Why are the remote management port settings so weird?

[xcrunner529]

I used to always use Tomato and could always simply have both http/https enabled locally (on 80, and 443 as makes sense!) and I also enabled HTTPS remotely on port 8080 so that I still had 443 available for my server or desktop.

The ASUS routers and merlin firmware as well put really weird requirements for the remote management ports and I see no reason it needs to be like that. It's kind of crazy. If I enable HTTPS it CANNOT be 443, but MUST be above 1024. Umm...WHY? 443 is https you should be able to do that, especially locally.

I gave in and kept the suggested 8443 for HTTPS locally and tried 8080 as the WAN port (since...again...I can't choose 443) and it will not let me saying I used the same port. 8080 and 8443 are not the same. This really needs fixed.

 

[RMerlin]

I used to always use Tomato and could always simply have both http/https enabled locally (on 80, and 443 as makes sense!) and I also enabled HTTPS remotely on port 8080 so that I still had 443 available for my server or desktop.

The ASUS routers and merlin firmware as well put really weird requirements for the remote management ports and I see no reason it needs to be like that. It's kind of crazy. If I enable HTTPS it CANNOT be 443, but MUST be above 1024. Umm...WHY? 443 is https you should be able to do that, especially locally.

That's because port 443 is already used by AiCloud. Simply change the AiCloud port to something different first if you want to use it.

 

[xcrunner529]

I tried changing the AICloud port from 443, but I still am required to choose something above 1024 for the HTTPS LAN Port, and cannot use 8080 for the HTTPS WAN Port. It tells me "Duplicate port number with HTTP and HTTPS WAN port setting." even though I chose only HTTPS...

 

[RMerlin]

I tried changing the AICloud port from 443, but I still am required to choose something above 1024 for the HTTPS LAN Port, and cannot use 8080 for the HTTPS WAN Port. It tells me "Duplicate port number with HTTP and HTTPS WAN port setting." even though I chose only HTTPS...

Port duplication is still rejected because otherwise, if you were to later on enable HTTP, then you would run into issues. Enable both modes, change port 8080 to something else, then switch back to HTTPS.

Nothing prevents you from using something else as well, such as 8888.

The requirement of using an ephemeral port surprises me however - maybe it's something that was added at some point. This is generally good practice however, privileged ports should never be re-used for anything other than their intended service. You have over 64510 other ports to chose from - should be more than enough.