U-verse Forums

Reply
Posted Oct 5, 2012
2:50:38 PM
View profile
Cisco_AP_ATT and ConnectToCiscoAP using port 443

Why does the Cisco_AP_ATT have port 443 open for connectToCiscoAP?  Can I close that port on the firewall without causing any issues?

 

Paul

Why does the Cisco_AP_ATT have port 443 open for connectToCiscoAP?  Can I close that port on the firewall without causing any issues?

 

Paul

Cisco_AP_ATT and ConnectToCiscoAP using port 443

5,108 views
8 replies
(0) Me too
(0) Me too
Post reply
Cancel
Submit
Replies
(8)
0
(0)
  • Rate this reply
View profile
Oct 6, 2012 8:34:37 AM
0
(0)
ACE - Master

My understanding is that AT&T somehow connects to the Cisco Wireless Access Point via HTTP/SSL over 443.  I do not know why or wherefore.

 

My understanding is that AT&T somehow connects to the Cisco Wireless Access Point via HTTP/SSL over 443.  I do not know why or wherefore.

 

*The views and opinions expressed on this forum are purely my own. Any product claim, statistic, quote, or other representation about a product or service should be verified with the manufacturer, provider, or party.

Re: Cisco_AP_ATT and ConnectToCiscoAP using port 443

2 of 9 (5,080 Views)
0
(0)
  • Rate this reply
View profile
Nov 14, 2013 3:13:28 PM
0
(0)
Tutor

No matter how many times I remove this port, AT&T adds it back onto my Access Point. I completely delete the rule and change the admin password. *You have to log in to make any changes to the firewall rules*

 

How does AT&T keep adding it if they don't know my password? Why would they insist that this port remain open? In order to log in and add the port rule again each time, they would have to hack my password. The event log below shows someone logging in and adding the rule again. This is not me or anyone in my house!

 

Event Log:

 

INF2013-11-14T02:11:52-08:00sysSuccessfully logged into a password protected page
INF2013-11-14T05:48:31-08:00sys

Pinhole added on broadband=0.0.0.0, home=0.0.0.0 appid=-1, port=443

No matter how many times I remove this port, AT&T adds it back onto my Access Point. I completely delete the rule and change the admin password. *You have to log in to make any changes to the firewall rules*

 

How does AT&T keep adding it if they don't know my password? Why would they insist that this port remain open? In order to log in and add the port rule again each time, they would have to hack my password. The event log below shows someone logging in and adding the rule again. This is not me or anyone in my house!

 

Event Log:

 

INF2013-11-14T02:11:52-08:00sysSuccessfully logged into a password protected page
INF2013-11-14T05:48:31-08:00sys

Pinhole added on broadband=0.0.0.0, home=0.0.0.0 appid=-1, port=443

Re: Cisco_AP_ATT and ConnectToCiscoAP using port 443

3 of 9 (1,792 Views)
0
(0)
  • Rate this reply
View profile
Nov 14, 2013 3:21:49 PM
0
(0)
Tutor

In regards to the Motorola Access Point for TV:

 

Any devices that are connected to the Access Point are seen as Wired devices; Considered to be connected directly to the Router via an ethernet cable. My router shows a 3rd device connecting to my router via the AP. I only have 2 receivers in my house. So, what is this 3rd device?

 

I've searched for the login to the Motorola AP, but nobody knows it. I'd like to control who is accessing my Motorola AP. I've tried every default password out there.

In regards to the Motorola Access Point for TV:

 

Any devices that are connected to the Access Point are seen as Wired devices; Considered to be connected directly to the Router via an ethernet cable. My router shows a 3rd device connecting to my router via the AP. I only have 2 receivers in my house. So, what is this 3rd device?

 

I've searched for the login to the Motorola AP, but nobody knows it. I'd like to control who is accessing my Motorola AP. I've tried every default password out there.

Re: Cisco_AP_ATT and ConnectToCiscoAP using port 443

4 of 9 (1,789 Views)
0
(0)
  • Rate this reply
View profile
Nov 14, 2013 4:43:47 PM
0
(0)
Expert
AT&T intentionally keeps port 443 open to the WAP for remote control, auditing, and authentication purposes. It's part of their overall system management application that manages all customer equipment.

If you remove the port 443 firewall access to the WAP, their management system will automatically put it back. The system does not know your password, nor does it need it to manage the gateway and WAP.

If you need port 443 for your own purpose, the only work-around if you have wireless STBs is to purchase a block of static IP addresses.

AT&T intentionally keeps port 443 open to the WAP for remote control, auditing, and authentication purposes. It's part of their overall system management application that manages all customer equipment.

