X
Tik hier voor de mobiele versie van de website.

Ondersteuningsforum

Deze conversatie is gearchiveerd. Stel een nieuwe vraag als u hulp nodig hebt.

SSL_ERROR_NO_CYPHER_OVERLAP when accessing router web interface

Geplaatst

An error occurred during a connection to 192.168.1.179. Cannot communicate securely with peer: no common encryption algorithm(s). Error code: SSL_ERROR_NO_CYPHER_OVERLAP

Upgraded from FF 45 to FF55.2.3 ESR and lost connection to all our routers, access points and hardware.

On FF45 had warning of insecure connection, but had advanced tab to add exception - then everything worked fine.

On FF55 there is no option to do this. Have cehcked forums etc. and tried all the security.tls etc options but same error message - of interest using the IETab plug in and using that rendering engine it connects after a warning but not in standard firefox.

Profile is the same as previous versions - all our pcs use the same profile and a FF45 still works fine on SAME profile.

These are ALL local IP and never over internet! (The IP is local https://192.168.1.179/start.htm) and they are all Netgear products with no firmware upgrades available.

Please how can I ensure that access to our equipment is continued without reverting to an older version?

An error occurred during a connection to 192.168.1.179. Cannot communicate securely with peer: no common encryption algorithm(s). Error code: SSL_ERROR_NO_CYPHER_OVERLAP Upgraded from FF 45 to FF55.2.3 ESR and lost connection to all our routers, access points and hardware. On FF45 had warning of insecure connection, but had advanced tab to add exception - then everything worked fine. On FF55 there is no option to do this. Have cehcked forums etc. and tried all the security.tls etc options but same error message - of interest using the IETab plug in and using that rendering engine it connects after a warning but not in standard firefox. Profile is the same as previous versions - all our pcs use the same profile and a FF45 still works fine on SAME profile. These are ALL local IP and never over internet! (The IP is local https://192.168.1.179/start.htm) and they are all Netgear products with no firmware upgrades available. Please how can I ensure that access to our equipment is continued without reverting to an older version?

Bewerkt door philipp op

Gekozen oplossing

Since you use Windows you could use the portable Firefox 45.8.0esr from https://sourceforge.net/projects/portableapps/files/Mozilla%20Firefox%2C%20Portable%20Ed./Mozilla%20Firefox%20ESR%2C%20Portable%20Edition%2045.8.0/

This can be run on hard drive or usb flash drive even and is self contained as it will not touch your Firefox 52 ESR install or Profile.

You can use this old vulnerable Firefox 45.8.0esr just for to access your old Netgear WG102 that came out in 2006.

Dit antwoord in context lezen 0

Aanvullende systeemdetails

Geïnstalleerde plug-ins

  • Adobe PDF Plug-In For Firefox and Netscape 18.9.20044
  • IE Tab 2 Plug-in for Mozilla/Firefox
  • NPRuntime Script Plug-in Library for Java(TM) Deploy
  • Next Generation Java Plug-in 11.144.2 for Mozilla browsers
  • Shockwave Flash 27.0 r0
  • VLC media player Web Plugin

Toepassing

  • Useragent: Mozilla/5.0 (Windows NT 6.1; rv:52.0) Gecko/20100101 Firefox/52.0

Meer informatie

Meskó Balázs
  • Moderator
125 oplossingen 625 antwoorden

Well, it is only a workaround, but I would keep a browser just for this task. I assume the routers are using SSLv3 or older, and you can't enable this in modern Firefox versions – and for good reason, SSLv3 is completely broken.

Or if you can disable SSL on the routers, then you can access them through HTTP, and then you don't need an older browser.

Well, it is only a workaround, but I would keep a browser just for this task. I assume the routers are using SSLv3 or older, and you can't enable this in modern Firefox versions – and for good reason, SSLv3 is completely broken. Or if you can disable SSL on the routers, then you can access them through HTTP, and then you don't need an older browser.

Vraageigenaar

Thanks, but with all netgear products can't change their internal settings. I don't "care" about security as they are on internal on a secure network with no outside access......There is even no way to determine (apart from cracking the OS) what security they are using.....so need to disable totally

John

Thanks, but with all netgear products can't change their internal settings. I don't "care" about security as they are on internal on a secure network with no outside access......There is even no way to determine (apart from cracking the OS) what security they are using.....so need to disable totally John
cor-el
  • Top 10 Contributor
  • Moderator
17581 oplossingen 159073 antwoorden

Do you know what connection settings Firefox 45 was using? See "Tools -> Page Info -> Security" or the Security tab in the Network Monitor

Do you know what connection settings Firefox 45 was using? See "Tools -> Page Info -> Security" or the Security tab in the Network Monitor *https://developer.mozilla.org/en/Tools/Network_Monitor

Vraageigenaar

Sorry for delay in reply.

