Home

Forums

Stories

Knowledge Base

Business Community > Routers > Why is port 1723 (PPTP) open in ER8411?

< Routers

Why is port 1723 (PPTP) open in ER8411?

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Why is port 1723 (PPTP) open in ER8411?

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Why is port 1723 (PPTP) open in ER8411?

2023-12-20 11:45:08 - last edited 2023-12-28 04:23:33

Posts: 12

Helpful: 6

Solutions: 1

Stories: 0

Registered: 2022-10-14

Why is port 1723 (PPTP) open in ER8411?

2023-12-20 11:45:08 - last edited 2023-12-28 04:23:33

Model: ER8411

Hardware Version: V1

Firmware Version: 1.1.0

Hi,

Today I just randomly ran nmap scan on my ER8411 and found out port 1723 (PPTP) is open. Why this port is open when I'm not using PPTP VPN? Also, same question for port 8080.

1

1

#1

1 Accepted Solution

LV1

2023-12-28 04:23:25 - last edited 2023-12-28 04:23:33

Posts: 12

Helpful: 6

Solutions: 1

Stories: 0

Registered: 2022-10-14

Re:Why is port 1723 (PPTP) open in ER8411?-Solution

2023-12-28 04:23:25 - last edited 2023-12-28 04:23:33

I have just updated ER8411 with firmware version 1.2.0, and now the nmap scan doesn't show that port 1723 is open.

➜ ~ nmap -v -Pn 172.16.10.1

Host discovery disabled (-Pn). All addresses will be marked 'up' and scan times may be slower.

Starting Nmap 7.94 ( https://nmap. org ) at 2023-12-28 09:48 IST

Initiating Parallel DNS resolution of 1 host. at 09:48

Completed Parallel DNS resolution of 1 host. at 09:48, 4.04s elapsed

Initiating Connect Scan at 09:48

Scanning _gateway (172.16.10.1) [1000 ports]

Discovered open port 80/tcp on 172.16.10.1

Discovered open port 53/tcp on 172.16.10.1

Discovered open port 443/tcp on 172.16.10.1

Completed Connect Scan at 09:48, 1.73s elapsed (1000 total ports)

Nmap scan report for _gateway (172.16.10.1)

Host is up (0.0061s latency).

Not shown: 997 closed tcp ports (conn-refused)

PORT STATE SERVICE

53/tcp open domain

80/tcp open http

443/tcp open https

Read data files from: /usr/local/bin/../share/nmap

Nmap done: 1 IP address (1 host up) scanned in 5.79 seconds

Recommended Solution

0

0

#12

11 Reply

2023-12-21 07:26:33

Posts: 5628

Helpful: 2696

Solutions: 1268

Stories: 0

Registered: 2023-06-09

Re:Why is port 1723 (PPTP) open in ER8411?

2023-12-21 07:26:33

Thanks for posting in our business forum.

Don't see these two ports open on ER8411 1.1.1 firmware.

telnet ip port and can you use these ports?

Can you make sure it is not a false alarm?

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update! ☛Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.

0

0

#2

LV1

2023-12-21 09:39:37

Posts: 12

Helpful: 6

Solutions: 1

Stories: 0

Registered: 2022-10-14

Re:Why is port 1723 (PPTP) open in ER8411?

2023-12-21 09:39:37

> telnet ip port and can you use these ports?

telnet shows connected on port 1723

> Can you make sure it is not a false alarm?

Running the nmap on public IP from the local network, port 1723 was still shown as open. Only port 8080 is closed now. All other ports remain open.

➜ ~ nmap -v -Pn 122.**.**.21
Host discovery disabled (-Pn). All addresses will be marked 'up' and scan times may be slower.
Starting Nmap 7.94 ( https://nmap. org ) at 2023-12-21 09:36 IST
Initiating Parallel DNS resolution of 1 host. at 09:36
Completed Parallel DNS resolution of 1 host. at 09:36, 0.02s elapsed
Initiating Connect Scan at 09:36
Scanning 122.**.**.21 [1000 ports]
Discovered open port 53/tcp on 122.**.**.21
Discovered open port 443/tcp on 122.**.**.21
Discovered open port 80/tcp on 122.**.**.21
Discovered open port 1723/tcp on 122.**.**.21
Completed Connect Scan at 09:36, 0.12s elapsed (1000 total ports)
Nmap scan report for 122.**.**.21
Host is up (0.00044s latency).
Not shown: 996 closed tcp ports (conn-refused)
PORT STATE SERVICE
53/tcp open domain
80/tcp open http
443/tcp open https
1723/tcp open pptp

Read data files from: /usr/local/bin/../share/nmap
Nmap done: 1 IP address (1 host up) scanned in 0.17 seconds

Also, I have added a Gateway ACL to block all open ports, but it's not working as expected. The Gateway ACL looks like this:

DIRECTION - WAN IN
POLICY - DENY
PROTOCOLS - ALL
SOURCE - IP Group:IPGroup\_Any
DESTINATION - IP-Port Group:Gateway Open Port

In the destination IP-Port Group (Gateway Open Port), I included the router local IP and all open ports, but the block is not being applied.

