I completely disconnected my whole TP-Link network and hooked up an old router to get access to port 80 for LetsEncrypt validation. The WAN assigned new DHCP addresses and when I hooked things back up, the issue was gone. Now, port 80 is properly forwarded to my proxy server and only serves to upgrade to SSL.

I believe the issue was real, but since it has disappeared with the new lease, there's no way for me to know if it was just NAT loopback.

@BFH 

My TL-R605 is facing the exact issue as what BFH reported in this thread. When my DDNS name was used with :80, this page of the TL-R605 showed up.

Btw, I have a Omada controller managing the R506. I need to know to disable port 80 in Controller or R605.

@Philbert 

Philbert wrote

@aloychan 

 

I am unable to recreate this

 

Hitting both DDNS and IP (with and without :80) from an foreign network does not resolve for me.  It appears to be blocked

 

 

Shields up test reports the port as CLOSED, ideally it shouldn't respond at all (stealth) but closed is good

 

 

Granted when I hit the external address from internal, NAT resolves this and does prompt the "managed page" but that is to be expected from internal

 

 

 

@aloychan   -  Are you definitely using an external / foreign connection for the DDNS connection?   The fact that you are seeing the 192.168.0.211 address listed makes me think you are connected to the TL-R605 and trying to go OUT then back IN.   NAT wont allow you to do this and will just forward you to the LAN interface. 

@Philbert - Yes, you are fight I am trying to go OUT and then goes back INto my network. I just tried accessing my DDNS IP with :80 from OUTside my network and its not accessible already. Silly mistakes from my end. Tyvm for the support. Appreciate it. 

@BFH haha, I made a similar post about this issue a month ago. I'm not used to a built in NATed loopback on enterprise equipment so it was a shock when I found what I though was an open management portal. Go figure, right?