Why TCP Port 443 is opened on WAN when the Allow management from the Internet option is disabled?

Vigor Router which supports SSL VPN function will open TCP Port 443 from WAN for accepting SSL VPN Clients' dialing in by default. That's why we can see Vigor's Web Login page by HTTPS from WAN even the Allow Management from the Internet option is not enabled. There are two methods to make the Web Login page not be seen on the default HTTPS page from the Internet, we can do either of the following configuration changes if you do not use the SSL VPN feature of the Vigor Router. However, if you do use Vigor Router to provide the SSL VPN connection, you can only choose the second method to achieve the purpose.

Method 1. Disable SSL VPN Service

Deselect Enable SSL VPN Service in VPN and Remote Access >> Remote Access Control Setup page

Method 2. Change SSL VPN Port from Default to the other one

Modify the Port for SSL VPN Service from default port 443 to the other one via SSL VPN >> General Setup page. Please notice that the SSL VPN clients should change the connection port to the one you set.