Reply
Highlighted
Apprentice

Re: Netgear R7000 and OpenVPN for Android App

NG needs to get its s together when cutomers are coming up with a fix. Is the elite tech support incompetent or sitting on their a while we wait and wait for a solution?

Message 26 of 139
Highlighted
Apprentice

Re: Netgear R7000 and OpenVPN for Android App


@ClarDold wrote:
I won't enjoy some pointers.

I _would_ enjoy just some pointers.
(I shouldn't post from my phone.   I miss some of the helpful auto-corrects.)

Message 27 of 139
Highlighted
Apprentice

Re: Netgear R7000 and OpenVPN for Android App

So, decided to use ASUS-Merlin by Vortex for my R7000.  It has VPN, and guess what, when it genrates certificates and keys it uses 1024bit, SHA256 signed certificate, and negotiates with AES-128-GCM/AES-256-GCM/AES-128-CBC/AES-256-CBC keys by default, but I can generate my own and paste them in if I want as well.

 

Seems ASUS has it all together.

Message 28 of 139
Highlighted
Apprentice

Re: Netgear R7000 and OpenVPN for Android App


@juched wrote:

So, decided to use ASUS-Merlin by Vortex for my R7000.  [...]

Seems ASUS has it all together.


Well, that's disappointing, because I just retired my Asus because of WiFi instability and lockups.
How did you decide that firmware would run on the R7000?

And would it also run on the R7000P?

Message 29 of 139
Highlighted
Guide

Re: Netgear R7000 and OpenVPN for Android App

Nice, thanks for the info, downloaded the package, will see if I feel like reconfiguring my router just now or would rather wait a bit for a hypothetical update from NG...

Message 30 of 139
Highlighted
Luminary

Re: Netgear R7000 and OpenVPN for Android App

FYI NG is so far ignoring any attempt I make to get them to thumbs up me posting a guide for their own firmware, so if you guys still want that feel free to hit up your favorite moderators and see if you have any better luck...
Message 31 of 139
Highlighted
Guide

Re: Netgear R7000 and OpenVPN for Android App

I don't see why you'd need to ask permission for that.

Message 32 of 139
Highlighted
Luminary

Re: Netgear R7000 and OpenVPN for Android App

I don't know what the forum rules are, didn't find any link to them.
Message 33 of 139
Highlighted
Apprentice

Re: Netgear R7000 and OpenVPN for Android App

Even if you install the improvised user suggested fix, which is great, for sure you should still file a complaint against NG:

 

https://www.bbb.org/losangelessiliconvalley/business-reviews/internet-services/netgear-in-san-jose-c...

 

It only takes a few mins to fix. NG has not fixed the problem voluntarily and the MD5 issue has benn known for a long time. Yet NG continues to market its routers OpenVPN feature. That is direlection of duty. In fact, NG should be sued. Filing a complaint with the BBB is a preliminary step to prove on paper NG is ignoring the problem even after inquiry using a third party. This is a first step leading up to dropping the atom bomb (class action lawsuit seeking remedies) on them.

Message 34 of 139
Highlighted
Guide

Re: Netgear R7000 and OpenVPN for Android App

i got a response from NG via the BBB complaint.  they opened a case for me and now i just need to get them info about my router.  will see if anything happens from there.

Message 35 of 139
Highlighted
Guide

Re: Netgear R7000 and OpenVPN for Android App


wrote:
I don't know what the forum rules are, didn't find any link to them.

I don't think you will get a reply from NETGEAR staff!

 

Every time this forum have discussion on the firmware of NG about the OpenVPN security issue, they won't have positive reply.

You can find a similar case to the discussion of OpenVPN certificate which can never be changed with NETGEAR firmware.

 

Now everyone know that OpenVPN have changed the policy that it will no longer support MD5 certificate / encryption after April 30.  This warning message display clearly in the updated edition of OpenVPN connect for Android phone!  How come NETGEAR have no plan to change its firmware?  

I don't see this warning with OpenVPN connect in iPad.  Anyone know the case of iPhone?

 

My router is R6220.  I think all NETGEAR router have the same issue.

Message 36 of 139
Highlighted
Star

Re: Netgear R7000 and OpenVPN for Android App

Please publish your instructions to update the certificates using a proper Hashfunction, I don't want to wait any longer for NG.

 

Which doesn't mean we cannot keep the pressure up!

 

Maybe we should launch a facebook campagin or so, blaimng NG for not reacting!

Model: R8000|Nighthawk X6 AC3200 Smart WIFI Router
Message 37 of 139
Highlighted
Apprentice

Re: Netgear R7000 and OpenVPN for Android App

I opened a case with support a long time ago.  In an awkward realization, I see that I can't read any of the old history of the case, nor see when it was opened.

