D-Link Forums
D-Link VPN Router => DSR-250N => Topic started by: avonord on September 13, 2015, 04:51:57 AM
-
I can't believe there is no other thread on this. My browser can no longer connect to the admin console of my DSR250. It gives the following error. There are work arounds for firefox (and maybe chromes as well). But if you want to an iPhone to manage the router, you are out of luck. When will Dlink come out with a new firmware that address this?
"Secure Connection Failed
An error occurred during a connection to 192.168.0.1. SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message. (Error code: ssl_error_weak_server_ephemeral_dh_key)
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the website owners to inform them of this problem."
-
I was just wondering the same thing. I got in to the admin interface using Opera, and I've seen references to an override that you can set up in Firefox, but these are not permanent solutions.
I tried using the certificate generator (in Advanced -> Certificates, but the documentation is appalling and I haven't been successful - in fact I don't even know if this is intended to address router owners that want to change this cert or just for VPNs).
So I don't have a solution, but I figure I should add my voice. How about it D-Link?
-
Link>Welcome! (http://forums.dlink.com/index.php?topic=48135.0)
- What Hardware version is your router? Look at sticker under the router case.
- Link>What Firmware (http://forums.dlink.com/index.php?topic=47512.0) version is currently loaded? Found on the routers web page under status.
- What region are you located?
PC Web Browser Configurations
What browser are you using?
Try Opera or FF? If IE 8, 9, 10 or 11, set compatibility mode and test again.
Disable any security browser Add-ons like No Script and Ad-Block or configure them to allow All Pages when connected to the router.
Clear all browser caches.
Be sure to log into the Admin account on the router.
Try turning off these features in Chrome:
Top right corner, little bars for options > Settings > Settings (on left) > Show advanced settings.
Uncheck these:
Use a web service to help resolve navigation errors
Use a prediction service to help complete searches and URLs typed in the address bar
Predict network actions to improve page load performance
Enable phishing and malware protection
Also...
http://www.ghacks.net/2015/04/15/chrome-42-blocks-java-silverlight-other-plugins-by-default-now/ (http://www.ghacks.net/2015/04/15/chrome-42-blocks-java-silverlight-other-plugins-by-default-now/)
Since this is a business class routers it may be that it only supports desktop browser management at this time. Not much call for management of business class routers from remote locations. Most Management of business class routers are on site and during business hours when needed. Not sure if D-Link would have anything for mobile apps regarding this. This would be something you would have to talk to D-Link directly on the phone about.
-
Hello,
After firmware update with the latest version (2.01_WW) on my DSR-250n I have the same 'Diffie-Hellman key' problem with Chrome and FF also. I do not think that disabling some security settings in browsers are good solution!
I just wondering if D-Link support will fix this bug in near future with next firmware update?
-
It's recommend that you phone contact your regional D-Link support office and ask for help and information regarding this. We find that phone contact has better immediate results over using email or FB> https://www.facebook.com/mydlink?fref=ts.
Let us know how it goes please.
Hello,
After firmware update with the latest version (2.01_WW) on my DSR-250n I have the same 'Diffie-Hellman key' problem with Chrome and FF also. I do not think that disabling some security settings in browsers are good solution!
I just wondering if D-Link support will fix this bug in near future with next firmware update?
-
Hi again,
from the local support recommended me to update to version 2.02 firmware from official page. Unfortunately this version is only for hardware version "B" but my device have "A1". In this case they sent me personal link to download version 2.02 for my hardware version, but they do not explain me what is the difference between 2.01 and 2.02 and why version 2.02 for hardware version "A" is not officially announced?
In this case I prefer continue use firmware 2.01 despite bugs which i found.
-
I'll check and see if you can install v2.02.
What version is currently loaded? ???
Hi again,
from the local support recommended me to update to version 2.02 firmware from official page. Unfortunately this version is only for hardware version "B" but my device have "A1". In this case they sent me personal link to download version 2.02 for my hardware version, but they do not explain me what is the difference between 2.01 and 2.02 and why version 2.02 for hardware version "A" is not officially announced?
In this case I prefer continue use firmware 2.01 despite bugs which i found.
-
In present moment router is with 2.01_WW firmware. I have also 2.02 version for hardware A1 but it's not officially published (D-Link local support gave me a personal link for download)
-
If you have v2.xx installed already then applying v2.02 will work. I recommend doing a factory reset, uploading the FW file. Factory reset once more after the FW was process, then set up from scratch. You should be good after that.
