Gateway login page accessibile with browser from wan on port 80 and 443
Hello,
Apparently with this gateway managed by the omada sdn, it is possible to access the gateway login page from the wan port on both http and https. I could not find a valid setting to disable this behavior. Moreover, the controller local ip address is shown on the login page. Can anyone else confirm this is a bug / security problem? is there an available fix besides putting the gateway behing another gateway / firewall?
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Noticed exact the same behaviour in my new config: ER605, SG2008p, EAP245 managed by local Omada controller. How can we deny access from wan?! There aren't any forwarded ports yet - it's still in default configuration!
- Copy Link
- Report Inappropriate Content
Have you tried from WAN or is it from LAN you are trying. if you are on LAN you will be able to access your WAN ip, but I do not think you will see it from WAN
- Copy Link
- Report Inappropriate Content
OK, now I configured NAT for ports 80 and 443 and it's working like expected. Router or even Omada SDN aren't accessible.
But the default config seems to be vulnerable!
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
@Wipa dyndns i not a proxy server, dyndns is a dns service. if you are on your LAN and try your dyndns name you are on LAN... try from your phone with wifi disabled.
- Copy Link
- Report Inappropriate Content
@shberge Thank you for the explanation. And you're right! So in my case it was my fault.
- Copy Link
- Report Inappropriate Content
Information
Helpful: 1
Views: 1350
Replies: 6