Certificate Error, Router home page hacked? (192.168.1.1)
corei7
Newbie

The router home page (192.168.1.1) is now showing as insecure.  I am being re-directed to myfiosgateway.com, which shows https with a red strike through, and which displays the following: 

 The redirected site is protected with a self-signed certificate, and your internet browser will prompt you with a security warning to accept the router's self-signed certificate before proceeding. This is a standard prompt for any self-signed certificate to help ensure the security of your internet connection.

Has this page been hacked? I did not log in.

0 Likes
73 Replies
FiDi1
Newbie

In my 4th hour today trying to fix this very issue.  One terrible on-line tech who said he couldn't replicate the issue even though I watched him replicate it; then he ghosted me.  Tech phone said he knew about the problem and was transferring me to someone who knew how to deal with it - yet the poor person was password and log-in reset.  Have been on hold for an hour waiting for a tech supervisor.  Have no hopes anyone will pick up the line.

0 Likes
glnzglnz
Contributor - Level 3

When will Verizon fix the certificate problem that stops so many of us from logging into our Quantum G1100 gateways?

What is taking so long?

0 Likes
Edg1
Community Leader
Community Leader

@glnz2 wrote:

When will Verizon fix the certificate problem that stops so many of us from logging into our Quantum G1100 gateways?

What is taking so long?


The certificate issue doesn't stop you from logging into the router. 

TomC31
Enthusiast - Level 1
Like another poster, I get stuck in the "continue (unsafe)" loop no matter how many exceptions I add, etc. This happens for me in the latest Chrome, Firefox, and Edge. I know those browsers made a recent change to reject certain types of certificates, could that be a problem? Is there a setting buried somewhere that will allow an exception to take hold properly?
raygam
Enthusiast - Level 2

@Edg1 wrote:


The certificate issue doesn't stop you from logging into the router. 

I sure hope you are right and that you'll be kind enough to educate me on how to log into the router. I have tried 4 different browsers on Win 10 and 2 different ones from Linux. None will allow a connection. 

Please share your solution with this dumb old networking guy.  Thanks!

0 Likes
Edg1
Community Leader
Community Leader

@raygam wrote:

@Edg1 wrote:


The certificate issue doesn't stop you from logging into the router. 

I sure hope you are right and that you'll be kind enough to educate me on how to log into the router. I have tried 4 different browsers on Win 10 and 2 different ones from Linux. None will allow a connection. 

Please share your solution with this dumb old networking guy.  Thanks!


No problem. Sorry to take so long to get back.

In Chrome(Version 73.0.3683.86) click "Advanced" then click "Proceed to 192.168.1.1 (unsafe)"

In Mozilla(64.0.2) click "Add Exception..." then a pop up comes up check "Permanetly store this exception" and click "Confirm Security Exception"

In Internet Explorer(11.0.9600.19301) click "Continue to this website (not recommended)."

raygam
Enthusiast - Level 2

@Edg1 wrote:

In Chrome(Version 73.0.3683.86) click "Advanced" then click "Proceed to 192.168.1.1 (unsafe)"

In Mozilla(64.0.2) click "Add Exception..." then a pop up comes up check "Permanetly store this exception" and click "Confirm Security Exception"

In Internet Explorer(11.0.9600.19301) click "Continue to this website (not recommended)."

Thanks but, like many already noted here, I too have tried those steps since they would/should be normal things to try.  Many times.  They do not work and the browser never gets to the router login web page. So I am locked out of the router thanks to VZ who simply does not seem to care at all.


0 Likes
Chuck325
Enthusiast - Level 2

It stops me from loggin on both 192.168.1.1 and myfiosgateway

0 Likes
aurios
Newbie

Getting a SSL Cert Error when I try to access my router or the myrios website...

Is Fios working on this issue, do they need to update SSL Cert?

0 Likes
Edg1
Community Leader
Community Leader

@aurios wrote:

Getting a SSL Cert Error when I try to access my router or the myrios website...

Is Fios working on this issue, do they need to update SSL Cert?


I’m sure it will be fixed it in one of the next updates. You can still log in if you proceed through the security error. 

betourne1
Enthusiast - Level 2

The invalid certificate appears to be blocking my laptop from conneting to the G1100 router directy via a NIC.  The WiFi connection lasts for a few moments then drops.  I will only return for a few moments if I perform a warm boot.  When signing into the router's local IP address produces a warning indicating the address has an invalid certificate.  Running Windows 10 Network troubleshooter, results in a failure to fix because of invalid IP address.  The current firmware in the router indicates: Version 2.02.00.13  Any suggestions?