-
I have the same issue...
have 2 routers dsr-250
rev. A1 - fw 1.09 - that one is ok
rev. A2 - fw 2.02B801C_WW - have issue with the "Secure Connection Failed" on FF and Chrome
Reply ive got from Dlink support is that i need to disable
about:config - search dhe and certificate (...)128_sha, put to false
---
This solution is like workaround, where the poor Dlink RnD and Beta testing force customer to disable security and weaken the browser security. Really lame i doubt that both teams FF and Chrome did mistake in their security standarts...
-
What region are you located?
Where did you get fw 2.02B801C_WW from?
I have the same issue...
have 2 routers dsr-250
rev. A1 - fw 1.09 - that one is ok
rev. A2 - fw 2.02B801C_WW - have issue with the "Secure Connection Failed" on FF and Chrome
Reply ive got from Dlink support is that i need to disable
about:config - search dhe and certificate (...)128_sha, put to false
---
This solution is like workaround, where the poor Dlink RnD and Beta testing force customer to disable security and weaken the browser security. Really lame i doubt that both teams FF and Chrome did mistake in their security standarts...
-
Hi
I just updated my router dsr-250 rev A2 from DSR-250_A2_FW2.02B401C_WW to this version; DSR-250_A2_FW2.02B701C_WW(0804154808).02b701c_ww.
Link to official ftp dlink site;
ftp://ftp2.dlink.com/../../../../SECURITY_ADVISEMENTS/DSR-250/REVA/
And now...no message like, ssl_error_weak_blabla...occurred during a connection to my router with Firefox 40.0.
-
Does it happen with IE or Opera?
What region are you located?
Did you clear all browser caches before and after updating FW?
-
Hi
No problem with IE or Opera, just the message about the self-signed certificate. It's normal considering my configuration. Cache was cleared before updating and after...and I'm from Québec Canada.
-
Enjoy. ;)
-
Enjoy. ;)
Enjoy? Are you serious??
There is a major problem with your router, it's not possible to connect to it using Firefox or Chrome because both of them detect a serious security flaw in the router's HTTPS configuration!
And you think that the problem is solved by using an outdated browser to connect to the router???
Your engineers should start working in the problem ASAP!!!!
-
I recommend that you phone contact your regional D-Link support office and ask for help and information regarding this. We find that phone contact has better immediate results over using email.
Let us know how it goes please.
Enjoy. ;)
Enjoy? Are you serious??
There is a major problem with your router, it's not possible to connect to it using Firefox or Chrome because both of them detect a serious security flaw in the router's HTTPS configuration!
And you think that the problem is solved by using an outdated browser to connect to the router???
Your engineers should start working in the problem ASAP!!!!
-
Enjoy. ;)
Enjoy? Are you serious??
There is a major problem with your router, it's not possible to connect to it using Firefox or Chrome because both of them detect a serious security flaw in the router's HTTPS configuration!
And you think that the problem is solved by using an outdated browser to connect to the router???
Your engineers should start working in the problem ASAP!!!!
I just purchased the A2 version of this device today. I ran into this issue using Safari 9.0.2 on my MacBook Yosemite (10.10.5). I used the workaround in that someone suggested for firefox to login to the device and I upgraded the firmware to version 2.11_WW. After the upgrade the issue was resolved and I can login with Safari as normal without mucking with the security settings of my browser.
-
Thanks for sharing your experience and information. Hope it helps future users.
Enjoy. ;)
-
According to http://support.dlink.com/ProductInfo.aspx?m=DSR-250N
2.01 is the latest firmware for the DSR-250N.
-
What Rev model do you have? A1 A2 or B1?
According to http://support.dlink.com/ProductInfo.aspx?m=DSR-250N
2.01 is the latest firmware for the DSR-250N.
-
I have A2 but it's not important right now. I was talking about the official D-Link website.
The problem is that you can only select A as your hardware revision and the latest firmware you can download is 2.01 for the DSR-250N.
What Rev model do you have? A1 A2 or B1?
According to http://support.dlink.com/ProductInfo.aspx?m=DSR-250N
2.01 is the latest firmware for the DSR-250N.
-
You are incorrect in your assumption that Rev isn't important.
If you had reviewed this, you would have found that A2 can use v2.11WW and should resolve your issue. ::)
http://forums.dlink.com/index.php?topic=56915.0 (http://forums.dlink.com/index.php?topic=56915.0)
-
You can't download 2.11 from here: http://support.dlink.com/ProductInfo.aspx?m=DSR-250N
-
Can you download it from the forum link I posted? ::)
-
I'm reporting an issue with the official D-Link website and you're ignoring it.
