How to block luci access to internal ISP provided IP


I configured my (OpenWrt) rbsxt2ndr3 's wan with pppoe to connect my ISP's router GPON and accessing internet via wifi AP on openwrt.

On Network > it shows my IP provided by ISP (wan pppoe) as something like 10.2.55.xx

Now when i tried 10.2.55.xx on browser it opened OpenWRT router page :face_with_monocle:

I want to block this.

I don't want ISP to acess my router page . How to block this. plzzzz help me.

Your ISP is apparently using RFC1918, instead of the dedicated RFC6598 range, for cgNAT, assigning you a private IP on WAN. Your router is still doing NAT again, blocking external accesses to its admin page - but if you access your WAN IP from the inside, you will get access to it, that doesn't mean anyone could see it from the outside (nor your ISP).

1 Like

you mean this accessible because i am lan. What if some other same isp user also has 10.44.8.xx same subnet.. then ? will he be having accesing to my routr page.

plzz tell me.

No the default OpenWrt firewall settings don't allow access from the WAN to luci since the WAN zone doesn't have INPUT accept.

1 Like

Thanks mikma. I am secured then. :slight_smile:



If you have LAN set to ACCEPT, then you can reach the web GUI.

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.