RT-AC86U unable to prevent router from accepting ping requests from WAN and port 5060 open

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

nuromen

Occasional Visitor
Greetings,

I have 2 issues with 384.15 firmware on my RT-AC86U

In firewall, if I select Respond ICMP Echo (ping) Request from WAN to NO, I can still ping it.

Running a port scanner I found out that port 5060 is open, why? :-/

Disabled SIP Passthrough in WAN - NAT Passthrough but port still open.

Please help.
 

RMerlin

Asuswrt-Merlin dev
Make sure you run the scan from outside the network, not from inside.
 

ColinTaylor

Part of the Furniture
If you go to canyouseeme.org does it show the same IP address as that in the router's GUI (Network Map > Internet)?

What network scanner were you using?
 

ColinTaylor

Part of the Furniture
Try scanning port 5060 from the canyouseeme.org website (from a client on your LAN) rather than using your phone. It's possible that your mobile provider is intercepting 5060 traffic and creating a false positive.
 

kernol

Very Senior Member
Interesting - same thing with my RT-AC86U ... also open to ping from outside - but never used to be ???
Only 2 big things changed since I previously confirmed ping closed - installed 384.15 and also unbound.
Otherwise just updates to add-ons per my signature.

@nuromen - do you have unbound installed?
 

kernol

Very Senior Member
Try scanning port 5060 from the canyouseeme.org website (from a client on your LAN) rather than using your phone. It's possible that your mobile provider is intercepting 5060 traffic and creating a false positive.

My port 5060 definitely closed - per your test suggestion - but ping open?
 

nuromen

Occasional Visitor
Try scanning port 5060 from the canyouseeme.org website (from a client on your LAN) rather than using your phone. It's possible that your mobile provider is intercepting 5060 traffic and creating a false positive.

Tested using the mencioned site, gives an error.

Error: I could not see your service on...
 
Last edited:

nuromen

Occasional Visitor
Interesting - same thing with my RT-AC86U ... also open to ping from outside - but never used to be ???
Only 2 big things changed since I previously confirmed ping closed - installed 384.15 and also unbound.
Otherwise just updates to add-ons per my signature.

@nuromen - do you have unbound installed?

I do not know what unbound is :-/
 

ColinTaylor

Part of the Furniture
Tested using the mencione site, gives an error.

Error: I could not see your service on...
Then I'd say that your mobile provider is blocking that port. Phone companies don't want you using VoIP across their mobile internet because it conflicts with the services they are trying to sell to you.
 

nuromen

Occasional Visitor
So by canyouseeme port 5060 is Inaccessible.

Now how can I configure my router to not respond to ping requests from WAN? Since in webgui no matter what I do, it do not work.
 

htismaqe

Very Senior Member
Then I'd say that your mobile provider is blocking that port. Phone companies don't want you using VoIP across their mobile internet because it conflicts with the services they are trying to sell to you.

I was just going to say, port 5060 is SIP. His carrier is probably blocking it.
 

L&LD

Part of the Furniture
RT-AX88U v384.15_0 with Unbound running and no ports open or pingable. :)
 

kernol

Very Senior Member
Does it respond to pings when you test it from this web site?

https://ping.eu/ping/
In my case - no ping response from that site - however, had just rebooted router before test and now no ping response on Fing or Net Analyzer on iPad over mobile to DDNS name from Asus. Go figure ???
 

RMerlin

Asuswrt-Merlin dev
If you have another router in front (for instance if your modem is not bridged), the ping responses might be sent back by that modem, not by your Asus router.
 

TonyK132

Senior Member
Does it respond to pings when you test it from this web site?

https://ping.eu/ping/
I just tested my 14_2 86U, and it responds to pings from this website. I am using a VPN. This is the IP address when connected to the VPN. My actual ISP IP address does not respond from this website.
 
Last edited:

ColinTaylor

Part of the Furniture
I just tested my 14_2 86U, and it responds to pings from this website. I am using a VPN. This is the IP address when connected to the VPN. My actual ISP IP address does not respond from this website.
That's expected behaviour then.
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top