Suggest a router that has a VPN

Discussion in 'Chit-Chat' started by Tazz 316, Apr 13, 2018.

Share This Page

  1. Tazz 316

    Tazz 316 Young grasshopper

    Joined:
    Aug 11, 2016
    Messages:
    36
    Likes Received:
    1
    I'm looking to replace my netgear R7000 since netgear still uses MD5 and has yet to update the firmware.
     
  2. fenderman

    fenderman Staff Member

    Joined:
    Mar 9, 2014
    Messages:
    23,889
    Likes Received:
    5,632
    there was a new update in the last few weeks...see if it resolved the md5 issue
     
  3. Tazz 316

    Tazz 316 Young grasshopper

    Joined:
    Aug 11, 2016
    Messages:
    36
    Likes Received:
    1
    When i check i still get No new firmware version available. But there is one on there site to download, i wonder if it will fix the MD5 issues.

    Wouldn't you need to use a new key if they fixed it.
     
    Last edited: Apr 13, 2018
  4. bigredfish

    bigredfish Getting comfortable

    Joined:
    Sep 5, 2016
    Messages:
    951
    Likes Received:
    692
    Location:
    Florida USA
    Im getting the a message about it when i use the VPN on my phone. Says it will expire end of April. Guess I need to dig into it this weekend..
     
  5. bigredfish

    bigredfish Getting comfortable

    Joined:
    Sep 5, 2016
    Messages:
    951
    Likes Received:
    692
    Location:
    Florida USA
    It shows Im running the most current firmware
    Firmware Version
    V1.0.9.26_10.2.31

    iphone OpenVPN client says this when opening it:

    OpenVPN received a cert signed with MD5.
    Please inform your admin to upgrade to a stronger algorithm.
    Support for MD5 will be dropped at end of April 2018
     
  6. fenderman

    fenderman Staff Member

    Joined:
    Mar 9, 2014
    Messages:
    23,889
    Likes Received:
    5,632
    .28 is the latest.. see the website they are rolling it out slowly... You can download manually
     
    bigredfish likes this.
  7. Tazz 316

    Tazz 316 Young grasshopper

    Joined:
    Aug 11, 2016
    Messages:
    36
    Likes Received:
    1
    I'm on V1.0.9.28_10.2.32 and still get the MD5 issue.
     
    fenderman likes this.
  8. bigredfish

    bigredfish Getting comfortable

    Joined:
    Sep 5, 2016
    Messages:
    951
    Likes Received:
    692
    Location:
    Florida USA
    hmmmmm I wonder if we need to re-issue the cert for the mobile app after the upgrade to the server to .28....?
     
  9. Tazz 316

    Tazz 316 Young grasshopper

    Joined:
    Aug 11, 2016
    Messages:
    36
    Likes Received:
    1
    did that same issue.
     
  10. squeeze

    squeeze n3wb

    Joined:
    Mar 5, 2018
    Messages:
    4
    Likes Received:
    0
    Quick Google search shows you can successfully replace the certificates on Netgear routers yourself, oddly enough because Netgear routers are one of many that have Sercomm backdoors that unlock full admin access to a router by throwing magic packets at it unlocking a hidden Telnet server in the router.

    Here are some instructions to replace Netgear OpenVPN certificates
     
  11. bigredfish

    bigredfish Getting comfortable

    Joined:
    Sep 5, 2016
    Messages:
    951
    Likes Received:
    692
    Location:
    Florida USA
    Thanks @squeeze appreciate your help. That looks to be Android specific, wonder how different IOS/ iPhone is?

    Now I cant wait to go through all of those technical steps to simply update my router/certs that NG should allow for in the GUI :( The average user wont make it past step 1. I may get to step 3 :confused:

    I may just say fuck it and by a new Asus router with OpenVPN - after I verify this has been updated..
     
    looney2ns likes this.
  12. gumby2

    gumby2 n3wb

    Joined:
    Dec 9, 2017
    Messages:
    12
    Likes Received:
    1
    Location:
    Colorado springs
    My tm
    My ac1900 with openvp has been solid. Saw a slickdeals for $49 refurb recently. High speed will need higher end model.
     