This is their latest response:
Please downgrade the firmware by following the below link and check whether the issue persists. 
https://kb.netgear.com/000049362/R6900P-R7000P-Firmware-Version-1-2-0-22

They don't know if it will fix the problem?  
My update back to the case was that I don't want to downgrade to test for them, and asked when they were going to fix this problem.

Model: R7000P|Nighthawk AC2300 Smart WiFi Router with MU-MIMO
Message 38 of 139
Highlighted
Aspirant

Re: Netgear R7000 and OpenVPN for Android App

has anyone tried the most recent hot fix.  it lists Security

R7000 Firmware Version 1.0.9.26 - Hot Fix

Bug Fixes:

  • Fixes the Wi-Fi disconnect issue caused by a flood of broadcast traffic.
  • Fixes security issues.

 

https://kb.netgear.com/000053870/R7000-Firmware-Version-1-0-9-26-Hot-Fix

 

Model: R7000|Nighthawk AC1900 Dual Band WiFi Router
Message 39 of 139
Highlighted
Luminary

Re: Netgear R7000 and OpenVPN for Android App

It always lists security. It's completely f***ing meaningless since NG won't say what security issues they addressed and thus you also can't know which they did not address.

Worst. Release notes. Ever.

They should be ashamed. No company serious about security would do this.
Message 40 of 139
Highlighted
Apprentice

Re: Netgear R7000 and OpenVPN for Android App

Firmware Version V1.3.0.20_10.1.1

I've seen no changes to the VPN config page, and the old certs still work.

 

Model: R7000P|Nighthawk AC2300 Smart WiFi Router with MU-MIMO
Message 41 of 139
Highlighted
Luminary

Re: Netgear R7000 and OpenVPN for Android App

I'll try to get my instructions up this weekend. Sorry, I've been busy with work and I just gave up dealing with the router the past few weeks since NG took so long to address the firmware stability, I lost interest.
Message 42 of 139
Highlighted
Aspirant

Re: Netgear R7000 and OpenVPN for Android App

Hi !

 

As this seems like a big issue for everyone, it would be great if you could post the steps, even in a basic form and not detailed as much.

I'm a networking guy myself and I will find the time to take this and turn it into a guide. just give me the bare minimum.

 

thanks!

Model: R7000|Nighthawk AC1900 Dual Band WiFi Router
Message 43 of 139
Highlighted
Apprentice

Re: Netgear R7000 and OpenVPN for Android App

R7000P Firmware Version V1.3.0.20_10.1.1

I received a phone call from Netgear L2 Expert support.

The change in OpenVPN certs has been accomplished for some Netgear routers, and will be finished for the R7900P before the drop dead date for Android OpenVPN.

I asked which routers had already been updated, and she couldn't tell me.


My R7000P Firmware Version V1.3.0.20_10.1.1 has a 2018-01-23 15:12   R7000P-V1.3.0.20_10.1.1.chk
I looked at the opensource download, and it has a 2018-02-15 10:16:03 V1.3.0.10_1.2.2_gpl, so there is something newer underway.

It still has an MD5 ca.crt, though.

 

 

 

Model: R7000P|Nighthawk AC2300 Smart WiFi Router with MU-MIMO
Message 44 of 139
Highlighted
Luminary

Re: Netgear R7000 and OpenVPN for Android App

That's interesting. As a status update, I have spent many hours this week already writing a guide, I have to fit it in around work/life. I hope to have something up here in the next few days.
Message 45 of 139
Highlighted
Tutor

Re: Netgear R7000 and OpenVPN for Android App

I submitted an email support request to Netgear yesterday asking when they plan to release a new firmware with an updated OpenVPN server build that uses SHA256 instead of MD5 signing algorithm, but I've yet to receive any useful info.

Message 46 of 139
Highlighted
Guide

Re: Netgear R7000 and OpenVPN for Android App

BBB closed my case and said that NG responded adequately.  They said they are working on a fix but no ETA.

Message 47 of 139
Highlighted
Guide

Re: Netgear R7000 and OpenVPN for Android App

It is hard for me to understand why it is so difficult to change the encryption method?

It seems all VPN servers except NG OpenVPN have different options for encryption.

Message 48 of 139
Highlighted
Guide

Re: Netgear R7000 and OpenVPN for Android App

NG update the firmware frequently but not including the encryption of OpenVPN!

I don’t know if they are interested to update the model R6220 which I have since it is not the most popular model in the market unlike R7000.

Message 49 of 139
Highlighted
Star

Re: Netgear R7000 and OpenVPN for Android App

I'm looking forward to see if I can update my R8500 with your method.  I have telnet enabled.

Are you by chance loading your certificates via the hidden page? http://192.168.1.1/OPENVPN_hidden.htm

 

Message 50 of 139
Top Contributors
Discussion stats
Announcements