RV110W port 443 always open

BadCiscoPolicies1 · ‎03-31-2012

I just bought and setup a RV110W. I noticed while scanning it from the WAN side that it always has port 443 open, even when remote management and VPN access are disabled. Why is this port still open, and how do I close it? Or is this a bug in the firmware? I am using firmware version 1.1.0.9, which is the most up-to-date for this unit. Having open ports allowing unsolicited contact from the WAN side, especially inadvertant ones, is a major security hole.

I should be able to lock this down with no open ports on the WAN side. Any idea why this unit is doing this? Should I return this device, or is this fixable?

miswilli · ‎04-02-2012

Hi Michael,

Please call 1-866-606-1866. We can assist you with this issue but you would have to call so we can get the information needed from you to escalate, if necessary.

I hope this information helps. Have a great day!

chchapma · ‎04-03-2012

Hi Michael,

Which port scanning tool are you using to verify the 443 port listening issue? The latest firmware version for the RV110W is 1.2.0.9. This is something that can be fixed.

blwright · ‎04-03-2012

Michael,

Port 443 is used for other connections besides Remote management and VPN. HTTPS (port 443) also provides encrypted communication for sensitive data transactions such checking your account balance with your bank or purchasing an item online. The router doesn't necessarily control if ports are opened or closed on the WAN side. Some routers however do have the ability to determine how ports are viewed when scanned (i.e. opened, closed, stealth). In a typical network setup you will have:

WAN---->Modem---->Router--->LAN

When scanning ports, in most cases, those utilities are looking at the WAN interface of the modem not the router if a port is being shown as opened or closed the issue usually resides with the ISP.

Short answer is you do not want 443 closed because this would cut off all HTTPS communication on that port from the internet.

Regards

Blake

BadCiscoPolicies1 · ‎04-03-2012

I've upgraded to 1.2.0.9. The Cisco support site search top link that points to what it claims is the latest the firmware, displayed 1.1.0.9 as the most up-to-date. You have to notice the left hand column has a higher version number listed. See here.

Once I did that firmware upgrade, the 443 port appearing open on the WAN side for unsolicited connections went away. The tool I used for probing was just Shields Up!. It's a pretty basic port scanner that probes for acceptance of unsolicited connections from external IP address 4.79.142.202 over a range of ports, typically ports 0-1055.

I don't buy the "blame it on the modem" explanation, if for no other reason than in this router replacement, the modem wasn't changed and the previous router always showed no ports open for unsolicited connections in the port ranges I probed except when port forwarding was activated. I've not turned on any port forwarding (nor remote WAN-side admin access nor VPN access) on this RV110W for these tests.

Anyway, for whatever reason, the issue seems to have gone away with this firmware version.

BTW, the one complaint I have with the RV110W design (or any of its Cisco cousins) is the lack of SMA connectors for the antennas, so one is stuck using the antennas on the unit. My old router had vastly better coverage because I was able to replace it's antennas with external antennas which I could use to tailor the shape of the coverage area to the local. (e.g. D-Link ANT24-0700 omnidirectional antenna, Hawking HAI15SC corner antenna, etc) I hope I don't find I need to put this unit on eBay in a month and replace it with one with detachable antennas just to get adiquate coverage in the shape I need.

davidagu · ‎04-05-2012

Hello Michael,

Under Firewall>Basic Settings>Web Access, uncheck HTTPS.

Port 443 will then show as closed in a port scan.

BadCiscoPolicies1 · ‎04-06-2012

Sorry David, but that's not a state the RV110W firmware allows. Maybe it should if for no other reason than to lessen confusion, but it does not.

Under Firewall>Basic Settings>Web Access, if you try to have both the HTTP and the HTTPS "Web Access" boxes unchecked, then a red "You must select a web server." message is displayed right next to the Web Access boxes. This behavior is independent of whether the "Remote Management: Enabled" check box is checked. Furthermore, if you try to save the configuration in that state (neither "Web Access" box checked), it won't save the configuration. The firmware (1.2.0.9 and the two previous version this unit has had) REQUIRE that one or the other of the "Web Access" check boxes be checked at all times. And again, this is independent of the state of the "Remote Management: Enabled" check box.

As I said on March 31, 2021, all WAN port probe tests after the upgrade to 1.2.0.9 seem to always show no ports open to unsolicited connections in the range of 0-1055, as well as 8080, when I have the "Remote Management" disabled. So as near as I can tell, it's now behaving correctly. Why the tests were showing port 443 open with the earlier firmware is a mystery.

davidagu · ‎04-07-2012

Hello Michael,

Happy to hear things are working. It does indeed look like the firmware upgrade resolved the issue. Let us know if you have any other questions.