  13. xlarons

    xlarons n3wb

    Joined:
    Apr 16, 2018
    Messages:
    8
    Likes Received:
    0
    Location:
    UK
    Just to throw this idea in there, what about getting any router you like and adding an OpenVPN server on another device on your network?
     
  14. Tinman

    Tinman Pulling my weight

    Joined:
    Nov 2, 2015
    Messages:
    332
    Likes Received:
    176
    I agree, seems Netgear is losing ground, or least with me. I am on my second Nighthawk X6S (from Costco). The 2.4 radio went out of the first one and the VPN in it is a joke. I run OpenVPN on my BI machine and it works perfect. I am hoping Costco will change brands someday down the road and then maybe this unit will be going back. BTW I already had a TP-link from Costco fail as well, so I am on the 3rd time around with them, but they always just give me my money back :)
     
    fenderman likes this.
  15. looney2ns

    looney2ns Known around here

    Joined:
    Sep 25, 2016
    Messages:
    3,527
    Likes Received:
    1,790
    Location:
    Evansville, Indiana
    I'll bet that just like Walmart or Sams, the products you buy at Costco, are NOT made the same as the general models, they're cheapened.
    Home Depot and Lowes pulls the same stunts.
     
  16. Tazz 316

    Tazz 316 Young grasshopper

    Joined:
    Aug 11, 2016
    Messages:
    36
    Likes Received:
    1
    How does one go about using OpenVPN on the PC? I use BI to so my PC is always on never thought about just using OpenVPN on my PC and skipping the router.

    I don't think netgear will have it fixed before the end of the month. Do ALL of netgears routers have this issue? I would assume they all are using the same firmware.
     
  17. Tinman

    Tinman Pulling my weight

    Joined:
    Nov 2, 2015
    Messages:
    332
    Likes Received:
    176
    I used this guide:

    Easy_Windows_Guide – OpenVPN Community

    It seems a little deep at first, but just do it a step at a time. If you do something wrong just try again. Just when you start to generate the client keys.....do them all the same time, that is one after each other. Also be sure to edit the files as explained here: VPN Primer for Noobs

    This will generate the keys using sha256 instead of the MD5.

    Sure, it is much easier to use a VPN built in the router, but the PC method will give you more options. Feel free to ask questions if you get stumped. After doing mine about 5 times you start to get the hang of it :)
     
    Last edited: Apr 19, 2018
    bigredfish likes this.
  18. stratfordwill

    stratfordwill Getting the hang of it

    Joined:
    Jun 29, 2014
    Messages:
    10
    Likes Received:
    26
    I'm a fan of unifi. I just set up a vpn for my parent's cams from halfway across the country. All in a gui.

    It took a while for them to get the remote user VPN working in unifi, but they finally did it.
     
  19. toolazyforalogin

    toolazyforalogin n3wb

    Joined:
    Mar 21, 2018
    Messages:
    27
    Likes Received:
    7
    I bought a raspberry pi and run it for my vpn. Just a thought.
     
  20. Tazz 316

    Tazz 316 Young grasshopper

    Joined:
    Aug 11, 2016
    Messages:
    36
    Likes Received:
    1
    Might be over my head i notice that you have to use port fwd was trying to avoid any of that and you need to use a Static ip my PC has already has one for BI so i guess you would need another for openvpn. I'm not very familiar with command prompt.
     
  21. Tinman

    Tinman Pulling my weight

    Joined:
    Nov 2, 2015
    Messages:
    332
    Likes Received:
    176
    Ok, you might want to consider just getting a Asus router with VPN built in then. You don't need a static IP , but if you do that will work for the OpenVpn as well since they will be on the same machine. You not knowing what a command prompt is what worries me though, why I suggested the Asus router.

    Asus RT-AC68U