Reply

Nighthawl R6700v3 Security Issues

RJK666
Aspirant

Nighthawl R6700v3 Security Issues

Hi,

I have a R7600v3 with the latest firmware loaded.

I have TWO security issuses.

First I have been trying to find out how to selectively open a port in the 'firewall' for a particular project.  Netgear support after offering several ineffective solutions basically suggested turning the router sucurity off to solve the problem.   Any ideas please.

Second. Under Advanced / Security  I can turn on 'Access control' which is supposed to limit connections to IP devices that I authorise.  One device on my network is an Epson L6030 Wifi multi function network printer and scanner; this is registered in the Access Control panel.    When Access control is 'on' the router appears to be blocking the results from scans being returned to network PC clients.  When Access Control is 'off' no problems.

Does anyone else have similar spurious security problems?  What are the solutions to keep security and functionality?   Thanks.

Message 1 of 6
antinode
Guru

Re: Nighthawl R6700v3 Security Issues

> I have a R7600v3 with the latest firmware loaded.

 

   R6700v3?

 

   As always, an actual version number would be more useful than your
opinion of what's "the latest" today.

 

> First I have been trying to find out how to selectively open a port in
> the 'firewall' for a particular project. [...]

 

   In my experience, people who talk about ports being "open" or
"closed" often don't understand the problem.  What, exactly, is this "a
particular project"?

 

> Second. Under Advanced / Security I can turn on 'Access control'
> which is supposed to limit connections to IP devices that I authorise.
> [...]


   What, exactly, are you trying to stop?  Connections to your LAN from
selected client devices?  Connections to your client devices from the
outside world?  Other?

 

> [...] When Access control is 'on' the router appears to be blocking
> the results from scans being returned to network PC clients. [...]

 

   What, exactly, do you expect "Access Control" to do?  What does
Netgear say that it will do?

 

   Visit http://netgear.com/support , put in your model number, and look
for Documentation.  Get the User Manual.  Read.  Look for "Access
Control".

 

> [...] What are the solutions to keep security and functionality? [...]

 

   Define "security".  Is there some actual problem which you are trying
to solve?

Message 2 of 6
RJK666
Aspirant

Re: Nighthawk R6700v3 Security Issues

This is the SECOND reply.... the first appears to have been burned....

Firmware Version
V1.0.4.98_10.0.71

 

With the FIRST issue.  I need to open port 1700 for a specific project requirement to accept reply / acknowledgement messages.

 

I have followed several sets of instructions from a Netgear Support consultant.   After which from external testing of the router the port still appears to be closed.    My communications with the consultant ended with the advice, "shut off all the security and the problem will go away".....

 

I am used to working with router firewalls which offer 'pinholing' options to solve this type problem; but it appears this router does not have a conventional firewall accessible to the owner.

 

The SECOND issue that has just become apparent is that with recommended security enable the router is blocking scanned information from my wifi network multi function unit an Epson L3060 from being returned to the PC client which is registered as an allowable device  under Advanced / Access control.

 

Help says "

To enable Access Control:

Select Turn on Access Control check box. Selecting this check box lets you block or allow computers or electronic devices from accessing your network. You have to select this check box before you can specify an Access Rule and use the Allow and Block buttons. When this check box is cleared, all devices are allowed to connect, even if the device is in the blocked list.

Access Rule radio buttons. Select the radio button for the Access Rule that you want for new devices attempting to connect to your network. The Access Rule does not affect previously blocked or allowed devices. It applies only to future devices joining your network after you apply these settings.

By default, “Allow all new devices to connect” is selected, so if you or your family buy a new device, it will be able to access your network without configuring its MAC address in this page.

NETGEAR recommends that you keep this option selected. If you change this to “Block all new devices from connecting”, then your new device won't be able to access your network until you specifically add its MAC address into the allowed list. For example, if a new computer has both wireless and Ethernet network connections, each connection has its own MAC address, you'll need to add specifically both MAC addresses to the allowed list."

 

I expect this to limit connections to the router to 'authorised' devices....