-
Did you download v2.11 from the link that was posted in this forum? ???
A posted reported that v2.11 resolved this. ::)
I'm reporting an issue with the official D-Link website and you're ignoring it.
-
Yes I did download it and yes it does fix the weak encryption problem. Would you focus on the other problem I'm reporting here?
I told you like 5 times that the fix cannot be downloaded from the official website.
So all the people who don't read this forum will not realize that there is a new version for this router and won't benefit from all of its new advantages.
Including the fix for the weak encryption problem.
What's the point of having the download links hidden in a forum instead of them being on the official website?
-
We do not handle any web site changes. That is done with D-Link web masters. You can contact them to let them know. I'll pass this along as well.
Depending on how users gain information, I presume D-Link support lets DSR users know that they can get the files they need directly from D-Link Taiwan which is there main hub. As we haven't had any problems with users getting the files they need.
Glad the FW corrected the issue for you and this is now closed.
Thank you for your feed back.
Enjoy. ;)
-
I have Hardware A1 and still have this problem. Is there a working firmware update for A1 you can link for me?
-
See if this will load on a Rev A1:
http://forums.dlink.com/index.php?topic=56915.0 (http://forums.dlink.com/index.php?topic=56915.0)
If not, then I recommend that you phone contact your regional D-Link support office and ask for help and information regarding this. We find that phone contact has better immediate results over using email.
Let us know how it goes please.
I have Hardware A1 and still have this problem. Is there a working firmware update for A1 you can link for me?
-
hello ,
did you solve your problem ? :o
because i have the same !!!
do you know how to fix it ?
thank you in advance :D
-
Hello ,
I have a problem , since 2 months i have the message : SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message. (Error code: ssl_error_weak_server_ephemeral_dh_key) when i try to connect on my router DSR-250N via my browser (FIREFOX,CHROME ...and even with IE11, it doesn't work).
my have a révision firmware : A1 and my last firmware is DSR-250N_A1_FW_v1.09B32_WW , i think no other firmware for this revision is available !
what i have done :
- restore the default factory and apply the last firmware again : it doesn't work (the same message appear when i try to connect my web interface)
- all my browser are updated (firefox , ie11, chrome )
- i contacted d-link and they told me that there was a patch for that , and they gave me a link to download a "NEW" firmware(i don't know where it comes from because it wasn't available on their web site )...so, ok , i download it , and i applied it , but it doesn't work ....i had to restore the factory setting because 'patch' fail.
my conclusion: i don't know what i must do now , it is very embarassing for my job !
i think , the problem doesn't come from my web browsers because it are patched but may be the concern come from the router dsr-250n because may be it doesn't support TLS ???
thank in advance if you help me !!!
a customer ::)
-
I would contact D-Link support again on the phone and ask them for help and information regarding this.
I would use IE11 or FF to do any FW updates and manage the router.
You can follow this for doing any FW updates:
Link> >FW Update Process (http://forums.dlink.com/index.php?topic=42457.0)
-
ok thank you for the advice ! ;D
1 - i am going to contact d-link
2 - i am going to follow your advice updating the firmware.
:D
-
Let us know how it goes...
-
hello ; d-link told me that the problem surely come from my browsers which update each other
but i am not content with these explanations because it does'nt work. my web brother are updated
and i think the problem come from the web server of the router dsr-250n which doesn't accept TLS.
if not , why 2- or 3 month ago it was working ? the only thing there was , was microsoft update.
conclusion : my browser are updated and work but my router is not updated !!!
i am very embarassing but i will manage ..maybe an update of my router....
-
You might have D-Link support maybe remote in to your PCs desktop, if they will, so they can see what is doing on.
-
http://forums.dlink.com/index.php?topic=56915.0 (http://forums.dlink.com/index.php?topic=56915.0)
-
Any progress on this? ???
hello ; d-link told me that the problem surely come from my browsers which update each other
but i am not content with these explanations because it does'nt work. my web brother are updated
and i think the problem come from the web server of the router dsr-250n which doesn't accept TLS.
if not , why 2- or 3 month ago it was working ? the only thing there was , was microsoft update.
conclusion : my browser are updated and work but my router is not updated !!!
i am very embarassing but i will manage ..maybe an update of my router....