ER605 V2 2.2.2 Firmware Unable to Access the Admin Web Due to Force to HTTPS

ER605 V2 2.2.2 Firmware Unable to Access the Admin Web Due to Force to HTTPS

ER605 V2 2.2.2 Firmware Unable to Access the Admin Web Due to Force to HTTPS
ER605 V2 2.2.2 Firmware Unable to Access the Admin Web Due to Force to HTTPS
2023-11-17 07:09:57 - last edited 2024-01-02 01:39:47

This Article Applies to:

 

ER605 V2 2.2.2 Build 20231017

 

Note that this new change may affect all Omada routers since the last major firmware release in Dec 2023. Please make sure you read the release note before your upgrade. We will not send any forms of notifications to you about this issue.

 

Issue Description/Phenomenon:

 

We received feedback after the upgrade of ER605 V2 2.2.2 Build 20231017, some users would not be able to access their admin page due to the force redirection to HTTPS. Due to the security fix on this version, the router will force to connect you to HTTPS.  If you disabled the HTTPS before, you cannot access the page properly.

 

Available Workarounds/Solutions:

 

Our dev team has noticed this issue and will fix this issue in the future firmware update.

 

Scenario 1: Have NOT upgraded to the V2.2.2 Build 20231017.

 

Before your upgrade to the ER605 V2 2.2.2 Build 20231017, please enable the HTTPS server status on your admin page.

Go to System Tools > Admin Setup > System Settings > HTTPS Server Status = Enable.

 

 

Scenario 2: Upgraded to V2.2.2 Build 20231017 and unable to access the admin page.

 

For anyone who has upgraded to this version and encountered this issue, please try to access your router by its IP_addres:80, if this still redirects you to the HTTPS, unfortunately, you have to reset the router.

 

There are two options for you. Use this version or skip it and use the V2.1.5 beta after you reset the router.

Option 1. Downgrade to the previous firmware import the backup and enable HTTPS (steps in Scenario 1). This will retain the settings. Then upgrade to the V2.2.2 or to V2.1.5 beta.

Option 2. Start over by resetting the router. And the router will stay on V2.2.2.

We are sorry for this inconvenience caused by the security fix on this firmware. We will fix this issue in the future firmware update.

 

Thank you for your attention!

 

Update Log:

 

Jan 2nd, 2024:

Change the contents where this might affect all the models.

 

Feedback:

 

If this was helpful, welcome to give us Kudos by clicking the thumbs-up button below.

 

If the solution doesn't work for you, your case is probably different from what is described here.

In that case, please feel free to click Start a New Thread and elaborate on the problem so that we can try to help you further.

 

Thank you for your great cooperation and patience!

TP-Link Support Team

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
  0      
  0      
#1
Options
8 Reply
Re:ER605 V2 2.2.2 Firmware Unable to Access the Admin Web Due to Force to HTTPS
2023-11-17 15:00:19 - last edited 2023-11-17 15:34:07

  @Clive_A this is a shameful and gross oversight on TP-LINKs part; why would not put this information in big RED BOLD writing in the release notes so that users know (I see this has been added now, after the fact), and instead assume that HTTPS is turned on?

 

For anyone who has upgraded to this version and encountered this issue, please try to access your router by its IP_addres:80, if this still redirects you to the HTTPS, unfortunately, you have to reset the router and import your backup.

 

First off the suggested method above doesn't work, why suggest a fix that you don't even know it works? It still reroutes to https - have you even tested this method before suggesting it? I guess not.

 

Secondly, how does resetting this router, then importing my backup config which I took before upgrading, in which I HTTPS turned off help mehere?

>It would just put me back where I am now, without being able to log in after importing the config, not to mention the down time of resetting this thing.

>My only option is to factory reset ** DOES THIS EVEN ENABLE HTTPS BY DEFAULT? - PLEASE RESPOND AND IF YOU DON'T KNOW TEST IN HOUSE FIRST**, downgrade the firmware to previous version **IS THIS EVEN DOABLE??? - PLEASE RESPOND AND IF YOU DON'T KNOW TEST IN HOUSE FIRST**, then reload my backed up configuration

 

I have scoured the manual that doesn't even say how to factory reset this thing, method using reset button.

 

Lastly, you have a USB port on here, this should be leveraged for use in cases like this, putting on a fixed firmware or something. This is ridiculous.

 

I'm super frustrated with this amateur mistake on TP-LINKs part. Interesting that this "fix" post was made after the fact, that you guys didn't even know this problem existed.

 

 

  0  
  0  
#2
Options
Re:ER605 V2 2.2.2 Firmware Unable to Access the Admin Web Due to Force to HTTPS
2023-11-20 01:37:09

Hi @words 

Thanks for posting in our business forum.

2.2.2 was originally not intended to be pushed via the cloud. So, due to some reasons, we don't want as many people to download this firmware and install it. This version aims to fix the security and other aspects to enhance the security.

I am not able to tell you the reasons behind this change was not in the original firmware release internally. 2.1.5 beta or later version should change this back.

At the time when people asked why there is a 2.2.2 and a beta 2.1.5, I explained in that thread that 2.2.2 will be a special one for some security reasons. (This security issue would not hurt anyone. HTTPS is forced does not mean it is vulnerable.) 2.1.5 is on the right track of the firmware updates.

