Suggest a router that has a VPN

Tazz 316

Getting the hang of it
Joined
Aug 11, 2016
Messages
258
Reaction score
54
I'm looking to replace my netgear R7000 since netgear still uses MD5 and has yet to update the firmware.
 

fenderman

Staff member
Joined
Mar 9, 2014
Messages
36,897
Reaction score
21,250
I'm looking to replace my netgear R7000 since netgear still uses MD5 and has yet to update the firmware.
there was a new update in the last few weeks...see if it resolved the md5 issue
 

Tazz 316

Getting the hang of it
Joined
Aug 11, 2016
Messages
258
Reaction score
54
When i check i still get No new firmware version available. But there is one on there site to download, i wonder if it will fix the MD5 issues.

Wouldn't you need to use a new key if they fixed it.
 
Last edited:

bigredfish

Known around here
Joined
Sep 5, 2016
Messages
17,012
Reaction score
47,464
Location
Floriduh
Im getting the a message about it when i use the VPN on my phone. Says it will expire end of April. Guess I need to dig into it this weekend..
 

bigredfish

Known around here
Joined
Sep 5, 2016
Messages
17,012
Reaction score
47,464
Location
Floriduh
It shows Im running the most current firmware
Firmware Version
V1.0.9.26_10.2.31

iphone OpenVPN client says this when opening it:

OpenVPN received a cert signed with MD5.
Please inform your admin to upgrade to a stronger algorithm.
Support for MD5 will be dropped at end of April 2018
 

fenderman

Staff member
Joined
Mar 9, 2014
Messages
36,897
Reaction score
21,250
.28 is the latest.. see the website they are rolling it out slowly... You can download manually
 

bigredfish

Known around here
Joined
Sep 5, 2016
Messages
17,012
Reaction score
47,464
Location
Floriduh
hmmmmm I wonder if we need to re-issue the cert for the mobile app after the upgrade to the server to .28....?
 

squeeze

n3wb
Joined
Mar 5, 2018
Messages
8
Reaction score
5
Quick Google search shows you can successfully replace the certificates on Netgear routers yourself, oddly enough because Netgear routers are one of many that have Sercomm backdoors that unlock full admin access to a router by throwing magic packets at it unlocking a hidden Telnet server in the router.

Here are some instructions to replace Netgear OpenVPN certificates
 

bigredfish

Known around here
Joined
Sep 5, 2016
Messages
17,012
Reaction score
47,464
Location
Floriduh
Thanks @squeeze appreciate your help. That looks to be Android specific, wonder how different IOS/ iPhone is?

Now I cant wait to go through all of those technical steps to simply update my router/certs that NG should allow for in the GUI :( The average user wont make it past step 1. I may get to step 3 :confused:

I may just say fuck it and by a new Asus router with OpenVPN - after I verify this has been updated..
 

xlarons

Young grasshopper
Joined
Apr 16, 2018
Messages
70
Reaction score
17
Location
UK
Just to throw this idea in there, what about getting any router you like and adding an OpenVPN server on another device on your network?
 

Tinman

Known around here
Joined
Nov 2, 2015
Messages
1,208
Reaction score
1,472
Location
USA
Thanks @squeeze appreciate your help. That looks to be Android specific, wonder how different IOS/ iPhone is?

Now I cant wait to go through all of those technical steps to simply update my router/certs that NG should allow for in the GUI :( The average user wont make it past step 1. I may get to step 3 :confused:

I may just say fuck it and by a new Asus router with OpenVPN - after I verify this has been updated..
I agree, seems Netgear is losing ground, or least with me. I am on my second Nighthawk X6S (from Costco). The 2.4 radio went out of the first one and the VPN in it is a joke. I run OpenVPN on my BI machine and it works perfect. I am hoping Costco will change brands someday down the road and then maybe this unit will be going back. BTW I already had a TP-link from Costco fail as well, so I am on the 3rd time around with them, but they always just give me my money back :)
 

