Business Community > Gateways > Security issue? Management Always Accesible through WAN
< Gateways

Security issue? Management Always Accesible through WAN

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Security issue? Management Always Accesible through WAN

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Security issue? Management Always Accesible through WAN
Security issue? Management Always Accesible through WAN
2022-02-28 15:59:59 - last edited 2022-02-28 16:01:15
Model: ER605 (TL-R605)  
Hardware Version: V1
Firmware Version: 1.1.1 Build 20210723 Rel.64608

Hi,

 

I noticed that even though I have not enabled "Remote Management" on the router (running Standalone mode), the management page which should only be accessed through LAN (Port 80 and 443)  as well as SSH (Port 22) is being exposed through WAN. WAN is connected to the ISP through PPPoE.

 

This looks like a security issue to me. I've tried creating a "Block All" from WAN IN rule in the ACL but it doesn't solve the issue (they are still accessible).

 

Any ideas?

 

Thanks,

Marcos.

  0      
 
  0      
 
#1
Options
3 Reply
Re:Security issue? Management Always Accesible through WAN
2022-03-01 08:39:40

  @mamarcos Hi I had a test with our router in lab but can't find the same issue. Firmware Build 20220114

 

You may check:

1. If your router WAN has a public IP?

2. Is there any VPN server setup? 

3. Upgrade the firmware and test again. 

Best Regards! >> Omada EAP Firmware Trial Available Here << >> Get the Latest Omada SDN Controller Releases Here << *Try filtering posts on each forum by Label of [Early Access]*
  0  
  0  
#2
Options
Re:Security issue? Management Always Accesible through WAN
2022-03-01 11:58:26 - last edited 2022-03-01 11:59:44

Thank you for your reply! @Hank21 

 

  1.  Yes, it has a public IP from the ISP's DHCP
  2.  There is no VPN
  3.  I've upgraded to 1.2.0 Build 20220114 Rel.76871 and the problem persists.

 

This is a brand new device that had no other configurations on it. When going to Admin Setup > Management > Remote Management the table is empty. Shouldn't administration over WAN be disabled that way? Thanks

  0  
  0  
#3
Options
Re:Security issue? Management Always Accesible through WAN
2022-03-02 05:14:10

  @mamarcos 

mamarcos wrote

Thank you for your reply! @Hank21 

 

  1.  Yes, it has a public IP from the ISP's DHCP
  2.  There is no VPN
  3.  I've upgraded to 1.2.0 Build 20220114 Rel.76871 and the problem persists.

 

This is a brand new device that had no other configurations on it. When going to Admin Setup > Management > Remote Management the table is empty. Shouldn't administration over WAN be disabled that way? Thanks

Correct, the administration over WAN should be disabled that way. 

 

The last thing is Port Forwarding. Please check if it is empty on Transmission-->NAT-->Virtual Servers

 

Please also provide more details about how you test the "WAN login", so I can try reproduce it on my end.

 

Best Regards! >> Omada EAP Firmware Trial Available Here << >> Get the Latest Omada SDN Controller Releases Here << *Try filtering posts on each forum by Label of [Early Access]*
  0  
  0  
#4
Options

Information

Helpful: 0

Views: 609

Replies: 3

About Us
Press
Copyright © TP-Link Systems Inc. All rights reserved.