Blocking config page from public Internet


#1

I know this is somewhere that I should have read, but my Peplink configuration page ( login) is open to the Internet.

Is there just a setting that only makes this just available inside the network. Do I have to set a firewall rule?


#2

Sure. there are a number of ways to handle this and make it more difficult for bad guyz to compromise your installation. For a B20, for example, one would go to System | Admin Security and then change the “Web Admin Access” parameter from LAN/ WAN to LAN. After you do that the outward face of the router will be essentially closed.

Two things we also also do is to always set “Security” to HTTPS and reset the “Web Admin Port” to a number other than the default – a non-conflicting number high in the allowable range – example – 47212, etc. [I should not have to say this, but once you do this the address for your router will change from something like http://192.168.1.1 to https://192.168.1.1:47212. If you don’t include the port number in the address once you change it your browser will try to connect to port 80 (for HTTP) or port 443 (for HTTPS) and that will no longer work.]