Open wan ports TL-ER7206
Hi,
I just setup my ER7206 and im managing it from a omada oc200. I did a off site port scan and have this ports open (wan):
53/udp open|filtered domain
111/udp open|filtered rpcbind
192/udp open|filtered osu-nms
502/udp open|filtered mbap
539/udp open|filtered apertus-ldp
989/udp open|filtered ftps-data
im new in the omada ecosystem and wonder whats the best approach to stop this ports being accesible from the internet (wan). I dont really mind if the ports are seen from the lan side.
Any extra sugested actions to "secure" my ER7206?
Thanks :-)
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Hi,
Scans from the same ISP return the expected results. NO weird open ports.
Thanks for all the help.
- Copy Link
- Report Inappropriate Content
Hi @azarug
Thanks for posting in our business forum.
I find something not true in your statement.
First, ER7206 V2 has the latest firmware release in Jan 2024. Is your model ER7206 V1 or V2?
Second, I did a test on ER7206 V1's latest firmware in Dec 2023, this does not reveal any ports open.
You may share your nmap result here and mosaic partially if your IP is a public one.
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
Hi, thanks for the quick reply and all the efford used in helping.
About model and firmware version ive misled using a specific date, i just met "latest" at a specific day to avoid misleading in future dates.
About the port scan its a WAN to WAN scan. But i just noticed that the Linux scan returns different results from the Windows scan. Im not sure its due to using 2 different ISP in the scan or not. Its a simple nmap using the same parameters "nmap -sS -sU -T4 -A -v {router_public_wan_ip}".
At this moment im not sure if its a nmap windows/linux thing or a isp thing.
Anyways, is there a way to fine tune the firewall im a omada setup?
Thanks
- Copy Link
- Report Inappropriate Content
Hi @azarug
Thanks for posting in our business forum.
azarug wrote
Hi, thanks for the quick reply and all the efford used in helping.
About model and firmware version ive misled using a specific date, i just met "latest" at a specific day to avoid misleading in future dates.
About the port scan its a WAN to WAN scan. But i just noticed that the Linux scan returns different results from the Windows scan. Im not sure its due to using 2 different ISP in the scan or not. Its a simple nmap using the same parameters "nmap -sS -sU -T4 -A -v {router_public_wan_ip}".
At this moment im not sure if its a nmap windows/linux thing or a isp thing.
Anyways, is there a way to fine tune the firewall im a omada setup?
Thanks
So, from a WAN scan, testing the same WAN interface, in both Linux or Windows scans, they show ports like 53, 363, 559 and 773 open? And the result is consistent?
I gotta confirm this before I make my next move.
Do you have any port forwarding set on your router? Paste a screenshot.
The WAN does not matter because two WANs are getting two different IPs. I am simply using the scan instead of traceroute on the nmap and the result shows no port opened.
If possible and necessary, are you willing to debug with us? Which I need to know your time zone and your available time during the workdays. I need to check if we have a suitable time.
- Copy Link
- Report Inappropriate Content
Hi again,
Just did a few scans and you seem to be in the correct path, ports are not consistent; only 53 UDP remains in all scans. Did a quick research and maybe our provider, Akamai, is doing some kind of obfuscation, with security in mind.
Ill try to spin a linux server connected to the same ISP the ER-7206 is on and do some scans. Have in mind its not so easy, its two locations in two different countries (GB - ES).
About ports, yes, theres port forwarding for means of remote backup. This dont affect scan results cause we have the same backup setup in other locations with the expected scan results.
Again thanks for helping so much and looking into this issue. Ill let you know about the "clean scan" results. Im unfamiliar with the ER-7206 and omada software, but right now it seems its not a issue with tplink enviroment.
- Copy Link
- Report Inappropriate Content
Hi,
Scans from the same ISP return the expected results. NO weird open ports.
Thanks for all the help.
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 954
Replies: 6
Voters 0
No one has voted for it yet.