This topic has been marked solved and closed to new posts due to inactivity. We hope you'll join the conversation by posting to an open topic or starting a new one.
Typing 192.168.1.1 to access my router does not prompt for a username or password. I do not save or cache passwords. The behaviour is the same on Chrome, IE, Firefox, and Edge. The behaviour is the same regrdless if I try on any compter as long as the computer is logged into my wireless network. I have confirmed on 5 different computers including computer with newly installed Windows and computers that access the network the first time. This is a major security flaw as anyone I give temporary access to can access my router. Ive, tried resetting the router, rebooting it, and
With no help from NG support I have found the problem and the solution.
The two important details are, when the status led is solid white and won't go out, this means the router is still not fully setup. When in this state everything functions as expected and the user will not have any operational or functional issues, including modifying setup within the GUI.
The problems are that the white led status light stays on, and you can acccess the GUI from the WAN and LAN side.
The problem I found is during the setup process using the Orbi app, the last step takes you to a page where NG is trying to sell you added support. Previously I ignored this and closed out the app.
The solution is that you must make a selection, I chose no thanks. Once you make your selection the Orbi flashes the white status light and then the app moves to the next screen which states setup complete. White status light goes out as expected, and you are now prompted with a login pop up when trying to access the GUI using WAN or LAN.
Should someone experience this issue and are unable to resolve, please pm me and I will provide more details to assist you in correcting these two issues.
Can a moderator please mark this discussion as resolved.
I've tried hard reset, restoring settings, changing password. Strill, any computer connected to the network can access the administrative panel at 192.168.1.1
Note that my original setup was manual as my provider requires PPPOE login with VLAN ID. I read many years ago online that similiar problems arose with users using manual setup. One user theorized that the setup never registered as complete allowing login with no password.
This is a serious security flaw that needs to be addressed or published to the broader community as people consider buying thios product.
Typing 192.168.1.1 to access my router does not prompt for a username or password. I do not save or cache passwords. The behaviour is the same on Chrome, IE, Firefox, and Edge. The behaviour is the same regrdless if I try on any compter as long as the computer is logged into my wireless network. I have confirmed on 5 different computers including computer with newly installed Windows and computers that access the network the first time. This is a major security flaw as anyone I give temporary access to can access my router. Ive, tried resetting the router, rebooting it, and
I have reported this to netgear support weeks ago. They have no idea as to the cause. Their solution is to return the unit to Costco and get a new one. Now that someone else has reported this. I believe this may be a FW issue. I have spent over 5 hours on the phone with level 2 support, with no resolution. My support ticket is still open since Jan 2nd. My unit had this issue from day one out of the box. Directly after setup I noticed access to GUI and the Orbi app without prompting for user name or password. You can also access the GUI from outside the network via fixed IP or Dynamic domain without entering a username or password. This is a huge security risk and nergear should be utilizing all their resources to get this resolved.
My unit is the new Costco version model RBR840 WiFi 6 AX.
I have the RBR850 on that firmware (V3.2.9.2_1.2.4) and do not have that issue - I have to log in every time, and even logging in from a second computer or my phone will log the first session out. Not sure what is going on for you that is different.
Typing 192.168.1.1 to access my router does not prompt for a username or password. I do not save or cache passwords. The behaviour is the same on Chrome, IE, Firefox, and Edge. The behaviour is the same regrdless if I try on any compter as long as the computer is logged into my wireless network. I have confirmed on 5 different computers including computer with newly installed Windows and computers that access the network the first time. This is a major security flaw as anyone I give temporary access to can access my router. Ive, tried resetting the router, rebooting it, and
She contacted me only to tell me they still have no idea as to the cause of the issue.
she states that my case is awaiting next level support.
frustrating that I paid $600 for a unit with a security flaw in which I am not using because of this security flaw. You would think netgear would pull out all of their resources to at least attempt to understand why you can access the GUI without being prompted to login. My internet provider assigns a fixed IP address, I can type in this IP address and access the Orbi GUI without being asked for any user name or password. This seems serious to me, but I guess netgear does not. My case has been open since January 4th. Very poor experience with netgear support and product.
Is this IP address the WAN side IP address (##.##.###.###) that your accessing from a remote location? Or from the LAN side 192.168.1.1?
I persume that Remote Managment is disabled?
