Can somebody help?

I am using a 2850n on the latest 3.6.4 firmware with BT ADSL and Origin VDSL.

I have a IP credit card terminal and no IT support. I need to be PCI DSS compliant.

The scan report is giving the following:

SSL Certificate - Self-Signed Certificate port 443
SSL Certificate - Signature Verification Failed Vulnerability
SSL Certificate - Improper Usage Vulnerability
X.509 Certificate MD5 Signature Collision Vulnerability
SSL Server Allows Cleartext Communication Vulnerability
SSL Server Allows Anonymous Authentication Vulnerability
Please inform the merchant to filter the port or close the port 443 on the router if there is no business need.

Login Form Is Not Submitted Via HTTPS
Change the login form's action to submit via HTTPS.

Web Server Uses Plain Text Basic Authentication
Please contact the vendor of the hardware/software for a possible fix for the issue.

I need to filter or block port 443 on my router. I am unsure what I need to do to fix these issues.

Many thanks in advance.

Switch off SSL VPN and change the port for it too then disable management form the internet.
It sucks it you need to manage it remotely though

sicon wrote: It sucks it you need to manage it remotely though

Well, they don't want you to manage it remotely.... i.e. you tell them the IP address of your credit card device, web shop etc. and they scan it to make sure you're not allowing VPN, remote access etc.

But you could always tunnel in from somewhere else so it's not a very robust requirement.

Curious,

Does anybody know if Draytek fix this fixed this issue?

Better still how do I just turn SSL VPN off? I have a 2850.

I don't think that the Vigor2850 has been sold for some years so I'd guess that new features/updates may not be issued to meet the new PCI requirements. You can certainly turn off SSL access; probably that is the simplest solution.

I'm actually happy to turn off SSL VPN as I don't use it, but can not see where???? All advise appreciated.
Iain