 

Security is designed to keep the 'bad guys' out. Let the 'good guys' play safely inside.  After this I should be able to configure the router to selectively open ports or pinholes in the firewall to  meet my own needs at my own risk.

 

None of this is covered in the downloadable User Manual....

 

Advice needed.  

 

 

 

 

 

 

Model: R6700|Nighthawk AC1750 Smart WiFi Router
Message 3 of 6
antinode
Guru

Re: Nighthawk R6700v3 Security Issues

> [...] I need to open port 1700 for a specific project requirement to
> accept reply / acknowledgement messages.

 

   Apparently, to you, "exactly" means something different from what it
means to me.  What, exactly, are you running which listens at port 1700?
What, exactly, is supposed to talk to it?

 

> I have followed several sets of instructions from a Netgear Support
> consultant. [...]

 

   With my weak psychic powers, I have no idea what those "instructions"
might have been.  Nor what you did with them.

 

> [...] After which from external testing of the router [...]

 

   "testing"?

 

> [...] the router is blocking scanned information from my wifi network
> multi function unit an Epson L3060 from being returned to the PC client
> [...]


   None of that is a useful problem description.  It does not say what
you did.  It does not say what happened when you did it.  As usual,
showing actual actions (commands) with their actual results (error
messages, LED indicators, ...) can be more helpful than vague
descriptions or interpretations.

 

> Security is designed to keep the 'bad guys' out. Let the 'good guys'
> play safely inside. [...]

 

   Ok.  If I didn't want what Access Control does, then I wouldn't
enable it.

 

> Advice needed.

 

   You might try providing better answers to questions.

 

   For the usual problems with port forwarding, see:

 

      https://community.netgear.com/t5/x/x/m-p/1859106

Message 4 of 6
RJK666
Aspirant

Re: Nighthawk R6700v3 Security Issues

1. The reason or application behind my need to open port 1700 is none of your business it is a simple technical requirement.

 

2. The intructions i received from the Netgear support consultant related to re-flashing the firmware twice (in case i did not get it right the first time).  Resetting everything on the router and finally disabling all of the routers security systems...

3.   None of the internet 'open ports' security testing sites indicated that the port had been successfully opened.

4. The new discovery related to information not being returned to the client PC from scanning on the epson L3060 wifi multifunction printer/scanner when the unit was an 'allowed connection' to the router.

5. The port forwarding URL does not apply to my router as the menu options offered don't appear on the Nighthawk R6700v2.

6. The router does not perform as described in the promotional material available at Amazon where it came from.

7. suggest you get some yoga training as your agressive approach to responses here will end having some advers efftect on you.

8. The easiest solution for me is to dump the router and draft a suitably negative review of the unit and the literature describing its functions or lack thereof.....   Official Netgear Support has not even bothered to respond to the latest round of problems.... this says it all.

 

Message 5 of 6
antinode
Guru

Re: Nighthawk R6700v3 Security Issues

> 1. The reason or application behind my need to open port 1700 is none
> of your business it is a simple technical requirement.

 

>    In my experience, people who talk about ports being "open" or
> "closed" often don't understand the problem.  What, exactly, is this "a
> particular project"?

 

   Still true.  Hence the desire to determine what you're actually
trying to do.  But I can't compel your cooperation.

 

> 3. None of the internet 'open ports' security testing sites
> indicated that the port had been successfully opened.

 

   See "For the usual problems with port forwarding [...]", above.
Plenty of questions and tests there.  No evidence of any answers or
results here.


> 5. The port forwarding URL does not apply to my router as the menu
> options offered don't appear on the Nighthawk R6700v2.

 

   What's a "port forwarding URL"?  Do you mean that cited thread with
"the usual problems"?  Which "the menu options", exactly, "don't
appear"?

 

> 7. suggest you get some yoga training [...]

 

   That's about as helpful as the rest of your responses.

 

> [...] this says it all.

 

   This must be some new meaning for "all".

Message 6 of 6
Top Contributors
Discussion stats
  • 5 replies
  • 547 views
  • 0 kudos
  • 2 in conversation
Announcements

Orbi WiFi 6E