Takes time for NG to test and reproduce problems found if there is a problem. Nothing happens over night. Just because only a couple of users are seeing this, doesn't mean everyone is.
I also talked to NG and they said they could not reproduce. Others as well when access the LAN side IP address at 192.168.1.1. We all get the log in window. Please confirm that this is the WAN side your trying to access and not the admin page from the LAN side. Lets be clear about this. Just want to fully understand.
Might ask support about an RMA while there is stil time. Also ask about any beta FW as well. They sometimes have a beta you can try.
She contacted me only to tell me they still have no idea as to the cause of the issue.
she states that my case is awaiting next level support.
frustrating that I paid $600 for a unit with a security flaw in which I am not using because of this security flaw. You would think netgear would pull out all of their resources to at least attempt to understand why you can access the GUI without being prompted to login. My internet provider assigns a fixed IP address, I can type in this IP address and access the Orbi GUI without being asked for any user name or password. This seems serious to me, but I guess netgear does not. My case has been open since January 4th. Very poor experience with netgear support and product.
I can access the GUI from both the wan and lan side without being asked to log in.
Remote management is unchecked.
You would thin they would just replace the unit?
As far as an RMA
they cannot figure out how to complete as my unit is the Costco iteration RBR840
I'm just trying to help them investigate. But beyond frustrated! Just gonna return to Costco.
furry wrote
Is this IP address the WAN side IP address (##.##.###.###) that your accessing from a remote location? Or from the LAN side 192.168.1.1?
I persume that Remote Managment is disabled?
Takes time for NG to test and reproduce problems found if there is a problem. Nothing happens over night. Just because only a couple of users are seeing this, doesn't mean everyone is.
I also talked to NG and they said they could not reproduce. Others as well when access the LAN side IP address at 192.168.1.1. We all get the log in window. Please confirm that this is the WAN side your trying to access and not the admin page from the LAN side. Lets be clear about this. Just want to fully understand.
Might ask support about an RMA while there is stil time. Also ask about any beta FW as well. They sometimes have a beta you can try.
@Blanca_O should be able to help figure out a RMA.
So you have a RBK850 or 840? Possible FW differences if you have a 840, however base code should be the same in regards to PW authentication and log in, regardless of WAN or LAN between 850 and 840. I didn't get a chance to test the 840.
Ask about a beta.
If you return the unit, try another unit if possible. I and others are not seeing this with the 850 system. I'll check the WAN side again.
So finally some calls me from netgear support and asks for a debug log file while accessing the UI.
I follow the instructions sent in email, then when trying to upload the debug file to my case on mynetgear it says file size to large. Ha, I can start and stop the debug file and the size is 11.4 mb
size limit is 10.0 he then asks me to compress the file that is already compressed and a zip file. The support agent then proceeds to ask me if he can place me on a brief hold, then he hangs up. No call back? Netgear support is about as worthless as calling AT&T. I'm done with trying to help netgear, my case has been ongoing since Jan 4th with nothing close to a resolution. Well Costco will be getting a return for another failed netgear product. Hopefully I will never need to use netgear support in the future as my experience has been less than adequate.
Meanwhile you could have uploaded that file to dropbox or google drive and shared the link to NG support so they could have downloaded it directly with out the file size limitation. Try to remember this next time should you have to share something with someone.
Well I'm the consumer not the support tech? You would think netgear support would have mentioned this? Why if disconnected from support did I not get a call back? All of my efforts and time are in the interest of netgear understanding and resolving this issue, that may or may not come up with someone else? You would think they would appreciate my time and effort?
I cannot spend another hour of my time with support that is inconsistent and lacking in knowledge.
Glad I purchase at Costco, this affords me the option to return. Sorry netgear.
furry wrote
Meanwhile you could have uploaded that file to dropbox or google drive and shared the link to NG support so they could have downloaded it directly with out the file size limitation
Ok well I believe this deals with the 840 vs 850. Though should be same base code, something on the 840 and in it's FW differs. I'm still not seeing this on my 850 system.
Hopefully NG can figure out what the differences are between the 840 and 850 FW. @Blanca_O@ErnestTheGreat
One person suggested clearing the cache. In my original post I stated the lack of login occurs regardless of new vs existing windows install and regardless of browser type and across all 5 computers I own. That means cache is not the issue but for those troubleshooting note that I also clear the cache also.
