My ancient Netgear router WNDR4000 has suddenly shut down access to its admin pages… I’ve tried to log on an Ethernet connected Mac, two laptops and an ipad – all return something along the lines of “could not connect to server”…
Although the computers and devices can still connect to the network, the iphones – running iOS 16.2 – would not. They announce, “Unable to join the network [name]”, on account of “This network is operating on Wi-Fi channels in use by several other nearby networks.” Is that a separate issue? I have no idea. In any case, the recommended rebooting of the router does zilch to fix it.
It seems my only recourse is to put the router back to factory settings. And the question is – do I know that it will solve the problem? I don’t care about losing my settings to a factory reset, but I can’t help wonder --what if I still can’t log on to the admin pages?
Why I worry is that I’ve been using Netgear’s software/GUI for admin pages called “Netgear Genie,” but I cannot see a trace of it on my computer. It’s ostensibly available on Netgear’s site, but nothing happens when I click “download.” I guess they want me to buy a new router. (sigh)
It’s hard to tell without some hands-on tests, but I’ve seen something similar on my old cable modem.
Some things to check for:
A browser that is trying to upgrade all HTTP requests to HTTPS. Your modem might be old enough to not have an HTTPS management page.
Self-signed certificates. My cable modem and router (and printer, for that matter) all have them. The devices generated their own certificates when first set up and I have no desire to pay for a “real” certificate to install on them.
So my browser issues a “this site is unsafe” warning, which I must explicitly override in order to access the device over HTTPS.
A more interesting question is why it just happened. If there was a recent update to your browser or macOS, then it is possible that new security “features” are blocking access. A recent router firmware upgrade might also have broken something. You may need to configure something (e.g. don’t “upgrade” HTTP to HTTPS) to allow access to such an old device.
If nothing changed, but the router just stopped being accessible, then something in its management stack may have crashed. If rebooting it didn’t help (I assume you tried that), then maybe a factory reset. But I would consider that a last resort, because if it fails, you won’t be able to log in in order to configure it for your network (e.g. SSIDs and passwords). And the initial setup may involve a different procedure from your after-installation maintenance access.
According to Netgear, they want you to run the Nighthawk app to perform the initial setup (which includes after a factory reset). So make sure you have that available on a mobile device before you start.
They do publish a procedure for web installation without the Nighthawk app, if you’d rather try that. But this is not their preferred mechanism.
Thanks a lot to @Technogeezer and @Shamino, though admittedly I’m flailing in the dark in regards to what certificates and ciphers and management stacks and other terms mean or what to do about them.
I believe my login has always included HTTPS, because it’s https://192.168.1.1/start.htm though on occasion my browsers have given me a “this site is unsafe” alert. I didn’t know that came from the router. Or maybe it doesn’t…
As to why it just happened, not sure how long is “recent” for an upgrade to the browser or OS. I upgraded from El Capitan to Mojave on the computer I use to log in a couple of months ago, maybe. Not sure exactly. And when this happened, I was on the admin pages because I keep an “access list” of equipment and I went to add another device to it. Then I walked away without logging out, came back an hour later, and there was some notification/alert on screen which I ignored unfortunately, I thought the router just logged me out, but then of course I couldn’t log back in.
I rebooted a few times, also on account of the iphones being unable to access the network, and yeah, no help there.
I’ve been on the Netgear site, and my router (WNDR4000) is not compatible with the Nighthawk app.
So yeah, it looks like a factory reset is the only option, but I’m worried that, as you say, it might fail and I won’t be able to log in to configure the network.
A cipher is a mechanism for encrypting data. Some are easier to crack than others. One that is hard to crack is considered “strong”, while one that is easy to crack is considered “weak”.
A certificate (in the context of HTTPS communication) is a piece of data used to drive the security of the connection. Certificates include encryption keys (used by a cipher, which is identified by the certificate), the identity of the web site they’re meant to be used with, and identification information, including the identity of the company that issued the certificate (the certificate authority or CA).
