- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
OpenVPN server config problems - compression and authorization on RBR40
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
OpenVPN server config problems - compression and authorization on RBR40
The OpenVPN server on this model is still using SHA1 authorization and lz0 compression and those (along with other things like link MTU size) cannot be set anywhere. SHA1 is long outdated and vulnerable and really needs to be replaced. lz0 has been deprecated and is also a security vulnerabiliby.
I haven't seen any way (through web interface or telnet) to change any of these settings. There is a vpn_compress_conf set to '694649456848239', whatever that means.
Has anyone found a way to alter any of these settings or heard anything about upcoming firmware that will address this? I'm on the latest 2.5.1.16.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: OpenVPN server config problems - compression and authorization on RBR40
@bkeith4web wrote:The OpenVPN server on this model is still using SHA1 authorization and lz0 compression and those (along with other things like link MTU size) cannot be set anywhere. SHA1 is long outdated and vulnerable and really needs to be replaced. lz0 has been deprecated and is also a security vulnerabiliby.
I haven't seen any way (through web interface or telnet) to change any of these settings. There is a vpn_compress_conf set to '694649456848239', whatever that means.
Has anyone found a way to alter any of these settings or heard anything about upcoming firmware that will address this? I'm on the latest 2.5.1.16.
And you have followd these directions:
To enable the VPN service on your Orbi system using an Android or iOS device:
- Launch web browser from a mobile device that is connected to your router’s network.
- Enter orbilogin.com.
A login window opens. - Enter the router user name and password.
The user name is admin. The default password is password. The user name and password are case-sensitive.
The BASIC Home page displays. - Select Advanced > Advanced Setup> VPN Service.
The VPN page displays. - Select the Enable VPN Service check box and click APPLY.
- Click the FOR SMART PHONE button to download the OpenVPN configuration files.
- On your mobile device, download and install the OpenVPN Connect app from the Google Play store or Apple app store.
- On your computer, unzip the configuration files that you downloaded and send the files to your device.
Note: When you open the .ovpn file, a list of apps displays. Select the OpenVPN Connect app to open the .ovpn file.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: OpenVPN server config problems - compression and authorization on RBR40
Thanks again for the reply @Mstrbig , my vpn works but the issues are (in particular) with the use by Netgear of SHA1 auth and lzo compression, both of which are deprecated and security risks. I've been seeing posts covering 3 years plus by people asking Netgear to address this since it seems to be in firmware which is disappointing if true.
• What is the difference between WiFi 6 and WiFi 7?
• Yes! WiFi 7 is backwards compatible with other Wifi devices? Learn more