I also tried Gateway ACL with only open ports (without router local IP) still scan results are the same.

However, a similar Switch ACL blocks these open ports on the local network. The Switch ACL looks like this:

POLICY - DENY
PROTOCOLS - ALL
SOURCE - IP Group:IPGroup\_Any
DESTINATION - IP-Port Group:Gateway Open Port

here is the scan result when the above Switch ACL is enabled

➜ ~ nmap -v -Pn 172.16.10.1
Host discovery disabled (-Pn). All addresses will be marked 'up' and scan times may be slower.
Starting Nmap 7.94 ( https://nmap. org ) at 2023-12-21 10:03 IST
Initiating Parallel DNS resolution of 1 host. at 10:03
Completed Parallel DNS resolution of 1 host. at 10:03, 4.02s elapsed
Initiating Connect Scan at 10:03
Scanning _gateway (172.16.10.1) [1000 ports]
Completed Connect Scan at 10:03, 1.32s elapsed (1000 total ports)
Nmap scan report for _gateway (172.16.10.1)
Host is up (0.00045s latency).
Not shown: 995 closed tcp ports (conn-refused)
PORT STATE SERVICE
53/tcp filtered domain
80/tcp filtered http
443/tcp filtered https
1723/tcp filtered pptp
8080/tcp filtered http-proxy

Read data files from: /usr/local/bin/../share/nmap
Nmap done: 1 IP address (1 host up) scanned in 5.38 seconds

0

0

#3

2023-12-22 02:59:54

Posts: 5628

Helpful: 2696

Solutions: 1268

Stories: 0

Registered: 2023-06-09

Re:Why is port 1723 (PPTP) open in ER8411?

2023-12-22 02:59:54

Thanks for posting in our business forum.

di-vin wrote
Hi @Clive_A

> telnet ip port and can you use these ports?

telnet shows connected on port 1723

> Can you make sure it is not a false alarm?

Running the nmap on public IP from the local network, port 1723 was still shown as open. Only port 8080 is closed now. All other ports remain open.

➜ ~ nmap -v -Pn 122.**.**.21
Host discovery disabled (-Pn). All addresses will be marked 'up' and scan times may be slower.
Starting Nmap 7.94 ( https://nmap. org ) at 2023-12-21 09:36 IST
Initiating Parallel DNS resolution of 1 host. at 09:36
Completed Parallel DNS resolution of 1 host. at 09:36, 0.02s elapsed
Initiating Connect Scan at 09:36
Scanning 122.**.**.21 [1000 ports]
Discovered open port 53/tcp on 122.**.**.21
Discovered open port 443/tcp on 122.**.**.21
Discovered open port 80/tcp on 122.**.**.21
Discovered open port 1723/tcp on 122.**.**.21
Completed Connect Scan at 09:36, 0.12s elapsed (1000 total ports)
Nmap scan report for 122.**.**.21
Host is up (0.00044s latency).
Not shown: 996 closed tcp ports (conn-refused)
PORT STATE SERVICE
53/tcp open domain
80/tcp open http
443/tcp open https
1723/tcp open pptp

Read data files from: /usr/local/bin/../share/nmap
Nmap done: 1 IP address (1 host up) scanned in 0.17 seconds
 
Also, I have added a Gateway ACL to block all open ports, but it's not working as expected. The Gateway ACL looks like this:

DIRECTION - WAN IN
POLICY - DENY
PROTOCOLS - ALL
SOURCE - IP Group:IPGroup\_Any
DESTINATION - IP-Port Group:Gateway Open Port

In the destination IP-Port Group (Gateway Open Port), I included the router local IP and all open ports, but the block is not being applied.

I also tried Gateway ACL with only open ports (without router local IP) still scan results are the same.

However, a similar Switch ACL blocks these open ports on the local network. The Switch ACL looks like this:

POLICY - DENY
PROTOCOLS - ALL
SOURCE - IP Group:IPGroup\_Any
DESTINATION - IP-Port Group:Gateway Open Port

here is the scan result when the above Switch ACL is enabled

➜ ~ nmap -v -Pn 172.16.10.1
Host discovery disabled (-Pn). All addresses will be marked 'up' and scan times may be slower.
Starting Nmap 7.94 ( https://nmap. org ) at 2023-12-21 10:03 IST
Initiating Parallel DNS resolution of 1 host. at 10:03
Completed Parallel DNS resolution of 1 host. at 10:03, 4.02s elapsed
Initiating Connect Scan at 10:03
Scanning _gateway (172.16.10.1) [1000 ports]
Completed Connect Scan at 10:03, 1.32s elapsed (1000 total ports)
Nmap scan report for _gateway (172.16.10.1)
Host is up (0.00045s latency).
Not shown: 995 closed tcp ports (conn-refused)
PORT STATE SERVICE
53/tcp filtered domain
80/tcp filtered http
443/tcp filtered https
1723/tcp filtered pptp
8080/tcp filtered http-proxy

Read data files from: /usr/local/bin/../share/nmap
Nmap done: 1 IP address (1 host up) scanned in 5.38 seconds

Do you have a NAT device inside the LAN? Draw the diagram for me.

