NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

alokeprasad's avatar
alokeprasad
Mentor
Apr 05, 2019
Solved

Not able to login (locally) to R9000 X10

I cannot login to the Genie interface of my R9000.  I get the login prompt (username:admin, password) after which the browser (tried firefox, chrome, IE) all show "transferring data from 192.168.1.1"...
Troubleshooting
  • alokeprasad's avatar
    alokeprasad
    Apr 05, 2019

    It was Bitdefender's Privacy setting.  I had to add the IP address to the whitelist in Bitdefender.

antinode's avatar
antinode
Guru
Apr 14, 2019

> [...] routerlogin.net is not in cloudflare's (or any public DNS's)
> lookup table. [...]

 

   Sure it is:

 

ITS $ nslookup routerlogin.net 1.1.1.1
Server:  one.one.one.one
Address:  1.1.1.1

 

Non-authoritative answer:
Name:    routerlogin.net
Addresses:  52.222.218.163, 52.222.218.174, 52.222.218.243, 52.222.218.14

 

ITS $ nslookup routerlogin.net 8.8.8.8
Server:  google-public-dns-a.google.com
Address:  8.8.8.8


Non-authoritative answer:
Name:    routerlogin.net
Addresses:  13.33.140.226, 13.33.140.95, 13.33.140.159, 13.33.140.55

 

   These are not the LAN IP address of your router, but the look-up
should succeed.  (Else, how would anyone get to those misleading/useless
error pages?)

 

   Using the router as the DNS server, you should get the router's LAN
IP address:

 

ITS $ nslookup routerlogin.net 10.0.0.1
Server:  www.routerlogin.com
Address:  10.0.0.1

 

Non-authoritative answer:
Name:     routerlogin.net
Address:  10.0.0.1


> [...] The router is trapping this somehow and resolving it. [...]

 

   Yes.  It's a design feature.  It allows a user to use a single method
to talk to a Netgear router management web site, without knowing what
that router has chosen for its LAN IP address.

schumaku's avatar
schumaku
Guru - Experienced User
Apr 15, 2019

Not sure yet why alokeprasad  nslookup test from above does fail (without an Internet connection) resp. does return an error or the public IP addresses.

 

Needless to say, an active business, privacy, or hide-my-a** VPN, or the presence of DNScrypt (e.g. also as a plug-in in a browser) does prohibit this MITM-like behaviour. 

 

In general, the Netgear routers and wireless extenders are intercepting DNS queries for the domain(s) these devices [like e.g. routerlogin.net/.com for routers, orbilogin.net./.com for Orbi, mywifiext.net/.com for extenders, ..], and forging a query response supposeldy coming from that same IP address queried - that's all:

 



Aside, what I don't understand, is why Netgear does not use the same DNS based mechanism instead of the HTTP one for their consumer device domain URL and URL keyword filtering - that would to some extent cover then HTTPS, too. But that's probably to much of a design change.