 

Indeed, this might be confusing. But it is the team's decision. Please follow the 2.1.5 beta and its later stable release. Or downgrade previous firmware and import your backup. (Reset > Downgrade > Import backup > Turn on HTTPS > Upgrade to 2.2.2, or skip the upgrade to 2.2.2 and use beta 2.1.5.)

 

Skip this version and downgrade to the official release. Or use the 2.1.5 beta.

You need to turn on the HTTPS on the previous backup which I mean to say in Scenario 1. It would be downgrading first and then enabling HTTPS. I think the dev never thought this HTTPS would be disabled.. By default, it is enabled.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
  0  
  0  
#3
Options
Re:ER605 V2 2.2.2 Firmware Unable to Access the Admin Web Due to Force to HTTPS
2023-11-20 14:36:12

  @Clive_A your post it definitly confusing, it would be helpful to have table highlighting the features that the beta 2.1.5 and the release 2.2.2 have so one can understand what is different and why would use one versus ther other. What is "some security issue"? Perhaps this should be in that table.

 

-I didn't see anywhere a response to my question; does a factory reset also turn on HTTPS by default? Otherwise there is not much poing in doing a reset as I still won't have access. How does one do a factory reset with the button, I can't find this in the installation manual or any other documents for this product.

 

-Firmware 2.2.2 should be pulled, and instead the TPlink team should release 2.2.3 firmware which FORCES https to ON during the upgrade; that would be the right thing to do here

 

-I didn't upgrade via the cloud, I run the 605 standalone and subscribe to the forums to see when there is an update, this is why I upgraded.

 

I'll be switching back to 2.1.2 and staying there.

  0  
  0  
#4
Options
Re:ER605 V2 2.2.2 Firmware Unable to Access the Admin Web Due to Force to HTTPS
2023-11-21 01:29:45

Hi @words 

Thanks for posting in our business forum.

words wrote

  @Clive_A your post it definitly confusing, it would be helpful to have table highlighting the features that the beta 2.1.5 and the release 2.2.2 have so one can understand what is different and why would use one versus ther other. What is "some security issue"? Perhaps this should be in that table.

 

-I didn't see anywhere a response to my question; does a factory reset also turn on HTTPS by default? Otherwise there is not much poing in doing a reset as I still won't have access. How does one do a factory reset with the button, I can't find this in the installation manual or any other documents for this product.

 

-Firmware 2.2.2 should be pulled, and instead the TPlink team should release 2.2.3 firmware which FORCES https to ON during the upgrade; that would be the right thing to do here

 

-I didn't upgrade via the cloud, I run the 605 standalone and subscribe to the forums to see when there is an update, this is why I upgraded.

 

I'll be switching back to 2.1.2 and staying there.

I am not the decision maker on the release note. The dev does. I am also an employee who needs to follow the confidentiality in the company. Even if I know it, I cannot tell you but conclude that it is "security fixes" and "no harm to your network security".

You want a 100% crystal clear in every change the dev made. I am not able to get that information and even if I have, I also need to check if I am authorized to tell you that. The dev would not include every detail or change in the release note if you look through the notes since ER605 V1. I have feedback on this matter so hope the dev will write notes better.

 

If you are on 2.2.2 firmware, the HTTPS is on no matter what. It was confirmed by the dev that this 2.2.2 aims to add up the security. And said would stop forcing HTTPS in the future firmware.

The manual indeed does not write how to reset on hardware version 2. That's gonna be another feedback to the team responsible for the manual writing.

The reset is universal to basically every device that has a hardware reset button. For ours, press and hold the reset button (for 5 seconds or so), the LED will flash and all LED will disappear and come back on. Wait for the device to reboot and reset to the factory default.

 

The dev does not intend to pull this firmware. I don't know if I have said this on other threads that this is a specially-made firmware for certain purposes. I was not informed to delete the thread either.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
  0  
  0  
#5
Options
Re:ER605 V2 2.2.2 Firmware Unable to Access the Admin Web Due to Force to HTTPS
2023-11-25 03:42:31 - last edited 2023-11-25 03:44:17

  @Clive_A 

 

I posted an issue where I was not having success in login in to the management interface of a remote ER605 connected via site-to-site L2TP  VPN.  After entering my credentials, it does not make a connection and finally times out.  And in the remote Log, I see an entry with 169.254.*.* IP Address! By using this catch-all subnet, probably part of implementing more "security" measures in the ER605??? This forced to HTTPS issue is probably my issue.  BUT Clive_A did not mention this issue to me from the thread that I started. This thread is found here: https://community.tp-link.com/en/business/forum/topic/642972?replyId=1282666

 

 

  0  
  0  
#6
Options
Re:ER605 V2 2.2.2 Firmware Unable to Access the Admin Web Due to Force to HTTPS
2023-12-16 07:55:28

  @Clive_A 

what are the steps to downgrade firmware?

 

If I just reset the router will it work?

  0  
  0  
#7
Options
Re:ER605 V2 2.2.2 Firmware Unable to Access the Admin Web Due to Force to HTTPS
2023-12-18 01:36:05

Hi @dhyaneshwar94 

Thanks for posting in our business forum.

dhyaneshwar94 wrote

  @Clive_A 

what are the steps to downgrade firmware?

 

If I just reset the router will it work?

 

 

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
  0  
  0  
#8
Options
Re:ER605 V2 2.2.2 Firmware Unable to Access the Admin Web Due to Force to HTTPS
2023-12-31 15:10:37
THESE DO NOT WORK! Firmware 2.2.3
  0  
  0  
#11
Options