Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

SSL_ERROR_NO_CYPHER_OVERLAP when accessing router web interface

  • 7 majibu
  • 8 wana tatizo hili
  • 1 view
  • Last reply by James

more options

An error occurred during a connection to 192.168.1.179. Cannot communicate securely with peer: no common encryption algorithm(s). Error code: SSL_ERROR_NO_CYPHER_OVERLAP

Upgraded from FF 45 to FF55.2.3 ESR and lost connection to all our routers, access points and hardware.

On FF45 had warning of insecure connection, but had advanced tab to add exception - then everything worked fine.

On FF55 there is no option to do this. Have cehcked forums etc. and tried all the security.tls etc options but same error message - of interest using the IETab plug in and using that rendering engine it connects after a warning but not in standard firefox.

Profile is the same as previous versions - all our pcs use the same profile and a FF45 still works fine on SAME profile.

These are ALL local IP and never over internet! (The IP is local https://192.168.1.179/start.htm) and they are all Netgear products with no firmware upgrades available.

Please how can I ensure that access to our equipment is continued without reverting to an older version?

An error occurred during a connection to 192.168.1.179. Cannot communicate securely with peer: no common encryption algorithm(s). Error code: SSL_ERROR_NO_CYPHER_OVERLAP Upgraded from FF 45 to FF55.2.3 ESR and lost connection to all our routers, access points and hardware. On FF45 had warning of insecure connection, but had advanced tab to add exception - then everything worked fine. On FF55 there is no option to do this. Have cehcked forums etc. and tried all the security.tls etc options but same error message - of interest using the IETab plug in and using that rendering engine it connects after a warning but not in standard firefox. Profile is the same as previous versions - all our pcs use the same profile and a FF45 still works fine on SAME profile. These are ALL local IP and never over internet! (The IP is local https://192.168.1.179/start.htm) and they are all Netgear products with no firmware upgrades available. Please how can I ensure that access to our equipment is continued without reverting to an older version?

Modified by philipp

Chosen solution

Since you use Windows you could use the portable Firefox 45.8.0esr from https://sourceforge.net/projects/portableapps/files/Mozilla%20Firefox%2C%20Portable%20Ed./Mozilla%20Firefox%20ESR%2C%20Portable%20Edition%2045.8.0/

This can be run on hard drive or usb flash drive even and is self contained as it will not touch your Firefox 52 ESR install or Profile.

You can use this old vulnerable Firefox 45.8.0esr just for to access your old Netgear WG102 that came out in 2006.

Read this answer in context 👍 0

All Replies (7)

more options

Well, it is only a workaround, but I would keep a browser just for this task. I assume the routers are using SSLv3 or older, and you can't enable this in modern Firefox versions – and for good reason, SSLv3 is completely broken.

Or if you can disable SSL on the routers, then you can access them through HTTP, and then you don't need an older browser.

more options

Thanks, but with all netgear products can't change their internal settings. I don't "care" about security as they are on internal on a secure network with no outside access......There is even no way to determine (apart from cracking the OS) what security they are using.....so need to disable totally

John

more options

Do you know what connection settings Firefox 45 was using? See "Tools -> Page Info -> Security" or the Security tab in the Network Monitor

more options

Sorry for delay in reply.

Do not have a Firefox 45 installation at the moment as upgraded all of them to work with the same profile on our server.

Strange, but some of our Netgear boxes work BUT I HAVE PREVIOUSLY given the OK on the old advanced page, but not this one.

Have search about:config and security for the exceptions, but can not find them. Identifable by fixed IP so if anyone knows the location of where these exceptions to securit yare stored, I can add one!

more options

You can find the Certificates section at the bottom of the "Privacy & Security" page or use the search bar (certificate). You can find a button to add an exception on the Servers tab.

  • Options/Preferences -> Privacy & Security -> Certificates: View Certificates -> Servers

Or alternatively use the chrome URI in the location/address bar:

  • chrome://pippki/content/exceptionDialog.xul
more options

Many thanks

this one is "doing my head in" and I have a feeling it is to do with the profile I am using which is very old.

These are Netgear WG102 access points and 4 of them had the option to add exception but the 5th doesn't and they are all on he same firmware etc.

This entry in about:config SHOULD make all the same security.tls.insecure_fallback_hosts;192.168.1.175,192.168.1.176,192.168.1.179, 192.168.1.177, 192.168.1.178 but the .179 doesn't!

Checked certificates and there is a Netgear one showing as valid. Other TLS settings appear correct.

your second option retuns nothing when the address is input......weird.

Will give up now as not too critical - opens in IETab fine.

One day might rebuild the profile from scratch when a few hours to spend, but not now - too busy with work work! Plus trying to get a EE (UK) Femocell to work!

Thanks again - if find an answer, will post it

John Watachet, Somerset, UK

more options

Suluhisho teule

Since you use Windows you could use the portable Firefox 45.8.0esr from https://sourceforge.net/projects/portableapps/files/Mozilla%20Firefox%2C%20Portable%20Ed./Mozilla%20Firefox%20ESR%2C%20Portable%20Edition%2045.8.0/

This can be run on hard drive or usb flash drive even and is self contained as it will not touch your Firefox 52 ESR install or Profile.

You can use this old vulnerable Firefox 45.8.0esr just for to access your old Netgear WG102 that came out in 2006.