMOTE ACCESS"

pecnj
Aspirant

NETGEAR SUPPORT: "VPN is REQUIRED for Nighthawk REMOTE ACCESS"

 I could not do remote administration of my NIGHTHWAK AX8 router even though I had

"REMOTE ACCESS" on, "EVERYONE" access selected and the default 8080 port selected.

 I am located a 3 hour drive from my NIGHTHAWK router. 

Depending on the browser I would get a no connection or a dialog screen, with and without http:// or https://  porotocol.   On Firefox, I got great details saying that "Firefox could not trust accessing my router IP because there was no valid Certificate for it.  Only Certificates for routerlogin.net, routerlogin.com, orbilogin.net, orbilogin.com, and the www. variants of those domains had certificates.  Using routerlogin.nert etc. Came back with the fact that I and to be on my local LAN network for that to work. WHAAAT??

 

Netgear suppoprt call was even more bizarre. First she wanted me to type on my PC (the one located 3 hours from my NIGHTHAWK)  http://10.1.10.37:8443    ... TOTAL asnd exprxted failure.  I even tried to ping that ..  there was nothing but timeouts and that. WHY that?     I was then told "YOU HAVE TO GO TO THAT ROUTER LOCATION and then INSTALL, SETUP, ADMINISTER an OpenVPN !"      WHATTT???   What does the checkbox about enabling "Remote Access" mean?  Why does it neglect to say don't bother if you do not have VPN?   Obviously it is totaly bogus to insist on puttig OpenVPN for remote access.  What is it with www.remotelogin.ner and the varriants?  If you use that URL it will not work, the logins require LAN access to function.

 

 

Thinking about calling ang getting another "EXPERT". 

Model: RAX80|Nighthawk AX8 8-Stream WiFi Router
Message 1 of 2
schumaku
Guru

Re: NETGEAR SUPPORT: "VPN is REQUIRED for Nighthawk REMOTE ACCESS"

Netgear seems to be in need for even more experts - so better don't call if you don't want to overstress your health.

 

1. All the current and "new" RAX80 (120, 40, ...) User Manuals are wrong:

===

Use Remote Access
To use remote access:
1. Launch a web browser on a computer that is not on your home network.
2. Type your router’s WAN IP address into your browser’s address or location field
followed by a colon (:) and the custom port number.
For example, if your external address is 134.177.0.123 and you use port number
8443, enter http://134.177.0.123:8443 in your browser.
===

2. On the remote access port - well possible there are some more limitations that these can't be overlap with the related internal ports -  you always have to use https ... not http.

 

3. As you will access either by a DDNS name or a IPv4 address, it's obvious the factory certificate can't match.

 

4. An ability to add user provided certificates to the Nighthawk https (and ssh) service(s) is badly missing. Ideally would be the ability to run two certificates: One for the [W]LAN access, one for the Internet access. While disliked by many security auditors (cont me in here, too) LEt's Encrypt would be the obvious approach for this consumer class device.

5. The mentioned routerlogin.net or routerlogin.com (for the Nighthawk routers) or e.g. the orbilogin.net (for the Orbi router) andso on does only work if the router is able to capture the DNS lookup - so you need to be on the router local [W]LAN.

Message 2 of 2
Top Contributors
Discussion stats
  • 1 reply
  • 1614 views
  • 1 kudo
  • 2 in conversation
Announcements

Orbi WiFi 7