If you remove the port 443 firewall access to the WAP, their management system will automatically put it back. The system does not know your password, nor does it need it to manage the gateway and WAP.

If you need port 443 for your own purpose, the only work-around if you have wireless STBs is to purchase a block of static IP addresses.

Re: Cisco_AP_ATT and ConnectToCiscoAP using port 443

5 of 9 (1,779 Views)
0
(0)
  • Rate this reply
View profile
Nov 15, 2013 9:17:36 AM
0
(0)
Community Support

Hi ch8ds1,

 

SomeJoe7777 is correct. Port 443 is used by the WAP remote control. Also, with the 3 devices, the WAP  receives an IP address as well.

 

Hope this helps clarify a few things.

 

-David T

If you encounter any issues with your service or equipment, I recommend checking out our Troubleshoot & Resolve solutions to help diagnose the issue.

Hi ch8ds1,

 

SomeJoe7777 is correct. Port 443 is used by the WAP remote control. Also, with the 3 devices, the WAP  receives an IP address as well.

 

Hope this helps clarify a few things.

 

-David T

If you encounter any issues with your service or equipment, I recommend checking out our Troubleshoot & Resolve solutions to help diagnose the issue.
I am an AT&T employee and the postings on this site are my own and don’t necessarily represent AT&T’s position, strategies or opinions.
*I am an AT&T employee and the postings on this site are my own and don’t necessarily represent AT&T’s position, strategies or opinions.

Re: Cisco_AP_ATT and ConnectToCiscoAP using port 443

6 of 9 (1,764 Views)
0
(0)
  • Rate this reply
View profile
Feb 20, 2014 2:06:28 PM
0
(0)
Tutor
I found out that the 3rd device, with it's own MAC address and assigned IP, is associated with the wireless receiver and only shows up when using the wireless option. If you remove the Motorola AP from the equation and run an ethernet cable from your receiver directly to your modem/router, you will have full functions of your dvr/receiver. It only requires and internet connection. However, I'm still searching for answers as to why each wireless receiver uses 2 wireless cards or devices to connect to the Motorola AP. I know for sure which MAC address is the LAN device and enable the dvr to function, but I still have no clue what the other MAC address / device is for? What is it? What does it do?
I found out that the 3rd device, with it's own MAC address and assigned IP, is associated with the wireless receiver and only shows up when using the wireless option. If you remove the Motorola AP from the equation and run an ethernet cable from your receiver directly to your modem/router, you will have full functions of your dvr/receiver. It only requires and internet connection. However, I'm still searching for answers as to why each wireless receiver uses 2 wireless cards or devices to connect to the Motorola AP. I know for sure which MAC address is the LAN device and enable the dvr to function, but I still have no clue what the other MAC address / device is for? What is it? What does it do?

Re: Cisco_AP_ATT and ConnectToCiscoAP using port 443

7 of 9 (1,184 Views)
0
(0)
  • Rate this reply
View profile
Feb 20, 2014 2:09:12 PM
0
(0)
Tutor
Thanks SomeJoe7777
Thanks SomeJoe7777

Re: Cisco_AP_ATT and ConnectToCiscoAP using port 443

8 of 9 (1,184 Views)
0
(0)
  • Rate this reply
View profile
Feb 20, 2014 2:13:53 PM
0
(0)
Tutor
Edited by ch8ds1 on Feb 20, 2014 at 2:18:41 PM

Thank you DavidCS,

I need to check back for these answers more often. hehe

Also, with some help, we determined that the extra device or 2nd MAC address from the 1 wireless receiver only shows up when connecting via wireless. If I plug that receiver in directly to the Modem/Router, it no longer uses that 2nd device. This only occurs when using the Motorola AP and wireless option. Are you saying that the 2nd MAC is the Wireless Access Point? I have already accounted for the Motorola VAP 2500. I know it's MAC address and the MAC address of the LAN card on my receiver. That one is constant whether I'm using wired or wireless.

Can you explain this a little further?

Thank you DavidCS,

I need to check back for these answers more often. hehe

Also, with some help, we determined that the extra device or 2nd MAC address from the 1 wireless receiver only shows up when connecting via wireless. If I plug that receiver in directly to the Modem/Router, it no longer uses that 2nd device. This only occurs when using the Motorola AP and wireless option. Are you saying that the 2nd MAC is the Wireless Access Point? I have already accounted for the Motorola VAP 2500. I know it's MAC address and the MAC address of the LAN card on my receiver. That one is constant whether I'm using wired or wireless.

Can you explain this a little further?

Re: Cisco_AP_ATT and ConnectToCiscoAP using port 443

[ Edited ]
9 of 9 (1,184 Views)
Share this post
Share this post