0 Likes
user3712
Newbie

When I try to access my router settings via myfiosgateway.com, I can't get past the certificate warning.

When I tell my browser (Firefox) to add an exception, it just shows the same certificate warning (screenshot below).

image

I have also tried it with Edge and Internet Explorer. Same problem.

I have been able to access my router settings in the past without issue. Thank you,.

0 Likes
glnzglnz
Contributor - Level 3

 

It is outrageous that Verizon does not have the correct certificates for our accessing our routers.

This is a security issue for all of us - inflicted by Verizon.

Why has this not been fixed?

 

0 Likes
jnv111
Enthusiast - Level 2

It is impossible to generate and push a certificate that will satisfy browsers by design of the certificate system. The best that Verizon can do is self-signed certificates or plain HTTP without any encryption.

Nobody can generate certificates with a public and private key pair that is signed by a certificate authority and distribute the private key without the certificate getting revoked. If Verizon generated a public and private key pair, got the pair's certificate, and then distributed only the public key, the routers cannot authenticate themselves to the users because they lack the private key needed to authenticate themselves, causing browsers to permanently abort any connection attempts because the browsers will believe that the server is an impostor. If Verizon did the same thing except that it distributed both the private and public keys, the certificate authority will be required to revoke the certificate as soon as it discovers that the private key was distributed to entities outside of the organization's control because distributing the private key causes it to legally be considered compromised, causing browsers to permanently abort any connection attempts because the browsers will learn to immediately distrust anything signed with that certificate if they check the certificate's revocation status with the Online Certificate Status Protocol (OCSP). A self-signed certificate allows encryption, but causes browser warnings that can be bypassed due to the inability of the browser to positively or negatively authenticate the server. Using plain HTTP will cause some browsers to show warnings that the form is not secure.

The only way for this to be possible is for each user to buy their own domain, generate their own private and public key pair, get a security certificate with the key pair and the domain, and upload the certificate, the private key, and the domain to the router.

In short, what you desire is impossible for Verizon to do by design of the certificate system.

glnzglnz
Contributor - Level 3

Jnv11 -- Thanks very much for your detailed and informative response.

A few things:

First, it is deplorable that a VZ FIOS staffer has NOT responded here to our concerns. 

Second, I understand from your explanation that a more convenient certificate-related solution to this problem is impossible.  But this problem is new.  Two months ago, none of us had any difficulty logging in to our Quantum G1100 routers - we just went to 192.168.1.1 and entered our passwords.  What happened?

Many thanks.

0 Likes
jnv111
Enthusiast - Level 2

My guess is that Verizon wanted to deal with the browser warnings that HTTP login is insecure. It went to self-signed certificates as the least bad option to allow the login to be encrypted.

0 Likes
glnzglnz
Contributor - Level 3

jnv11 - Verizon has made a mess here.

None of us had any warnings or error messages before this recent change - we had no difficulty logging in to 192.168.1.1.

It is only now that we get confusing error messages about certificates, and some folks here cannot log in at all.

Vz has hurt its paying customers - let's not make any excuses for its bad move here.

0 Likes
Edg1
Community Leader
Community Leader

@user3712 wrote:

When I try to access my router settings via myfiosgateway.com, I can't get past the certificate warning.

When I tell my browser (Firefox) to add an exception, it just shows the same certificate warning (screenshot below).

image

I have also tried it with Edge and Internet Explorer. Same problem.

I have been able to access my router settings in the past without issue. Thank you,.


I get the same error but I click Advanced then it will give you a link to proceed to the router. 

sfc3lfr
Enthusiast - Level 1

Same issue with the certificate. I did a hard reset, but still could not get into the system. Tried with my Android phone over wifi and it let me in! Desktop is Win 10 x64.  Hope this helps someone else.

stepal
Enthusiast - Level 1

These suggestions do not work for folks with up-to-date browsers. For Firefox 66 when you click Advanced and then click Accept the Risk and Continue it cycles right back to the original warning. Verizon has broken it so we can no longer log in to our own routers. VERIZON PLEASE FIX THIS ASAP!

0 Likes
Edg1
Community Leader
Community Leader
 wrote:

These suggestions do not work for folks with up-to-date browsers. For Firefox 66 when you click Advanced and then click Accept the Risk and Continue it cycles right back to the original warning. Verizon has broken it so we can no longer log in to our own routers. VERIZON PLEASE FIX THIS ASAP!

I can access the router on an iPhone and iPad on Safari. Also Chrome on a Galaxy Note 8. All three are up to date.