Cisco_AP_ATT and ConnectToCiscoAP using port 443

Contributor

Cisco_AP_ATT and ConnectToCiscoAP using port 443

Why does the Cisco_AP_ATT have port 443 open for connectToCiscoAP?  Can I close that port on the firewall without causing any issues?

 

Paul

Message 1 of 9 (7,589 Views)
ACE - Expert

Re: Cisco_AP_ATT and ConnectToCiscoAP using port 443

My understanding is that AT&T somehow connects to the Cisco Wireless Access Point via HTTP/SSL over 443.  I do not know why or wherefore.

 

*The views and opinions expressed on this forum are purely my own. Any product claim, statistic, quote, or other representation about a product or service should be verified with the manufacturer, provider, or party.
Message 2 of 9 (7,561 Views)
Tutor

Re: Cisco_AP_ATT and ConnectToCiscoAP using port 443

No matter how many times I remove this port, AT&T adds it back onto my Access Point. I completely delete the rule and change the admin password. *You have to log in to make any changes to the firewall rules*

 

How does AT&T keep adding it if they don't know my password? Why would they insist that this port remain open? In order to log in and add the port rule again each time, they would have to hack my password. The event log below shows someone logging in and adding the rule again. This is not me or anyone in my house!

 

Event Log:

 

INF2013-11-14T02:11:52-08:00sysSuccessfully logged into a password protected page
INF2013-11-14T05:48:31-08:00sys

Pinhole added on broadband=0.0.0.0, home=0.0.0.0 appid=-1, port=443

Message 3 of 9 (4,273 Views)
Tutor

Re: Cisco_AP_ATT and ConnectToCiscoAP using port 443

In regards to the Motorola Access Point for TV:

 

Any devices that are connected to the Access Point are seen as Wired devices; Considered to be connected directly to the Router via an ethernet cable. My router shows a 3rd device connecting to my router via the AP. I only have 2 receivers in my house. So, what is this 3rd device?

 

I've searched for the login to the Motorola AP, but nobody knows it. I'd like to control who is accessing my Motorola AP. I've tried every default password out there.

Message 4 of 9 (4,270 Views)
Expert

Re: Cisco_AP_ATT and ConnectToCiscoAP using port 443

AT&T intentionally keeps port 443 open to the WAP for remote control, auditing, and authentication purposes. It's part of their overall system management application that manages all customer equipment.

If you remove the port 443 firewall access to the WAP, their management system will automatically put it back. The system does not know your password, nor does it need it to manage the gateway and WAP.

If you need port 443 for your own purpose, the only work-around if you have wireless STBs is to purchase a block of static IP addresses.

Message 5 of 9 (4,260 Views)
Community Support

Re: Cisco_AP_ATT and ConnectToCiscoAP using port 443

Hi ch8ds1,

 

SomeJoe7777 is correct. Port 443 is used by the WAP remote control. Also, with the 3 devices, the WAP  receives an IP address as well.

 

Hope this helps clarify a few things.

 

-David T

If you encounter any issues with your service or equipment, I recommend checking out our Troubleshoot & Resolve solutions to help diagnose the issue.
Employee Contributor*
*I am an AT&T employee and the postings on this site are my own and don't necessarily represent AT&T's position, strategies or opinions.
Message 6 of 9 (4,245 Views)
Tutor

Re: Cisco_AP_ATT and ConnectToCiscoAP using port 443

I found out that the 3rd device, with it's own MAC address and assigned IP, is associated with the wireless receiver and only shows up when using the wireless option. If you remove the Motorola AP from the equation and run an ethernet cable from your receiver directly to your modem/router, you will have full functions of your dvr/receiver. It only requires and internet connection. However, I'm still searching for answers as to why each wireless receiver uses 2 wireless cards or devices to connect to the Motorola AP. I know for sure which MAC address is the LAN device and enable the dvr to function, but I still have no clue what the other MAC address / device is for? What is it? What does it do?
Message 7 of 9 (3,665 Views)
Tutor

Re: Cisco_AP_ATT and ConnectToCiscoAP using port 443

Thanks SomeJoe7777
Message 8 of 9 (3,665 Views)
Tutor

Re: Cisco_AP_ATT and ConnectToCiscoAP using port 443

[ Edited ]

Thank you DavidCS,

I need to check back for these answers more often. hehe

Also, with some help, we determined that the extra device or 2nd MAC address from the 1 wireless receiver only shows up when connecting via wireless. If I plug that receiver in directly to the Modem/Router, it no longer uses that 2nd device. This only occurs when using the Motorola AP and wireless option. Are you saying that the 2nd MAC is the Wireless Access Point? I have already accounted for the Motorola VAP 2500. I know it's MAC address and the MAC address of the LAN card on my receiver. That one is constant whether I'm using wired or wireless.

Can you explain this a little further?

Message 9 of 9 (3,665 Views)
Share this topic
Announcements

Welcome to the AT&T Community Forums!!! Stop by the Community How-To section for tips on how to get started.