Hi,

Thanks for you reply.   Instead of looking my entire configuration, I suggest you to reproduce this issue on your RV325 unit:

1. Apply the latest FW (v1.1.1.19) on your RV325.

2. Reset to factory default.    

3. Power cycle the unit.

4. Double check again that a check mark is checked on "Firewall", "SPI", "DoS", "Block WAN Request".  No check mark on "Remote Management" and no check mark on "UPNP.   Confirm that there is nothing is configured in port forwarding.   All VPN is disabled.

5. Connect the RV325 unit to Internet via WAN1 port.   Ensure an IP address is assigned by ISP.

6. Using another device connected to Internet (not on any of RV325 ports), perform the sanity check by doing a port scan on port 80 of RV325's WAN IP Address.  Use "PingTools" on Android to perform a port scan on 80 over LTE or 3G network.   OR use nmap in Linux PC connected directly to Internet (not any of the ports in RV325).

7.  The port scan will report port 80 is open.  But nothing on RV320 is configured to use port 80... hence who is using port 80?  

These days, this is a significant security defect of RV320/RV325 as it's piece of information given to hackers.   Is there a way to close this?

Hello, 

I'm sorry it took me a little bit of time to answer but I was trying to duplicate the issue on our lab.

I was really concerned when you mentioned that this issue is affecting not only one but two of our Small Business devices RV320 and RV325.

This is what I did:

1- I took one RV325 and a RV320

2- Factory reset them both

3- I made sure they were running firmware 1.1.1.06

4- Under the firewall I made sure that a check mark iwas checked on "Firewall", "SPI", "DoS", "Block WAN Request".  No check mark on "Remote Management" and no check mark on "UPNP.   Confirm that there is nothing is configured in port forwarding.

5- Then I tested the common ports using different methods including "YOUGETSIGNAL.COM" por forwarding tester and NMAP from windows. (I did have to disable block wan request to test using NMAP)

6- The results were that all the ports including 80 were closed

7- I then upgraded the firmware to 1.1.1.19

8- Factory reset the devices and follow the process again.

I had the same results, all the ports were closed.

This is the reason why I asked you to check some other settings on your router. We are positive this is not an issue that is occurring on all our RV3XX series.

Once again, we will be happy to look at your settings and help you finding out what is affecting your particular connection.

I hope this was helpful.

Hi cchamorr,

Thanks for reproducing it.   I've reproduced it again on my setup and still see port 80 open. As I believe your findings is correct, I unplugged the line from ISP from WAN port and repeated the port scan.  To my surprise, it still reports it's open.  I'm taking this up this issue with my ISP.

Thank you for following y recommendations.

I'm glad you found out where the issue is.

Have a nice day.

Please don't forget to mark an answer as correct if it was helpful to you so that other member can benefit from it.

Thank you for posting

Hello shiftgear,

If the ISP give you a IPS services, this is normal. The gateway / firewall of ISP have this port open why traffic pass through them and check it.

I have same case with my ISP. But when i disconnected the wan, and saw same ports was open, i contacted them and he say "yes, this is why all traffic is checked".  This is the reason the ports was showing as open.

:)