ASUS Router Security

JCW3

New Around Here
It bothers me that ASUS routers do not provide an option in setup to prevent access to their Web management pages from the WAN. All routers I've used previously have done this, and often more, like preventing wireless login to the management pages and/or allowing only specified MAC addresses to login. How do you folks cope with this? Are there other compensating security features that I'm missing? Thanks in advance for any insight to this newbie to the ASUS line. -- JCW3
 

Tech9

Part of the Furniture
How do you folks cope with this?

Administration, System:

Untitled_wan.png
 

JCW3

New Around Here
Colin -- OK, can you point me to this feature? I just tried to set up a RT-AC68U and cannot find that feature anywhere on its Web management pages. I chatted with ASUS tech support, who confirmed that they did not. I'm happy to be proven wrong... -- JCW3
 

bbunge

Part of the Furniture
Access to web management is disabled by default. Sad to say there are still foolish people who enable it anyway.
 

Tech9

Part of the Furniture
Sad to say there are still foolish people who enable it anyway.

Asus Router app opens Web Access from WAN. Some people don't know it's open.
 

dave14305

Part of the Furniture
Is the AC68U in Router mode, or Access Point mode, etc.? The option is only visible and applicable in Router mode. Seems odd you can’t find it.
 

JCW3

New Around Here
See post #3.
OK, I see it now.

Odd that I was not able to get a correct answer on this from Chat support. They also seemed unaware of the options there to effectively prevent wireless administration of the router (Only Allow Specific IP).

I'm still not clear on the usefulness of Authentication Method (HTTP, HTTPS, or Both)... -- JCW3
 
Last edited:

Tech9

Part of the Furniture
I'm still not clear on the usefulness of Authentication Method (HTTP, HTTPS, or Both)

Asus Router app after recent updates requires HTTPS even on local network. You also have the option to enable access from WAN, if you want to.
 

bbunge

Part of the Furniture
Asus Router app after recent updates requires HTTPS even on local network. You also have the option to enable access from WAN, if you want to.
Not true. The app may suggest https but you can ignore that.

As for the foolish ones that still use WAN access, there were a couple of folks on the 386.5 release thread that were discussing upgrades using the WAN access. Nominees for the Darwin Award...
 

JCW3

New Around Here
One more question about this ASUS RT-AC68U router: Is there any way to prevent administration from its wireless LAN or, failing that, to limit wireless administration to certain MAC addresses?

I can't find one, and often that feature is absent... -- JCW3
 

OzarkEdge

Part of the Furniture
One more question about this ASUS RT-AC68U router: Is there any way to prevent administration from its wireless LAN or, failing that, to limit wireless administration to certain MAC addresses?

I can't find one, and often that feature is absent... -- JCW3

Not that I know of besides 'don't login over WiFi'.

OE
 

bennor

Senior Member
One more question about this ASUS RT-AC68U router: Is there any way to prevent administration from its wireless LAN or, failing that, to limit wireless administration to certain MAC addresses?

I can't find one, and often that feature is absent... -- JCW3
The Enable Access Restrictions option on the Administration > System page may or may not work to answer your question. The tooltip for Enabled Access Restrictions indicates the following:
This features allows you to restrict access to the wireless router via "Web UI" / "SSH" / "Telnet" to only specified IP addresses and networks from WAN (if Enabled) or LAN sides. "Telnet" access from WAN side is forbidden.
enableaccessrestrictions.jpg
 

JCW3

New Around Here
The Enable Access Restrictions option on the Administration > System page may or may not work to answer your question...
Interesting! If "Web UI" means what it sounds like, it might just work for me. This option is newer than the user guide I downloaded; I know from experience that Asus tech-support chat gives out anti-information; so I suppose experimentation is the only way...

...unless somebody else here knows. Cheers! -- JCW3
 

OzarkEdge

Part of the Furniture
Interesting! If "Web UI" means what it sounds like, it might just work for me. This option is newer than the user guide I downloaded; I know from experience that Asus tech-support chat gives out anti-information; so I suppose experimentation is the only way...

...unless somebody else here knows. Cheers! -- JCW3

Let us know how it works out... that's part of the give and take around here.

OE
 

bennor

Senior Member
Interesting! If "Web UI" means what it sounds like, it might just work for me. This option is newer than the user guide I downloaded; I know from experience that Asus tech-support chat gives out anti-information; so I suppose experimentation is the only way...

...unless somebody else here knows. Cheers! -- JCW3
Quick test with a single IP address works to limit access to the web ui. No other devices can access the web ui.
 

Tech9

Part of the Furniture

JCW3

New Around Here
Quick test with a single IP address works to limit access to the web ui. No other devices can access the web ui.
Thanks, bennor, for checking this out!

I guess all I would need to do is make a DHCP reservation for the MAC address of the computer that will do the administration (I think that prevents any other machine from taking that IP address) and then enter the reserved IP address in the "Remote Access Configuration" box as you indicated.

I'll check this out with a new RT-AC68U that I have on order and report back in a week or two. (I'm in the process of upgrading my whole home Wi-Fi system, and another new router is needed. I've already put the first one into service for my less-secure "Internet of Things" and would draw howls if I messed around with it now.) -- JCW3
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top