This topic has been marked solved and closed to new posts due to inactivity. We hope you'll join the conversation by posting to an open topic or starting a new one.
Hi all. I'm a new Nighthawk owner as of yesterday. My router is an RAX35. So far, everything is working great but I have a security question.
Using the Nighthawk app on my phone, I can remotely manage the router. Seems to work great even though the RAX35 is the inner router on a double-nat. So I assume that the router is connecting to some Netgear servers outside of my network allowing me to use the app without having to configure port forwarding. Thats all fine.
Here's my issue. If I look at the web configuration utility (not the app) of the RAX35, it shows that 'Remote Management' is disabled. So why can the app still remote manage my router with 'Remote Management' disabled? I noticed on the app that there is another 'Remote Management' disable setting, but that doesn't seem to affect the setting on the router's web configuration utility.
I can pose all sorts of security scenarios here, but I'll just start with one. What if someone enabled Remote Management using the app, then returned this router to the store. Someone else purchases this router, brings it home, sets it up using the web interface (only) and decides NOT to use the app. Can the previous owner still remotely control this router using the app unbeknownst to the guy who just bought it thinking he is the first owner? Isn't there anyway to view allowed remote connections to this router besides using the app?
I contacted Netgear support and posed this question to a tech. She was actually very responsive and understood my concern immediately. She raised a good point. When I bought the router, I immediately changed the password from the default. When I installed the app and it found the router, it asked for the username/password. So in my hypothetical scenario in my previous post, it doesn't appear that would be an issue as long as I changed the password on the router. I can't believe I didn't think of this before. Still, the tech was concerned that the disable 'Remote Management' setting on the app has no effect on the 'Remote Management' setting on the web interface. She said they would investigate that part further.
At this point, I'm satisfied with their response. I'm pleased with the router and my first support experience.
I contacted Netgear support and posed this question to a tech. She was actually very responsive and understood my concern immediately. She raised a good point. When I bought the router, I immediately changed the password from the default. When I installed the app and it found the router, it asked for the username/password. So in my hypothetical scenario in my previous post, it doesn't appear that would be an issue as long as I changed the password on the router. I can't believe I didn't think of this before. Still, the tech was concerned that the disable 'Remote Management' setting on the app has no effect on the 'Remote Management' setting on the web interface. She said they would investigate that part further.
At this point, I'm satisfied with their response. I'm pleased with the router and my first support experience.
In looking at the RAX120 User Manual (pages 110-111), I suspected that Remote Management allows a user to access the router from anywhere, whereas Remote Access with the Nighthawk App only allows access to the router when connected to the home network.
But, this hypothesis appears to be false: I am able to successful access the router through the Nighthawk App, even when disconnected from the home WiFi network and with the router’s Remote Management feature disabled.
Topology, after a few days of use, it appears that the app has an entirely different set of functions from the web based utility although some settings 'borrow' from the other. I'm satisifed with Netgear's explanation on the remote control 'security' issue and I' finding that the app and the web based utility each have their own advantages. So far, I'm liking this router although it takes some getting used to. But so far, so good.
