Reply

iOS 14

awawaw
Guide

Re: iOS 14

We would like to report that after the update 2.6.5.1  , our issue has been resolved (again).   Thanks.

I saw a whole bunch of discussion on "Access Anywhere".  Should I turn that off for added security?

I also saw some discussion on MAC address filter.  I was told it is not useful as the bad guys can clone MAC address and gain access.   Is this another added security which I should turn on?  It will be a lot of work as we have some many items on the network.   

I know nothing about PUP ......    Thanks.

Message 26 of 51
schumaku
Guru

Re: iOS 14

Don't take me wrong: There is nothing wrong with the offering random MAC addresses for WiFi connections..

 

Not acceptable was the iOS 14 (and iPadOS 14, WatchOS 7) forced this on by default on all known connections. Instead, they should have asked the user - while connecting to an SSID for the first time following the update - if the feature should be enabled for this network. And not let people alone and often offline without their home WiFi Internet connection... 

 

Not acceptable again was the iOS 14 introduction of the new Local Network Permission. For not yet updated and legacy Apps, they should have asked on launching the App for the first time (in the forgrund or as a background service) that it appears that the App does require LAN access, and allow to grant the permission if required. And not leave users out there alone with non-workable Apps.

 

Simply a bad job by Apple. And how they were praised for this - at lest before iOS 14 was rolled out widely. Gee, I was starting to love em ....

 

Alphabet did it much better with Android 10 rolled out following a very long test period some weeks before iOS 14 First, they listened to us IT professionals and not to the generation tin hat! Existing WiFi connections configured had not been reconfigured for enforcing the randomized MAC. Permissions of long-time non-used Apps will be removed, being for the new A10 permission system or the legacy permission scheme. When open the Apps later again, the user is queried to allow the permissions required by the App again.

Message 27 of 51
schumaku
Guru

Re: iOS 14


@awawaw wrote:

I saw a whole bunch of discussion on "Access Anywhere".  Should I turn that off for added security? 


It's not just about added security. If you intend to use Anywhere Access enable it. Disable features you have no need.

 


@awawaw wrote:

I also saw some discussion on MAC address filter.  I was told it is not useful as the bad guys can clone MAC address and gain access.   Is this another added security which I should turn on?  It will be a lot of work as we have some many items on the network. 


Some admins are still building on it, some security guidelines and policies still require a managed MAC access list. Undoubted, it does add a certain level of security. As a security person and pentester, I am happy to be a bad guy looking for apparently valid MACs and stying tuned 'till I can jump on the net ... Lot of effort for the management, indeed. Even more effort in the case where some key systems/devices used for the network break down, burned down, or are stolen 8-)

 

 

Message 28 of 51
Stev3D
Luminary

Re: iOS 14

@awawaw , you asked:

> Should I turn that [Access Anywhere] off for added security?

If you have no need or desire to manage your network from outside (away from home or office), then yes.  The general principle is to turn off access features you don't use.  What I learned today sounds like Netgear has done a nice job of safely enabling it (but if you don't need the convenience, it is better to lock the door).

 

Regarding MAC filtering (access control), it should never be realied upon as a first line of defense, and it is surmountable by a determined adversary.  But it is "one more damn thing" that an intruder has to deal with, so from the principle of defense in depth, it can help.  It will, for example, prevent a teenager or employee from giving access to your home network to their friends.  But it does require additional effort (e.g., to keep track of MAC addresses), so for some situations the benefit isn't worth the effort.  You have to decide for yourself (I'm "into" networking and security, so for me it is worth the effort).

 

UPnP ("Universar Plug-and-Play") was a disaster from the start.  It allows any device on the LAN to open up ports on the WAN side.  It was envisioned as a convenience, and is based on the notion that you can trust any device on the inside (your LAN) to be benign (because, what could possibly go wrong <grin>).  Of course, any computer, tablet, or mobile phone on the LAN can visit the the wrong Web page which can initiate a JavaScript that then can "conveniently" open ports that the bad guy wants to open. Or be infected with malware that let's in additional invaders.   I don't know if Netgear still turns UPnP on by default or not (they used to), but from the Web interface for your Netgear product, go to Advanced / Advanced Setup / UPnP and uncheck the "Turn UPnP On" checkbox if it is checked.

Message 29 of 51
schumaku
Guru

Re: iOS 14

Two additions:

 

The thing we talk about is UPnP-PMP (Port mapping protocol) - there are many other features part of the UPnP specs, unrelated to port forwarding. UPnP SSDP is the de-facto standard for discovering printers, scanners, NAS, and many other network devices on a LAN for example.

 

Gaming devices, game programmers, gamers and gamers operating their own gaming hosts are still heavily depending on port forwarding, conveniently handled by UPnP-PMP for many, and manual port forwarding for a few. And the predictable disaster and finger pointing what happens if two or more play the same game on the local network, requiring the same ports forwarded, ... 

Message 30 of 51
awawaw
Guide

Re: iOS 14

Thank you.   I followed your advice and turned off the UPnP which was on.   I did not even remember how to log on with a web page anymore.   Smiley Happy  Thank you everyone.

