Hi,

I have been helping a customer that has to have their WAN connection pen-tested. The only inbound service on the router is a IPSec/L2TP VPN, everything else is switched off/disabled. However the pen-test has identified that the following ports are still available:

UDP161 - SNMP
TCP444 - SNPP

SNMP is disabled and is also disabled in the management settings. TCP444 is the default normally for SSL VPN but again this is disabled. The router isn't manageable from the internet. I'm a bit confused to why these ports are open or at least appear to be (I have used this site https://www.ipvoid.com/udp-port-scan/ - to test my own router and these ports are open on mine also, although they shouldn't be). Is there something I can do to disable these services? I've tried to reach out to support but as yet they've not responded and I can't seem to contact them via phone.

Cheers
Rob

RE port 444 - have you tried unbinding it from the interface?

I've not tried that, can you explain how I would go about doing that?

I've had problems with open ports that shouldn't be in earlier firmwares on the 2865. Report it to support.

I think support are short handed at the moment, 30 minutes waiting on the phone earlier with no answer, I've dropped them a mail so hopefully someone will pick that up.