Modern web browsers will issue warnings (or possibly refuse to connect altogether) if an HTTPS certificate is not considered secure. This could be for a variety of reasons, including:
The certificate has expired (they always include expiration dates)
The encryption key’s cipher is known to be weak
There web site/domain in the certificate doesn’t match the site itself
The CA is unknown (browsers and operating systems include a list of trusted CAs, in order to make this determination)
The CA has revoked the certificate (if the CA is known, the browser can contact it to validate the certificate)
A management stack, in this context, refers to the software running on the router used to manage its configuration. It’s the program that generates the web page you use to manage it. If there are other management mechanisms (e.g. a command-line shell, or Bluetooth), it will control them as well.
That’s good. The “unsafe” alert comes from your web browser.
This is because the default certificate is going to be self-signed. That is, the router created it locally, without the use of any CA. Therefore, your web browser won’t automatically trust it. Depending on what browser you’re running, there should be a mechanism to tell it to trust its certificate.
Yeah, that sounds like something broke in the router. Maybe its internal configuration got corrupted.
Sorry about the reference to the Nighthawk app. Netgear’s web site is a bit confusing. I went to the WNDR4000 product page, clicked on “Configuration” and started looking at the support articles. But they’re presenting articles not applicable to the model.
Bad support site. No biscuit for you, Netgear.
I also tried to download the Netgear Genie app. As you reported, the link from the NWDR4000 product page is broken. It returns a text file containing “NETGEAR” and nothing else.
A web search for the Genie app finds its home page: genie | Product | Support | NETGEAR. There’s a download link from there, but for some inexplicable reason, it is RAR compressed. After downloading the command-line unrar application from the official RAR download site, and manually authorizing macOS to run it (because it is not a signed executable), I was able to unpack it - it contains a DMG file with an installer package. (I have no idea why they didn’t just provide the DMG file directly).
Anyway, that download page has Genie version 4.45 (dated December 2021). You might want to see if that will work for your router.
While reading about the Genie app, however, it appears (I think) that it expects you to log in to a Netgear account on their web/cloud server. At least the mobile version does - I’m not sure about the desktop version.
If that’s the case, have you tried to access your Netgear account from Netgear’s web site? If they locked your account or forced a password reset, perhaps that blocked your router’s management?
Anyway, if you can’t or don’t want to use the Genie app, the setup manual has a section on manual installation. So you should be able to follow those instructions after a factory reset (assuming a factory reset works to fix its problem).
@Shamino Thanks again. I really appreciate all of the information, been under the weather and didn’t get far with my troubleshooting.
No I haven’t and wouldn’t know how to go about it. I “created an account” on the site but they just want me to open a support case for registered products. Probably not what you meant.
It occurred to me that I should have a back up plan in case the factory reset doesn’t work, which I suppose means buying a new router. Alas, I haven’t a clue as to what would be a modern equivalent to the WNDR4000 and I’m really not up on the technology to make sense of the gazillion models out there … stuck in previous decade, I guess.
No. Many routers these days (including Linksys and Netgear) offer cloud-based management. You create an account on their server using their web page or a mobile app. Then you use the mobile app to associate your (newly-purchased) router with that account. From there, you can manage and configure the router from the mobile app or the web page.
Some models (like my Linksys, unfortunately) force you to do this for the initial setup, even though you can configure it locally (by pointing a web browser at it) after the initial configuration. Some (like your Netgear) will let you do the initial setup without a cloud account.
Probably a good idea. I won’t recommend any specific products, but here are some things to look for to help you with your search.
The nice thing is that most recent models will get the job done just fine. Things to look for:
Gigiabit Ethernet for all wired connections. Anything recent should have this, but some cheap ones may still have 100M ports.
Higher speed ports (2.5G, 5G or 10G) might be nice to have, but they won’t matter unless your LAN and Internet service are both faster than gigabit. I wouldn’t pay extra for them without an actual need.
Don’t worry about the number of Ethernet ports. All will have at least two (a WAN port to connect to your broadband modem and a LAN port to connect to the rest of your computers). Some have multiple LAN ports (4 or 8 is common). If you have more wired devices then there are ports, just connect an Ethernet switch to one of your LAN ports. (FWIW, my router has 4 LAN ports. I have a 16-port Ethernet switch connected to one, which allows all 9 devices in my office to have a wired connection.)
Support for Wi-Fi 6 (aka 802.11ax). This is the fastest and latest Wi-Fi standard. Using it will let you support other Wi-Fi 6 devices you may have or may purchase in the future.