Message 31 of 51
awawaw
Guide

Re: iOS 14

Well, my exact problem came back again for the 3rd time.   It is like a daily repeating cycle.

Yes, the iphone with the Apple watch cannot access Orbi locally.   All other older iphones, ipad and Andriod phone have no problems.   We are not sure if it is related to the Apple watch update OS 7.0.2 which came out last night.   Is so, perhaps a fundemental change of the Orbi software somehow will be required.   Thank you all.

 

Message 32 of 51
schumaku
Guru

Re: iOS 14


@awawaw wrote:

Yes, the iphone with the Apple watch cannot access Orbi locally.


== can't access Orbi using the Orbi App in local mode, while Anywhere Access is fine?

 

Both the iOS 14 iPhone and the associated WatchOS 7.0.2 have Private Address disabled on the Orbi SSID they are using? -> https://support.apple.com/en-us/HT211227

 

Can access for example your local router in a browser like Safari from the iPhone and the watch? 

Message 33 of 51
schumaku
Guru

Re: iOS 14

...and the iOS system has granted the Local Network Permission for the Orbi App on your network/SSID?

Message 34 of 51
awawaw
Guide

Re: iOS 14

That is something new but it still does not work.   I turned off the private address option for both the iphone and Apple watch and it is still not working.  I also rebooted both just to be safe.  It did not help.

Please note all my other older iphones have the private address option turned on and they do not have any problems accessing Orbi locally.  Also, Orbi did not ask me to turn the private address off during the back and forth support in this community thread.   The only thing I can think of is the fact that the phone has been paired with an Apple watch.   

I had similiar problems with Wemo.   I was not able to add new smart switches.  However, by chance, I tried with the older iphone or ipad and they were able to add the new smart switches instantly.  At the time, Wemo kind of gave up helping me since I was able to add the switches.  From then on, I simply do not use my iphone (paired with Apple watch) to add new smart switches.   Thanks.

Message 35 of 51
Stev3D
Luminary

Re: iOS 14

Two days ago in this thread, I reported:

 

"I got it [the Orbi app update] this morning, and can confirm it works."

 

Last night I attempted to use it again, and it failed, reporting that it cannot connect to my Orbi (the authentication issue was solved, and remained so).  When I checked Settings / Privacy / Local Network, the Orbi app wasn't even listed (aside: Netgear's genie and Nighthawk apps are there, not Orbi!).  When I went to the Orbi app settings, the Local Network item is completely missing.

 

I have deleted and reinstalled the app -- makes no difference.  It's as if a piece of the app is missing (the piece that asks for local network access).

 

Any suggestions (besides uninstalling it and then hard rebooting the phone -- which is my next step)?

Message 36 of 51
schumaku
Guru

Re: iOS 14

@Stev3D If the user has declined the local network permission on the app when the dialog appeared this seem to be stick somewhere in 14.0.1/.2 - after uninstalling and reinstalling from the App Store there is no way to allow local network permission, not from dialog, not from iPhone Settings. The controls are lost in space.

Message 37 of 51
Stev3D
Luminary

Re: iOS 14

@schumaku, that's the weird part.  It was working just fine two days ago.  

 

Last night I attempted to use it, and it barfed (couldn't find the Orbi).  Same iPhone as on Monday (never changed that setting).  It just stopped working between then and no.

 

And today, on my iPad, I am seeing the same thing!  Orbi is absent from the list of yes/no permissions list for Settings / Privacy / Local Network -- and it worked on Monday too.

 

So, there is definitely something screwy with the Orbi app on iPhone/iPad -- this is not normal; this is a software error (my other network management apps work just fine).

 

See attached screen shot.  Orbi is the oddball!

 

 

 

Message 38 of 51
Stev3D
Luminary

Re: iOS 14

Sharing this so others might benefit:  There are a lot of threads addressing the same problem, and based on what I read elsewhere, I did the following:

 

Deleted all Netgear apps from my iPhone

Shut down and restarted the iPhone

Gave it 24 hours

Rebooted (power cycled) the router

Installed the Orbi app fresh

 

And then it asked me if I wanted to allow local network access (finally it asked!), gave it permission, and after that everything worked as it should.

Message 39 of 51
Elfnash
Tutor

Re: iOS 14

Cannot connectm to Orbi through Orbi App version 2.6.5.1

 

Orbi Router Model:RBK50 v2

Orbi Firmware Version:2.70.70

Orbi App Version: (iOS or Android) iOS

Did you update to iOS 14: (Yes or No)yes

Model: RBK53|Orbi AC3000 Tri-band WiFi System
Message 40 of 51
schumaku
Guru

Re: iOS 14


@Elfnash wrote:

Cannot connectm to Orbi through Orbi App version 2.6.5.1

 

Orbi Router Model:RBK50 v2

Orbi Firmware Version:2.70.70

Orbi App Version: (iOS or Android) iOS

Did you update to iOS 14: (Yes or No)yes


To enable local network permission for the Nighthawk or Orbi app:

  1. Launch the Settings app on your iOS device.
  2. Select the Nighthawk or Orbi app from your apps list.
  3. Slide the Local Network slider to the right to enable this feature.

