Router Remotely Manageable Even With Remote Management Disabled
This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Hello,
I want to report a security/management issue regarding my TP-Link router, model XX230V (BR).
Even with Remote Management disabled in the Administration settings, the router still appears to be remotely manageable.
My ISP operates under CGNAT, so I cannot access the router using my public IP address. However, I performed a test and confirmed that I can access the router’s management interface using the IP address assigned by my ISP.
This behavior suggests that the router is still listening for management connections on the WAN side despite remote management being explicitly disabled in the configuration.
Key points:
-
Remote Management is disabled in the router settings
-
ISP uses CGNAT (no direct public IP access)
-
Router management interface is accessible via the PPPoE-assigned IP
I would like to understand:
-
Whether this behavior is expected by design
-
How to fully disable any form of WAN-side management access
Please advise on how to properly secure the router and prevent any external management access.
Thank you.
Pictures of my config below:
@Kevin_Z My bad. You are right. Even though I was accessing the web management page from the PPPoE IP assigned by my ISP, I was actually still on the same network.
To get to the bottom of this, I set up an additional router to simulate an ISP and connected both my XX230V and a third router to this “fake ISP” via their WAN ports. Once everything was in place, I tried accessing the XX230V from the other router and got nothing, exactly as it should be.
I was only able to access my primary router after enabling remote management.
At least I learned something new today 😄
Thanks for the help! Have a great day.
Good job.
I appreciate your efforts to figure this out and update me with the details.
Thank you very much.