× NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
× Introducing the new Orbi 770 Series Mesh System. To learn more click here.
Orbi WiFi 7 RBE973

Re: OpenVPN Update?

OpenVPN Update?

The deadline for the update for OpenVPN to stop using md5 has now passed, and even though Netgear said the update would be out before the deadline (I didn't really even believe it back then) here we are on May 3rd and there's still no update for our systems...


Could someone at Netgear please chime in and explain why it's taken over a year to roll out this update, and why we're not over the deadline with no idea when you folks will provide us a working update?

Message 1 of 9

Re: OpenVPN Update?

MD5 was considered insecure for use in certificates nearly 10 years ago. Netgear does not now, and never has cared about security.



Message 2 of 9

Re: OpenVPN Update?

So I guess this is the norm, right? Ignore problems until users just move on to a more reliable product? Glad I kept my Amplifi routers!

Message 3 of 9

Re: OpenVPN Update?

Netgear, can you please provide an update on when the firmware update is coming that will support SHA256 certificates in lieu of MD5 for OpenVPN.  You released an update for the R8000 on 5/25.  When will orbi RBR50 be updated to support this?

Message 4 of 9

Re: OpenVPN Update?

An update on if they are working on the issue would be appreciated indeed.

Model: RBR50| Orbi AC3000 Tri-band WiFi (Router Only)
Message 5 of 9

Re: OpenVPN Update?

At this point it's been over a month since the cutoff, and Netgear STILL has not provide any response that I would deem as valuable. This is honestly ridiculous as it's been a known thing for a year now, and they still have not addressed this. It really does feel like they're ignoring this in hopes it will just go away. Pathetic.

Message 6 of 9

Re: OpenVPN Update?

Might connect with one of the forum Moderators about this...



Message 7 of 9
Sr. NETGEAR Moderator

Re: OpenVPN Update?

Message 8 of 9

Re: OpenVPN Update?

Well, that update may deal with a (very) old problem, but it still lags insofar that the "smartphone" VPN generation immediately yields warnings from modern software that there is more that needs updating.


To wit, the output from Tunnelblick is rather detailed about what the problem is:


Warning: This VPN may not connect in the future.

The OpenVPN configuration file for 'smart_phone' contains these OpenVPN options:

'comp-lzo' was deprecated in OpenVPN 2.4 and removed in OpenVPN 2.5

You should update the configuration so it can be used with modern versions of OpenVPN.

Tunnelblick will use OpenVPN 2.4.6 - OpenSSL v1.0.2o to connect this configuration.

However, you will not be able to connect to this VPN with future versions of Tunnelblick that do not include a version of OpenVPN that accepts the options.


I guess you can't get it more detailed than that.  


Given that Netgear has made setting up "back to base" VPNs incredibly easy, it would be disappointed to discover that that was a one off.  I am very impressed with the Orbi (to the point of having installed two pairs elsewhere already) so I would hope that Netgear keeps up this winning streak.


The actual warning that pops up.The actual warning that pops up.

Message 9 of 9
Top Contributors
Discussion stats
  • 8 replies
  • 3 kudos
  • 7 in conversation

Orbi 770 Series