Port 80 open externally with config page on TL-R605

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Port 80 open externally with config page on TL-R605

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Port 80 open externally with config page on TL-R605
Port 80 open externally with config page on TL-R605
2021-01-17 16:58:41 - last edited 2021-04-27 01:39:12
Model: ER605 (TL-R605)  
Hardware Version: V1
Firmware Version: 1.0.0 Build 20200930 Rel.36519

The TL-R605, which is being managed by my Omada software controller, is serving up a config page on port 80. Not only is this a huge security flaw, but it's likely interfering with authentication for LetsEncrypt. I see no setting to turn off the external accessibility of the config page in the Omada controller.

  0      
  0      
#1
Options
1 Accepted Solution
Re:Port 80 open externally with config page on TL-R605-Solution
2021-04-26 11:06:50 - last edited 2021-04-27 01:39:12

@aloychan 

 

I am unable to recreate this

 

Hitting both DDNS and IP (with and without :80) from an foreign network does not resolve for me.  It appears to be blocked


 

 

Shields up test reports the port as CLOSED, ideally it shouldn't respond at all (stealth) but closed is good

 

 

Granted when I hit the external address from internal, NAT resolves this and does prompt the "managed page" but that is to be expected from internal

 

 

 

@aloychan   -  Are you definitely using an external / foreign connection for the DDNS connection?   The fact that you are seeing the 192.168.0.211 address listed makes me think you are connected to the TL-R605 and trying to go OUT then back IN.   NAT wont allow you to do this and will just forward you to the LAN interface. 

Recommended Solution
  4  
  4  
#5
Options
6 Reply
Re:Port 80 open externally with config page on TL-R605
2021-01-19 07:20:28

Dear @BFH,

 

The TL-R605, which is being managed by my Omada software controller, is serving up a config page on port 80. Not only is this a huge security flaw, but it's likely interfering with authentication for LetsEncrypt. I see no setting to turn off the external accessibility of the config page in the Omada controller.

 

Where do you find it's serving up on port 80? Are you really able to access the config page of the controller from the external network?

 

The TL-R605 works as a NAT device, if the Omada software controller is connected behind NAT, I don't think it can be accessed from an external network unless you access it via cloud access (https://omada.tplinkcloud.com/).

 

Besides, Omada software controller serves the config page on port 8043 (for HTTPS connection) and port 8088 (for HTTP connection). 

https://community.tp-link.com/en/business/kb/detail/362

>> Omada EAP Firmware Trial Available Here << *Try filtering posts on each forum by Label of [Early Access]*
  0  
  0  
#2
Options
Re:Port 80 open externally with config page on TL-R605
2021-01-19 14:49:36

I completely disconnected my whole TP-Link network and hooked up an old router to get access to port 80 for LetsEncrypt validation. The WAN assigned new DHCP addresses and when I hooked things back up, the issue was gone. Now, port 80 is properly forwarded to my proxy server and only serves to upgrade to SSL.

I believe the issue was real, but since it has disappeared with the new lease, there's no way for me to know if it was just NAT loopback.

  0  
  0  
#3
Options
Re:Port 80 open externally with config page on TL-R605
2021-04-26 09:54:31

@BFH 

 

My TL-R605 is facing the exact issue as what BFH reported in this thread. When my DDNS name was used with :80, this page of the TL-R605 showed up.

Btw, I have a Omada controller managing the R506. I need to know to disable port 80 in Controller or R605.

  1  
  1  
#4
Options
Re:Port 80 open externally with config page on TL-R605-Solution
2021-04-26 11:06:50 - last edited 2021-04-27 01:39:12

@aloychan 

 

I am unable to recreate this

 

Hitting both DDNS and IP (with and without :80) from an foreign network does not resolve for me.  It appears to be blocked


 

 

Shields up test reports the port as CLOSED, ideally it shouldn't respond at all (stealth) but closed is good

 

 

Granted when I hit the external address from internal, NAT resolves this and does prompt the "managed page" but that is to be expected from internal

 

 

 

@aloychan   -  Are you definitely using an external / foreign connection for the DDNS connection?   The fact that you are seeing the 192.168.0.211 address listed makes me think you are connected to the TL-R605 and trying to go OUT then back IN.   NAT wont allow you to do this and will just forward you to the LAN interface. 

Recommended Solution
  4  
  4  
#5
Options
Re:Port 80 open externally with config page on TL-R605
2021-04-27 01:34:43

@Philbert 

 

Philbert wrote

@aloychan 

 

I am unable to recreate this

 

Hitting both DDNS and IP (with and without :80) from an foreign network does not resolve for me.  It appears to be blocked


 

 

Shields up test reports the port as CLOSED, ideally it shouldn't respond at all (stealth) but closed is good

 

 

Granted when I hit the external address from internal, NAT resolves this and does prompt the "managed page" but that is to be expected from internal

 

 

 

@aloychan   -  Are you definitely using an external / foreign connection for the DDNS connection?   The fact that you are seeing the 192.168.0.211 address listed makes me think you are connected to the TL-R605 and trying to go OUT then back IN.   NAT wont allow you to do this and will just forward you to the LAN interface. 

 

@Philbert - Yes, you are fight I am trying to go OUT and then goes back INto my network. I just tried accessing my DDNS IP with :80 from OUTside my network and its not accessible already. Silly mistakes from my end. Tyvm for the support. Appreciate it. 

  1  
  1  
#6
Options
Re:Port 80 open externally with config page on TL-R605
2021-04-27 04:37:57

@BFH haha, I made a similar post about this issue a month ago. I'm not used to a built in NATed loopback on enterprise equipment so it was a shock when I found what I though was an open management portal. Go figure, right?

  3  
  3  
#7
Options