If Wi-Fi 6 is too expensive, Wi-Fi 5 (aka 802.11ac) should be just fine as well. I wouldn’t look at routers with slower Wi-Fi (e.g. 802.11n or g). You won’t save much money, and modern devices (including Macs and iPhones) generally include support for Wi-Fi 5.
Local management. As I mentioned above, some brands/models force you to perform the initial setup using a mobile app and a cloud service. If this bothers you, do some research before buying. Go to the manufacturer’s support pages for the product, download the installation manual and skim through it to make sure you’re OK with the procedure.
Country of origin. Although not everybody agrees, I would be nervous about using a router made by a Chinese company. Most products these days are manufactured in China, but you can still avoid something designed by a Chinese company. I would also avoid products from companies with known-bad privacy policies (e.g. Google)
Companies I’m OK with (in alphabetical order) are:
Arris/Comscope (North Carolina, USA)
Asus (Taiwan)
D-Link (Taiwan)
Linksys (California, USA)
Netgear (California, USA)
Ubiquity (Amplifi) (New York, USA)
Companies I’m not OK with:
Amazon (I don’t trust their privacy)
Google (I don’t trust their privacy)
TP-Link (Hong Kong, China)
If you are running, or think you may want to run a Wi-Fi mesh network, then get a router that can be used as a part of a mesh network.
Today, Wi-Fi mesh networking is vendor-specific. Although all the big names offer mesh products (Linksys Velop, Netgear Orbi, Amazon Eero, Google Wi-Fi and others), they are not interoperable. That is, all of the router nodes participating in your mesh must be designed to work with each other. They may not need to all be the same model, but they will have to be at least from the same manufacturer.
If you don’t want to set up a mesh today, but think you might want to in the future, some routers can integrate with mesh-router nodes from the same manufacturer. This will let you just buy some compatible nodes instead of replacing the main router, should you decide to upgrade. But not all have this support, so read the spec sheets.
Although I don’t think this applies to your situation, I would avoid getting a device that combines a router and a broadband (cable, DSL, etc.) modem. It’s better that you use separate router and modem devices and connect them with an Ethernet cable.
This will let you get the best of both worlds. A combo-device will probably compromise on router features, and may cost more than separate devices. With separate devices, you can pair the best modem and best router (according to your personal budget and requirements, of course).
More important, you can’t upgrade your own firmware on a combo device. Cable modem firmware can only be upgraded by your cable company (even if you own the modem), and this includes the firmware for the router functions. And cable companies rarely push out updates unless there’s a security hole so big it causes a large public scandal. (I’m not sure if this is also the case for DSL and fiber modems, but it wouldn’t surprise me.)
If you have separate devices, you still won’t be able to upgrade the modem’s firmware, but you will be able to upgrade the router’s firmware. And most routers these days include features to auto-update, should you want to enable that feature.
I’m curious, what makes you ‘not okay’ with TP-Link? Their routers are consistently among the top-rated models across the ‘net, and I’ve never seen anyone make a blanket statement about avoiding them.
As I wrote above that line, they’re a Chinese company (Hong Kong). As such I don’t believe I can trust their privacy and security policies. Nor do I think I can trust them to not have code that could grant the Chinese government access to my network.
This is the same reason I won’t own a Huawei phone or a Lenovo laptop.
I would have similar opinions about products made by any company from a similarly authoritarian country like Russia or Iran. But as far as I know, there are no companies in those countries making consumer routers.
You may disagree with this opinion, and that’s fine. But it is a concern of mine that I wanted to share, for those that may have similar concerns.
Thanks so much for the detailed advice, I’ll be sure to keep it in mind.
BTW, I wouldn’t have got a combined router/modem anyway because the router is mine, the modem belongs to the ISP. Back when we signed up with them, in the early aughts I think, they didn’t supply routers to new customers like they do now, so we got our own. It’s probably why I understand it slightly more (ever so slightly?) than your average consumer-- I had to comb through the manual back then and set it up myself.
Thanks, appreciate that. I did fumble around looking for reviews. Problem is, I have no idea who’s reliable (other than Tidbits ), I’d have to have to have got a review of the reviewers first, so this really helps.
Which is normally the most economical way to go. Purchasing your own will pay for itself in just a few months, assuming you rent the ISP’s router as Comcast always charges. That’s exactly what I’ve done for many years now.
), I’d have to have to have got a review of the reviewers first, so this really helps.