We did a field test on an ER8411 in our lab and the PPTP port is not open. Factory default settings. Run by the same scan on nmap.

You might wanna try a reset? I will get the dev involved in this. I am inclined to believe that it is your config.

ACL is not properly set. I will not discuss this part and the stuff after. SW ACL would work indeed for LAN. But this is not the primary issue. I will only focus on why it is open.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update! ☛Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.

0

0

#4

2023-12-22 07:13:50 - last edited 2023-12-22 07:14:49

Posts: 5628

Helpful: 2696

Solutions: 1268

Stories: 0

Registered: 2023-06-09

Re:Why is port 1723 (PPTP) open in ER8411?

2023-12-22 07:13:50 - last edited 2023-12-22 07:14:49

ER8411 V1 1.1.1 beta. Pinned beta firmware on the forum.

I did it again. PPTP is not open.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update! ☛Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.

0

0

#5

LV1

2023-12-22 09:37:28

Posts: 12

Helpful: 6

Solutions: 1

Stories: 0

Registered: 2022-10-14

Re:Why is port 1723 (PPTP) open in ER8411?

2023-12-22 09:37:28

I want to clarify that I am not using any NAT device in my network. Also, I am using the router in controller mode, not in standalone mode. In my understanding, resetting the router would not make any sense as it will be adopted by the same controller and the same configuration will be applied again after resetting. Can you please confirm if my understanding is correct or not?

Also, my ISP is blocking all well-known ports, the PPTP port is blocked by my ISP. I can also confirm this because today I ran the same scan on my public IP from a remote network. So, for now, I can live in peace. However, I'll check it again once v1.1.1 is publicly available.

0

0

#6

LV5

2023-12-22 12:10:19 - last edited 2023-12-22 12:11:58

Posts: 2127

Helpful: 770

Solutions: 271

Stories: 0

Registered: 2018-08-17

Re:Why is port 1723 (PPTP) open in ER8411?

2023-12-22 12:10:19 - last edited 2023-12-22 12:11:58

You have somthing here, I do a scan from LAN and WAN and the result is the same on pptp port.
ER8411 have pptp port closed but not ER707-M2 and ER706W

I have a newer firmware on my ER8411, have you tried this one? https://community.tp-link.com/en/business/forum/topic/636166

ER8411 1.1.1 Build 20231120 Rel.51697
PORT STATE SERVICE
22/tcp open ssh
53/tcp open domain
80/tcp open http
443/tcp open https

ER707-M2 1.1.1 Build 20230927 Rel.35167
PORT STATE SERVICE
22/tcp open ssh
53/tcp open domain
80/tcp open http
443/tcp open https
1723/tcp open pptp
2601/tcp open zebra

ER706W 1.0.2 Build 20231020 Rel.57490(4555)
PORT STATE SERVICE
53/tcp open domain
80/tcp open http
443/tcp open https
1723/tcp open pptp
2601/tcp open zebra

0

0

#7

LV1

2023-12-22 12:21:30

Posts: 12

Helpful: 6

Solutions: 1

Stories: 0

Registered: 2022-10-14

Re:Why is port 1723 (PPTP) open in ER8411?

2023-12-22 12:21:30

Hi @MR.S @Clive_A

The only difference is, that my ER8411 running firmware version 1.1.0. As I mentioned earlier I can not install beta firmware. I'll wait till public release. BTW, @Clive_A do you guys have any ETA on the v1.1.1 public release?

@MR.S why is it showing the PPTP port open on ER707-M2 and ER706W? Are you using this service or it is open by default?

0

0

#8

LV5

2023-12-22 12:41:58

Posts: 2127

Helpful: 770

Solutions: 271

Stories: 0

Registered: 2018-08-17

Re:Why is port 1723 (PPTP) open in ER8411?

2023-12-22 12:41:58

PPTP is old and outdated and insecure so I don't use it so this is not something I have opened.

but since it is clearly fixed on the ER8411, I hope it will also be fixed on the other router models with next update..

0

0

#9

LV1

2023-12-23 01:09:42

Posts: 12

Helpful: 20

Solutions: 0

Stories: 0

Registered: 2023-04-10

Re:Why is port 1723 (PPTP) open in ER8411?

2023-12-23 01:09:42

I have to add :

0

0

#10

2023-12-25 09:14:12

Posts: 5628

Helpful: 2696

Solutions: 1268

Stories: 0

Registered: 2023-06-09

Re:Why is port 1723 (PPTP) open in ER8411?

2023-12-25 09:14:12

Thanks for posting in our business forum.

Gogan wrote

@di-vin

@Clive_A

I have to add :

ER7206 v1.0

1.4.0

Is this all the information you can get me? It's not helpful at all. You should draw a diagram to let me know what services you have. Do you have anything that might trigger the PPTP? It can range from a program on a PC or a service in your LAN.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update! ☛Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.

0

0

#11