 

https://kb.netgear.com/000062316/Why-am-I-being-asked-to-let-the-Nighthawk-or-Orbi-apps-connect-to-d...

Message 41 of 51
Stev3D
Luminary

Re: iOS 14

@Elfnash, if the advice that @schumaku  give you works, great.

 

The option to toggle on Local Network access was not available (visible) to me (both iPhone and iPad), and removing multiple Netgear apps was necessary (perhaps among other things -- see my note earlier in the thread) to get that ability back.  I suspect that either the Netgear genie or Nighthawk apps (or both) share a common codebase with the Orbi app, and that they are representing themselves in a way to iOS that isn't fully unique -- so the operating system thinks it has granted access already and that the Orbi app is not given the opportunity to make its own request.

 

Based on the huge number of comments, across multiple threads in the Community, they created this problem and they need to fix it.

Message 42 of 51
schumaku
Guru

Re: iOS 14


@Stev3D wrote:

I suspect that either the Netgear genie or Nighthawk apps (or both) share a common codebase with the Orbi app, and that they are representing themselves in a way to iOS that isn't fully unique -- so the operating system thinks it has granted access already and that the Orbi app is not given the opportunity to make its own request.


The circle on apps affected by this issue goes ways beyond the few Netgear apps. Even Google-made apps like YouTube are or used to be hit. There are ongoing discussions in the Apple developer forums all over. Many App devs are digging in the dark...

Message 43 of 51
msebae
Tutor

Re: iOS 14

Problem solved - I found I had an old Netgear Nighthawk app I had to delete, then delete and reinstall Orbi app, and I finally get prompted to allow Local Network access. I do app development and my guess is Netgear is using the same cert for both apps, and iOS14 will only allow one accessibility per cert. So if you got an old Netgear Nighthawk; gotta delete that app for Orbi app to work on iOS14.

Message 44 of 51
Elfnash
Tutor

Re: iOS 14

I found the same thing. Now we just need to get this informational to the phone support team so others don't spend 3 hours on the phone like I did.

Message 45 of 51
Stev3D
Luminary

Re: iOS 14

I did some experimenting to confirm -- you can only have one Netgear application registered at a time.

Message 46 of 51
GY84
Tutor

Re: iOS 14

So after reading this thread and not understanding some of it... Are there any easy difinitive answers on this app? It's been broken for me for close to 2 months at this point. I already have the LAN access activated, but it just says it can't connect. It just tells me Wifi not detected, despite being connected to the phone. I just downloaded the most recent update yesterday and it didn't do anything to fix the problem. Tried deleting and reinstalling again 3 times and it still doesn't recognize the wifi. 

Message 47 of 51
Stev3D
Luminary

Re: iOS 14

@GY84, I feel your pain (if you see my posts, I've been fighting this thing for quite some time).  Two possible sources of good news:

  1. This morning I saw an update on the Orbi app come through -- so maybe, just maybe, Netgear fixed this hot mess, and
  2. The general consensus is that the problem of not seeing the the local network is due to the way Netgear developed their various apps, and if you have more than one installled, it screws up the others.

So, here's what I recommend:  Check to be sure you don't have any other Netgear apps installed on your device (including My Time, Insight, Nighthawk, ReadyCLOUD,  Genie, and Mobile).  Then delete the Orbi app, reinstall it and (before you launch it) reboot your Orbi system (just in case, not sure this matters), and then try it.  That's what worked for me.

 

Let us know how it works out.

 

Message 48 of 51
awawaw
Guide

Re: iOS 14

Hello everyone: I waited a few days after the update of 2.6.6.3 to make sure that the solution is indeed stable. I would like to report that after the update, my problem has been solved. Thank you all. Stay Safe. Wear a mask and also keep 2 metres away from others. I know it is not the best but I have noticed that most people do not follow the 2 metre rule at all. You know what I am talking about. Keep the distance and lower the rate please.

Message 49 of 51
GY84
Tutor

Re: iOS 14

I was super excited to just see and download the new update today that said it fixed the IOS 14 issues, and it still doesn't detect the wifi that my phone literally used to download the app update... I don't have any other netgear apps downloaded. I could always see the local network access slider and it has always been green, so that wasn't my issue. It just refuses to recognize/connect to my orbi wifi router. After the first fail, I deleted and reinstalled the app and tried doing the whole setup process using the trust this device for my phone, and that failed. Then I deleted, reinstalled, and tried telling it not to trust my phone and that also failed. It always says "Wifi Not Detected."

I just tried logging into the router with 2 of my home computers via orbilogin.com and both times, it said it didn't detect any wifi router. I'm beginning to wonder if something is wrong with the programming in the router itself. I just got this thing from costco in March of this year, so it's basically brand new.

Message 50 of 51
Top Contributors
Discussion stats
  • 50 replies
  • 4905 views
  • 12 kudos
  • 14 in conversation
Announcements