Sponsored Links

Static IP brings up router log on page

Storyline

Casual Member
Hello all :)

We have fairly recently got a new FTTP connection using (the excellent) Aquiss as our ISP.

They supply a fixed IP as standard and just for fun I set up a webserver on our NAS and so needed to set up port forwarding on the Huawei AX3 router. During this process I happened to type in our static IP without the newly opened port attached and was surprised to see this brought up the log in page for the router.

Is this normal ?

I have just been through a process of trying to improve our online security and I don't think I'm keen on this page coming up like this. I can understand that the router has to do something when it is contacted and maybe this is a perfectly normal response but nevertheless is there an easy way of stopping it ? I don't need an elegant solution - just silence/dumb inaction would be fine.

Sorry for such basic questions but as I usually make clear when posting on this excellent forum, I'm short on knowledge of such subjects and only get by in this space by relying on trial & error methods.

TIA
Paul
 
What exactly are you being shown when you type the static IP? Router logs? Try to enable the firewall on the router and filter out the web port/s.
 
Hello all :)

We have fairly recently got a new FTTP connection using (the excellent) Aquiss as our ISP.

They supply a fixed IP as standard and just for fun I set up a webserver on our NAS and so needed to set up port forwarding on the Huawei AX3 router. During this process I happened to type in our static IP without the newly opened port attached and was surprised to see this brought up the log in page for the router.

Is this normal ?

I have just been through a process of trying to improve our online security and I don't think I'm keen on this page coming up like this. I can understand that the router has to do something when it is contacted and maybe this is a perfectly normal response but nevertheless is there an easy way of stopping it ? I don't need an elegant solution - just silence/dumb inaction would be fine.

Sorry for such basic questions but as I usually make clear when posting on this excellent forum, I'm short on knowledge of such subjects and only get by in this space by relying on trial & error methods.

TIA
Paul
As said you really shouldn’t expose (accidentally or otherwise) the router portal webpages (nor indeed any SSH ports etc) to the wide internet. You will be inundated with folks attempting to hack your connection - even though you may not see it or your router reports it.

Port forwarding is really not a good security idea, especially on a static IP connection. You are far better looking at a VPN solution. Or at the least put in place restrictions on IP ranges that the router will accept.
 
Sponsored Links
Thank you both for the replies.

The point Pheasant made about people trying to get into the router is exactly what first crossed my mind. It felt to me as though it was a sort of challenge to anyone - here is a router, now try and get into it.

As regards the firewall on the router, that is already switched on.

As you both confirm that it doesn't seem like a good idea I will dig deeper and no doubt will be able to find some kind of a solution.

Regarding the port forwarding I will have to look into that also - the router does have some kind of VPN functionality but I have not really looked at it yet. The NAS which the open port connects to is a QNAP model and they have just released new firmware/OS (QTS5.0) which has increased focus on security. They also have very active forums so that will be a good starting point for further info.

Thanks again guys :)
 
Well I'm on TalkTalk Business FTTP with a static ipv4 and typing my IP address into any browser brings up the router login page, ie it has the same effect as typing 192.168.1.1. (router IP).
 
Last edited:
This is the case for most routers as you are considered to be "inside" the firewall when on the LAN side. It's what happens when connecting from the outside you should be worried about.

Try doing a scan from outside, if you having problems finding someone to do it, there are online tools like Shields Up from grc.com, if you perform a "All Service Ports" scan.

What you are looking for is Stealth with no open ports or replies.
 
Top
Cheap BIG ISPs for 100Mbps+
Community Fibre UK ISP Logo
150Mbps
Gift: None
Virgin Media UK ISP Logo
Virgin Media £24.00
132Mbps
Gift: None
Shell Energy UK ISP Logo
Shell Energy £26.99
109Mbps
Gift: None
Plusnet UK ISP Logo
Plusnet £27.99
145Mbps
Gift: None
Zen Internet UK ISP Logo
Zen Internet £28.00 - 35.00
100Mbps
Gift: None
Large Availability | View All
Cheapest ISPs for 100Mbps+
Gigaclear UK ISP Logo
Gigaclear £15.00
150Mbps
Gift: None
YouFibre UK ISP Logo
YouFibre £19.99
150Mbps
Gift: None
Community Fibre UK ISP Logo
150Mbps
Gift: None
BeFibre UK ISP Logo
BeFibre £21.00
150Mbps
Gift: £25 Love2Shop Card
Hey! Broadband UK ISP Logo
150Mbps
Gift: None
Large Availability | View All

Helpful ISP Guides and Tips

Sponsored Links
The Top 15 Category Tags
  1. FTTP (5473)
  2. BT (3505)
  3. Politics (2525)
  4. Openreach (2291)
  5. Business (2251)
  6. Building Digital UK (2234)
  7. FTTC (2041)
  8. Mobile Broadband (1961)
  9. Statistics (1780)
  10. 4G (1654)
  11. Virgin Media (1608)
  12. Ofcom Regulation (1451)
  13. Fibre Optic (1392)
  14. Wireless Internet (1386)
  15. FTTH (1381)
Sponsored

Copyright © 1999 to Present - ISPreview.co.uk - All Rights Reserved - Terms  ,  Privacy and Cookie Policy  ,  Links  ,  Website Rules