Reply
Highlighted
Apprentice

Firmware auto update domain

I was running firmware 2.0.0.74 on my Orbi system with NVRAM set to disable updates. Everything was running prefect as that firmware is rock steady for me. Today I found my system had self updated to the latest firmware even though NVRAM was set to prevent this.

Does anyone know what domain name Orbi uses when self updating? I'm thinking of blocking the domains at the firewall level to prevent Orbi from selfupdating again.

Model: RBK50| Orbi AC3000 High-Performance Tri-Band WiFi System
Message 1 of 8

Accepted Solutions
Highlighted
Virtuoso

Re: Firmware auto update domain

Kept digging on this and learned the following:

 

TCP port 443 (HTTPS): http.fw.updates1.netgear.com

 

TCP port 21 (FTP): updates1.netgear.com

 

I believe those two are all that's necessary to block.  Orbi tries HTTPS first, then FTP.

View solution in original post

Message 3 of 8

All Replies
Highlighted
Virtuoso

Re: Firmware auto update domain

I suspect this will be very hard to block.

 

When I just checked, Orbi did an A-record lookup for:

 

A1599ER83NVYL8.iot.us-west-2.amazonaws.com

Message 2 of 8
Highlighted
Virtuoso

Re: Firmware auto update domain

Kept digging on this and learned the following:

 

TCP port 443 (HTTPS): http.fw.updates1.netgear.com

 

TCP port 21 (FTP): updates1.netgear.com

 

I believe those two are all that's necessary to block.  Orbi tries HTTPS first, then FTP.

View solution in original post

Message 3 of 8
Highlighted
Apprentice

Re: Firmware auto update domain

Thank you! 

Message 4 of 8
Highlighted
Apprentice

Re: Firmware auto update domain

Does that keep them out of the Orbi or just out of the computers on the LAN behind the Orbi ?

 

Model: RBK53| Orbi Router + 2 Satellites Orbi WiFi System
Message 5 of 8
Highlighted
Virtuoso

Re: Firmware auto update domain

It should prevent the Orbi from finding any updates to the firmware.

Message 6 of 8
Highlighted
Apprentice

Re: Firmware auto update domain

I want to thank you for your posts. I went a step further and blocked all internet access for the Orbi units using my firewall. I'm pleased to see this workaround works great at preventing forced updates.Screen Shot 2018-02-05 at 8.07.52 PM.png

 

 

Message 7 of 8
Highlighted
Star

Re: Firmware auto update domain

Can you please provide more details how did you do that?

 

These auto-updates by NG besides a failure are just anoying and disrespectful with customers.

There are some posts on this forum from certain NG "developers" that clearly show how arrogant and at the same time ignorant they are.

They think they now everything and assume all customers are just dumb.

 

Message 8 of 8
Top Contributors
Discussion stats
  • 7 replies
  • 3460 views
  • 4 kudos
  • 4 in conversation
Announcements