looney2ns

IPCT Contributor
Joined
Sep 25, 2016
Messages
15,521
Reaction score
22,657
Location
Evansville, In. USA
I agree, seems Netgear is losing ground, or least with me. I am on my second Nighthawk X6S (from Costco). The 2.4 radio went out of the first one and the VPN in it is a joke. I run OpenVPN on my BI machine and it works perfect. I am hoping Costco will change brands someday down the road and then maybe this unit will be going back. BTW I already had a TP-link from Costco fail as well, so I am on the 3rd time around with them, but they always just give me my money back :)
I'll bet that just like Walmart or Sams, the products you buy at Costco, are NOT made the same as the general models, they're cheapened.
Home Depot and Lowes pulls the same stunts.
 

Tazz 316

Getting the hang of it
Joined
Aug 11, 2016
Messages
258
Reaction score
54
I agree, seems Netgear is losing ground, or least with me. I am on my second Nighthawk X6S (from Costco). The 2.4 radio went out of the first one and the VPN in it is a joke. I run OpenVPN on my BI machine and it works perfect. I am hoping Costco will change brands someday down the road and then maybe this unit will be going back. BTW I already had a TP-link from Costco fail as well, so I am on the 3rd time around with them, but they always just give me my money back :)
How does one go about using OpenVPN on the PC? I use BI to so my PC is always on never thought about just using OpenVPN on my PC and skipping the router.

I don't think netgear will have it fixed before the end of the month. Do ALL of netgears routers have this issue? I would assume they all are using the same firmware.
 

Tinman

Known around here
Joined
Nov 2, 2015
Messages
1,208
Reaction score
1,472
Location
USA
How does one go about using OpenVPN on the PC? I use BI to so my PC is always on never thought about just using OpenVPN on my PC and skipping the router.

I don't think netgear will have it fixed before the end of the month. Do ALL of netgears routers have this issue? I would assume they all are using the same firmware.
I used this guide:

Easy_Windows_Guide – OpenVPN Community

It seems a little deep at first, but just do it a step at a time. If you do something wrong just try again. Just when you start to generate the client keys.....do them all the same time, that is one after each other. Also be sure to edit the files as explained here: VPN Primer for Noobs

This will generate the keys using sha256 instead of the MD5.

Sure, it is much easier to use a VPN built in the router, but the PC method will give you more options. Feel free to ask questions if you get stumped. After doing mine about 5 times you start to get the hang of it :)
 
Last edited:

stratfordwill

Getting the hang of it
Joined
Jun 29, 2014
Messages
27
Reaction score
58
I'm a fan of unifi. I just set up a vpn for my parent's cams from halfway across the country. All in a gui.

It took a while for them to get the remote user VPN working in unifi, but they finally did it.
 

Tazz 316

Getting the hang of it
Joined
Aug 11, 2016
Messages
258
Reaction score
54
I used this guide:

Easy_Windows_Guide – OpenVPN Community

It seems a little deep at first, but just do it a step at a time. If you do something wrong just try again. Just when you start to generate the client keys.....do them all the same time, that is one after each other. Also be sure to edit the files as explained here: VPN Primer for Noobs

This will generate the keys using sha256 instead of the MD5.

Sure, it is much easier to use a VPN built in the router, but the PC method will give you more options. Feel free to ask questions if you get stumped. After doing mine about 5 times you start to get the hang of it :)
Might be over my head i notice that you have to use port fwd was trying to avoid any of that and you need to use a Static ip my PC has already has one for BI so i guess you would need another for openvpn. I'm not very familiar with command prompt.
 

Tinman

Known around here
Joined
Nov 2, 2015
Messages
1,208
Reaction score
1,472
Location
USA
Might be over my head i notice that you have to use port fwd was trying to avoid any of that and you need to use a Static ip my PC has already has one for BI so i guess you would need another for openvpn. I'm not very familiar with command prompt.
Ok, you might want to consider just getting a Asus router with VPN built in then. You don't need a static IP , but if you do that will work for the OpenVpn as well since they will be on the same machine. You not knowing what a command prompt is what worries me though, why I suggested the Asus router.

Asus RT-AC68U
 
Top