Orbi WiFi 7 RBE973
Reply

Not able to login (locally) to R9000 X10

alokeprasad
Mentor

Not able to login (locally) to R9000 X10

I cannot login to the Genie interface of my R9000.  I get the login prompt (username:admin, password) after which the browser (tried firefox, chrome, IE) all show "transferring data from 192.168.1.1" forever.

 

I'm running 1.0.4.28.

 

Any suggestions?

Aloke

Model: R9000|Nighthawk X10 AD7200 Smart WiFi Router
Message 1 of 12

Accepted Solutions
alokeprasad
Mentor

Re: Not able to login (locally) to R9000 X10

It was Bitdefender's Privacy setting.  I had to add the IP address to the whitelist in Bitdefender.

View solution in original post

Model: R9000|Nighthawk X10 AD7200 Smart WiFi Router
Message 2 of 12

All Replies
alokeprasad
Mentor

Re: Not able to login (locally) to R9000 X10

It was Bitdefender's Privacy setting.  I had to add the IP address to the whitelist in Bitdefender.

Model: R9000|Nighthawk X10 AD7200 Smart WiFi Router
Message 2 of 12
schumaku
Guru

Re: Not able to login (locally) to R9000 X10


@alokeprasad wrote:

It was Bitdefender's Privacy setting.  I had to add the IP address to the whitelist in Bitdefender.


...for http only. The R9000 does support https, and comes with a valid certificate for routerlogin.net et all:

 

R9000 https routerlogin.net.PNG

Message 3 of 12
alokeprasad
Mentor

Re: Not able to login (locally) to R9000 X10

Does using routerlogin.net (instead of 192.168.1.1) require a fuctional internet access?

How is the name "routerlogin.net" resolved?

 

Curious.

Aloke

Model: R9000|Nighthawk X10 AD7200 Smart WiFi Router
Message 4 of 12
antinode
Guru

Re: Not able to login (locally) to R9000 X10

> Does using routerlogin.net (instead of 192.168.1.1) require a fuctional
> internet access?

 

   No.

 

> How is the name "routerlogin.net" resolved?

 

   The router intercepts it, and returns its own LAN IP address.

 

   If your client device is configured to use some real-world DNS server
instead of a Netgear router, then you might find yourself talking to a
Netgear web server with a misleading/useless error page for your
enjoyment.

 

      https://community.netgear.com/t5/x/x/m-p/1365830

 

   Interestingly, a typical Netgear router will intercept a request for
one of those "routerlogin" names, even when it's configured as a
wireless access point, and you might expect it not to deal with DNS.

Message 5 of 12
alokeprasad
Mentor

Re: Not able to login (locally) to R9000 X10


@antinode wrote:

 

   If your client device is configured to use some real-world DNS server
instead of a Netgear router, then you might find yourself talking to a
Netgear web server with a misleading/useless error page for your
enjoyment.

 

In Win10's network IPv4 settings, I have the Gateway set to the R9000 (192.168.1.1) and DNS to Cloudflare and Google (1.1.1.1 and 8.8.8.8).

Thats what ipconfig shows as well. In the router's Advanced Internet setup. I have these DNS entered as well.

 

Routerlogin.net is still getting resolved correctly to 192.168.1.1 (I am seeing the router's setup screens) in Win10.

How come?

Message 6 of 12
antinode
Guru

Re: Not able to login (locally) to R9000 X10

> [...] DNS to Cloudflare and Google (1.1.1.1 and 8.8.8.8). [...]
> [...] Routerlogin.net is still getting resolved correctly to
> 192.168.1.1 [...]

 

   The R9000 could be intercepting even more DNS stuff than I'd expect,
or your Windows system or web browser could be using a cached value.

 

   What does "nslookup routerlogin.net" say?

Message 7 of 12
alokeprasad
Mentor

Re: Not able to login (locally) to R9000 X10


@antinode wrote:

> [...] DNS to Cloudflare and Google (1.1.1.1 and 8.8.8.8). [...]
> [...] Routerlogin.net is still getting resolved correctly to
> 192.168.1.1 [...]

 

   The R9000 could be intercepting even more DNS stuff than I'd expect,
or your Windows system or web browser could be using a cached value.

 

   What does "nslookup routerlogin.net" say?


Other browsers that I never use (IE 11) is taking me to the router when going to routerlogin.net

 

nslookup routerlogin.net in a command prompt (w admin priv) goes to 1.1.1.1 and then times out.

