zyxel N4100 gateway - Problems with SSL certificate on welcome page (google chrome)

Maze
Maze Posts: 6  Freshman Member
First Comment Friend Collector
edited April 2021 in Security
Hello,
Since this past Thursday, all the guests that are using google chrome lastest version (v 67), they can not see the "welcome portal to type the user and password" to get internet access (in this zyxel model). Google chrome, blocks the "welcome page", and gives the message saing that the SSL in 1.1.1.1 is not secure. This problem is only with google chrome latest update. Is there a way to upload a new SSL certificate in this model? I see that is possible in the configuration but I dont know what is the best SSL to use... or doesnt exist :(

Need help, please. Thank you
«134

Comments

  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 1,511  Zyxel Employee
    Zyxel Certified Network Administrator - Security Zyxel Certified Sales Associate 100 Answers 1000 Comments
    Hi @Maze,
    Can you take a screen shot for waring message and post it.
  • Maze
    Maze Posts: 6  Freshman Member
    First Comment Friend Collector
    Hi Zyxel_Cooldia

    After a few hours, found a solution, even better that the one that was working before this update of google chrome to version 67.

    Thank you  B)
  • S_L
    S_L Posts: 2  Freshman Member
    First Comment First Anniversary
    Maze said:
    Hi Zyxel_Cooldia

    After a few hours, found a solution, even better that the one that was working before this update of google chrome to version 67.

    Thank you  B)
    Hi, we are experiencing the same issues here.

    Would you mind sharing your solution with us?

    My approach: I am thinking about enabling SSL login and installing a self-signed letsencrypt certificate.

    Thank you
  • Jaume
    Jaume Posts: 9  Freshman Member
    First Comment Friend Collector
    edited June 2018
    We have the same problem tested with Chrome and Firefox.
    Any solution?
  • S_L
    S_L Posts: 2  Freshman Member
    First Comment First Anniversary
    edited June 2018
    After getting into that matter a bit more, it seems like Cloudflare's more or less recent introduction of their DNS service at the publicly reachable address 1.1.1.1 might have something to do with this issue:

    The combination of:
    - https://1.1.1.1 being reachable at Cloudflare
    - 1.1.1.1 not being a IP address reserved for use in private networks

    seems to break the redirection, and maybe other browsers will follow.

    It is not possible to obtain a letsencrypt certificate for 1.1.1.1, and even if so this wouldn't help either for other reasons (modern browsers would consider the redirect as interception)

    Quick and dirty workaround: deactivate authentication completely

    So I have to ask, will Zyxel release a firmware for the N4100 which uses a URI other than 1.1.1.1 for the login redirect?

    Otherwise, we will have to switch to maybe the pfSense captive portal which is poen source.
  • Jaume
    Jaume Posts: 9  Freshman Member
    First Comment Friend Collector
    Thanks for your information S_L but we hope that Zyxel will give us an urgent solution.
    Somebody out there, Zyxel?
  • Obiwan_Pierogi
    Obiwan_Pierogi Posts: 10  Freshman Member
    First Comment Fifth Anniversary
    I think I am having the same problem..  I have a campground and am using an N4100..  Usually no problem accessing my login page..  But the last couple which also used google chrome..  It wouldn't bring my sign on page on..  Normally, I tell the campers to just go to 1.1.1.1  ...which always brings my logon page on the screen..  On their I phones and laptops, they get a warning about no license.. unsecure.. probably fraud site..  And the sign on page will not come on..  What's the solution
  • Jaume
    Jaume Posts: 9  Freshman Member
    First Comment Friend Collector
    This problem used to be solved doing what it is explained here (click on "ADVANCED" and then "Continue to [we page]"):

    https://support.zyxel.eu/hc/en-us/articles/360005978894--This-is-not-a-secure-connection-Warning-on-Hotspot-System-in-Google-Chrome-what-does-this-mean-

    "This is not a secure connection"- Warning on Hotspot-System in Google Chrome - what does this mean?

      Avatar
      Phillipe Piris

      The problem is that it is not working anymore. I don't have the option to "Continue to [Website]", as seen in the following screenshots:





    • Maze
      Maze Posts: 6  Freshman Member
      First Comment Friend Collector
      edited June 2018
      I'm going to explain what I have done to solve this problem... I'm going to write a new post with the solution (that is working fine since this past Thursday). Please wait a bit... Thank you

    Security Highlight