Do not have a Firefox 45 installation at the moment as upgraded all of them to work with the same profile on our server.

Strange, but some of our Netgear boxes work BUT I HAVE PREVIOUSLY given the OK on the old advanced page, but not this one.

Have search about:config and security for the exceptions, but can not find them. Identifable by fixed IP so if anyone knows the location of where these exceptions to securit yare stored, I can add one!

Sorry for delay in reply. Do not have a Firefox 45 installation at the moment as upgraded all of them to work with the same profile on our server. Strange, but some of our Netgear boxes work BUT I HAVE PREVIOUSLY given the OK on the old advanced page, but not this one. Have search about:config and security for the exceptions, but can not find them. Identifable by fixed IP so if anyone knows the location of where these exceptions to securit yare stored, I can add one!
cor-el
  • Top 10 Contributor
  • Moderator
17581 oplossingen 159073 antwoorden

You can find the Certificates section at the bottom of the "Privacy & Security" page or use the search bar (certificate). You can find a button to add an exception on the Servers tab.

  • Options/Preferences -> Privacy & Security -> Certificates: View Certificates -> Servers

Or alternatively use the chrome URI in the location/address bar:

  • chrome://pippki/content/exceptionDialog.xul
You can find the Certificates section at the bottom of the "Privacy & Security" page or use the search bar (certificate). You can find a button to add an exception on the Servers tab. *Options/Preferences -> Privacy & Security -> Certificates: View Certificates -> Servers Or alternatively use the chrome URI in the location/address bar: * chrome://pippki/content/exceptionDialog.xul

Vraageigenaar

Many thanks

this one is "doing my head in" and I have a feeling it is to do with the profile I am using which is very old.

These are Netgear WG102 access points and 4 of them had the option to add exception but the 5th doesn't and they are all on he same firmware etc.

This entry in about:config SHOULD make all the same security.tls.insecure_fallback_hosts;192.168.1.175,192.168.1.176,192.168.1.179, 192.168.1.177, 192.168.1.178 but the .179 doesn't!

Checked certificates and there is a Netgear one showing as valid. Other TLS settings appear correct.

your second option retuns nothing when the address is input......weird.

Will give up now as not too critical - opens in IETab fine.

One day might rebuild the profile from scratch when a few hours to spend, but not now - too busy with work work! Plus trying to get a EE (UK) Femocell to work!

Thanks again - if find an answer, will post it

John Watachet, Somerset, UK

Many thanks this one is "doing my head in" and I have a feeling it is to do with the profile I am using which is very old. These are Netgear WG102 access points and 4 of them had the option to add exception but the 5th doesn't and they are all on he same firmware etc. This entry in about:config SHOULD make all the same security.tls.insecure_fallback_hosts;192.168.1.175,192.168.1.176,192.168.1.179, 192.168.1.177, 192.168.1.178 but the .179 doesn't! Checked certificates and there is a Netgear one showing as valid. Other TLS settings appear correct. your second option retuns nothing when the address is input......weird. Will give up now as not too critical - opens in IETab fine. One day might rebuild the profile from scratch when a few hours to spend, but not now - too busy with work work! Plus trying to get a EE (UK) Femocell to work! Thanks again - if find an answer, will post it John Watachet, Somerset, UK
James
  • Top 25 Contributor
  • Moderator
1602 oplossingen 11345 antwoorden

Gekozen oplossing

Since you use Windows you could use the portable Firefox 45.8.0esr from https://sourceforge.net/projects/portableapps/files/Mozilla%20Firefox%2C%20Portable%20Ed./Mozilla%20Firefox%20ESR%2C%20Portable%20Edition%2045.8.0/

This can be run on hard drive or usb flash drive even and is self contained as it will not touch your Firefox 52 ESR install or Profile.

You can use this old vulnerable Firefox 45.8.0esr just for to access your old Netgear WG102 that came out in 2006.

Since you use Windows you could use the portable Firefox 45.8.0esr from https://sourceforge.net/projects/portableapps/files/Mozilla%20Firefox%2C%20Portable%20Ed./Mozilla%20Firefox%20ESR%2C%20Portable%20Edition%2045.8.0/ This can be run on hard drive or usb flash drive even and is self contained as it will not touch your Firefox 52 ESR install or Profile. You can use this old vulnerable Firefox 45.8.0esr just for to access your old Netgear WG102 that came out in 2006.