 

DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 1.1.1.1

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
*** Request to UnKnown timed-out

 

PS: I'm not complaining .. I would like to understand how things work.

Model: R9000|Nighthawk X10 AD7200 Smart WiFi Router
Message 8 of 12
antinode
Guru

Re: Not able to login (locally) to R9000 X10

> nslookup routerlogin.net in a command prompt (w admin priv) goes to
> 1.1.1.1 and then times out. [...]

 

   Not what I'd expect.  How do you get anything to work if a basic DNS
look-up fails?  What does "ipconfig /all" say about your DNS servers?

 

   Restart the Windows system?  (I'm confused.)

Message 9 of 12
alokeprasad
Mentor

Re: Not able to login (locally) to R9000 X10

Things are working as they are supposed to:

 

My nslookup is going to my chosen DNS (cloudflare's 1.1.1.1).

routerlogin.net is not in cloudflare's (or any public DNS's) lookup table.  No public DNS can or should return local non-routable IP addresses in the 192.168.x.x range for any name lookup.

When I nslookup microsoft.com, I get legit response:

C:\WINDOWS\system32>nslookup microsoft.com
Address: 1.1.1.1

Non-authoritative answer:
Name: microsoft.com
Addresses: 40.112.72.205
40.113.200.201
104.215.148.63
13.77.161.179
40.76.4.15

 

The mystery is: how is routerlogin.net getting resolved to 192.168.1.1?

It has not been added to the hosts file.

The router is trapping this somehow and resolving it.  It is not passing it to my selected DNS (as it indeed should not).

Model: R9000|Nighthawk X10 AD7200 Smart WiFi Router
Message 10 of 12
antinode
Guru

Re: Not able to login (locally) to R9000 X10

> [...] routerlogin.net is not in cloudflare's (or any public DNS's)
> lookup table. [...]

 

   Sure it is:

 

ITS $ nslookup routerlogin.net 1.1.1.1
Server:  one.one.one.one
Address:  1.1.1.1

 

Non-authoritative answer:
Name:    routerlogin.net
Addresses:  52.222.218.163, 52.222.218.174, 52.222.218.243, 52.222.218.14

 

ITS $ nslookup routerlogin.net 8.8.8.8
Server:  google-public-dns-a.google.com
Address:  8.8.8.8


Non-authoritative answer:
Name:    routerlogin.net
Addresses:  13.33.140.226, 13.33.140.95, 13.33.140.159, 13.33.140.55

 

   These are not the LAN IP address of your router, but the look-up
should succeed.  (Else, how would anyone get to those misleading/useless
error pages?)

 

   Using the router as the DNS server, you should get the router's LAN
IP address:

 

ITS $ nslookup routerlogin.net 10.0.0.1
Server:  www.routerlogin.com
Address:  10.0.0.1

 

Non-authoritative answer:
Name:     routerlogin.net
Address:  10.0.0.1


> [...] The router is trapping this somehow and resolving it. [...]

 

   Yes.  It's a design feature.  It allows a user to use a single method
to talk to a Netgear router management web site, without knowing what
that router has chosen for its LAN IP address.

Message 11 of 12
schumaku
Guru

Re: Not able to login (locally) to R9000 X10

Not sure yet why @alokeprasad  nslookup test from above does fail (without an Internet connection) resp. does return an error or the public IP addresses.

 

Needless to say, an active business, privacy, or hide-my-a** VPN, or the presence of DNScrypt (e.g. also as a plug-in in a browser) does prohibit this MITM-like behaviour. 

 

In general, the Netgear routers and wireless extenders are intercepting DNS queries for the domain(s) these devices [like e.g. routerlogin.net/.com for routers, orbilogin.net./.com for Orbi, mywifiext.net/.com for extenders, ..], and forging a query response supposeldy coming from that same IP address queried - that's all:

 

Netgear DNS Interception.PNG

Aside, what I don't understand, is why Netgear does not use the same DNS based mechanism instead of the HTTP one for their consumer device domain URL and URL keyword filtering - that would to some extent cover then HTTPS, too. But that's probably to much of a design change.

 

 

Message 12 of 12
Top Contributors
Discussion stats
  • 11 replies
  • 5357 views
  • 0 kudos
  • 3 in conversation
Announcements

Orbi WiFi 7