NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
RAX120 login exposed?
I have checked the router setting for port forwarding / triggering, disabled remote management, etc. However the router's login prompt is accessible external using HTTP (not https though). Using http:...
So there is NO way to disable the router's login from an IP address that is outside of your local network (any IP address on the global) and only allow local administration of the device?
Straitpipe wrote:
login from an IP address that is outside of your local network (any IP address on the global)
Have you tried doing that?
Something tells me that you haven't understood all of the messages posted so far.
You need to enable remote access to use an IP address on the WAN that is outside your local network. That does use https as well as a different username and password.
perhaps this group hasn't understood my post.
In very clear terms
-Remote management is DISABLED in the router's web GUI
-From an external IP address, in a browser a user can go to the HTTP external IP address (WAN IP) of the router.
-It exposes the login prompt for the router which enables remote management which should be disabled as per the first bullet.
If you look in remote management after logging in its not on, because remote managment is only used by the Nighthawk app amongst other things. The link the router provides is a way to log into its interface directly, its not facing the internet and its not remote management in the way you are thinking. Netgear has always offered a link to the GUI interface via a brower straight into the router, its not going via the internet and remote management is not in use. How else would you log in?
when you login in locally you use the intneral LAN ip address. somethink like http://192.168.0.1. I am talking about when i am NOT ON the local LAN and I use Using http://WANIP/m/
This url allows remote access to the router using the WAN IP from a location like my local coffee shop.
I am asking how to disable remote access from an external ip address to my router. I would only like admin my router from within my own network.
As no one seems to understand the issue, perhaps you can convince people by describing the steps they need to take to reproduce this behaviour.
There are some serious informed people here. (Count me out there.) That no one gets the point, despite the number of times you have put it forward, is puzzling.
Let's start over. I will over simplify this. The network would look like this (using incorrect IPs so don't try and access them).
RAX120 router with Internal network IP of router is 192.168.0.1. This is the IP used for accessing the router's web gui.
The External WAN IP of router is 71.71.40.5 which is connected to an internet provide like Spectrum, xfintity, (it doesn't matter which one)
I go to my local starbucks and buy an $8 coffee. I boot up my laptop and connect to the starbucks network. I go into chrome and type in.
This brings up a login prompt for my router. How do i disable the ability to remotely access the login of my router using the above url?
It can't be any simpler than that.
(latest firmware, no port forwarding, no port trigger, remote managment disabled, using a very strong password, etc.)
Try going to the web UI and Enable remote management and then disable remote management. It sounds similar to the QoS issue where QoS is enabled even though it shows as disabled in the UI. The only way to truly disable it is to enable it.... wait 30 seconds... then disable it... after that it may be truly disabled instead of just showing as disabled in UI.
Straitpipe wrote:
Let's start over. I will over simplify this. The network would look like this (using incorrect IPs so don't try and access them).
RAX120 router with Internal network IP of router is 192.168.0.1. This is the IP used for accessing the router's web gui.
The External WAN IP of router is 71.71.40.5 which is connected to an internet provide like Spectrum, xfintity, (it doesn't matter which one)
I go to my local starbucks and buy an $8 coffee. I boot up my laptop and connect to the starbucks network. I go into chrome and type in.
This brings up a login prompt for my router. How do i disable the ability to remotely access the login of my router using the above url?
It can't be any simpler than that.
(latest firmware, no port forwarding, no port trigger, remote managment disabled, using a very strong password, etc.)
You cant, and with a strong password it should not matter. Its like saying can I only want to log into Amazon via my own network, not the coffee shop. The answer is no but that's down to you, Amazon want people to log in from anywhere, and Netgear want people to have access to thier routers from anywhere too (should have HTTPS) although even thats not as secure as you think, just have a google. The URL is there so you can log in and check your router or update settings (never leave it to auto update, that can be a nightmare) from any source, although if you have set up email notifications that should save you having to do that.
The case here is dont log in from untrusted networks, dont store the password in your browser and only log in from your home network, now that's not difficult. Its like logging into a banking site from a wifi point in any shop, you just don't do it. You could log in using a VPN possibly that would be better, but if you are not logging in nobody else can log in either, there are millions of Netgear routers and people tend to access them from own home networks, or the app, which I avoid. Yes HTTPS should be used, but also using common sense from where you login goes a long way. People are not trying to log into every Netgear router all the time they look for backdoors in that show in logs, hence keep your security up to date. Netgear routers also now force you to use a more complex password during set up. Basically I understand what youre asking for but that isn't available, and wont be. Netgear are lagging with a SSL login but you cant turn that feature off, just as you cant turn off the ability to lgin into amazon from anywhere in the world, or stop someone trying to use a brute force attack to get your amazon password. Maybe suggest Netgear use 2FA, and HTTPS. Until then use a complex password and log in from public wifi access points, only login from your home. Also make sure your firmware is always up to date to make sure bad actors cant break in easily anyway in ways that are much more than a devices primary login.* and dont log in from public wifi access points
Just a thought what firmware are you using? With remote manament turned off you should not be able to log in unless you enable remote managment. Have you updated to the latest Hotfix and done a factor reset? With remote management turned on you can define what device/devices can acess your router, maybe that would be preferable as a work around. Also as mentioned everywhere online, have a complicated password, they really do help.
https://kb.netgear.com/976/Enabling-your-router-s-remote-management
I have done a factory reset. I did try enabling remote management. Then waiting and disabling similar to a previous defect.
I am using firmware V1.0.1.90.
The default remote management url for Netgear is https://ipaddress:8443. The url I am referring to which is exposed is different hence the original request.
If people are responding with responses like "it's ok to have it exposed" it's Pleaselike using Amazon...thank you but please refrain from responding as exposing administrative interfaces to routers fro. External network locations is not even close to the same thing as a publicly facing site.
I totally understand what you are saying. Just to clarify, are you actually able to login or is the router just displaying the username/password screen and would actually reject login attempts? If you are actually able to login to the router from an external network with remote management turned off, it should be marked as a security bug in firmware.
I cannot test this because I run the router in AP mode which greys out remote management.
Straitpipe wrote:
The default remote management url for Netgear is https://ipaddress:8443.
This is, of course, also the entry point through Remote Management itself, but with the address
https://[username].mynetgear.com:8443
How would someone else find your WAN address from a coffee shop?
Or is it just a random attack thing?
If you have a fixed WAN address from your ISP it probably isnt difficult for someone to find out your specific IP address.
However, I'd imagine there are lots of tools out there that would just cycle through random IP address & look for an active responce.
If the router responds to a request for WAN IP & opens a login page then you are wide open to a brute force attack.
Accepted, someone could only modify your router settings & mess up your network but I guess they can also see connected devices, change your password, open ports, enable port forwarding etc.
If the router is set to "Remote Management Disabled" then I, like the OP, would not expect the router to respond at all from outside the local network....
Have things changed with the new firmware update? 1.0.1.108? As said if you can actually log in then report this as a security bug ASAP, if you can just but see a HTTP login but cant actually log into the router itself then as much of a pain as it is you are going to have to wait till netgear decides to use HTTPS. Contact them as many of us have and complain.
