The “WAN” port of an OLT _is_ it’s management port. Data, IPTV, and VoIP traffic pass on VLANs, typically encrypted. These are passive optical network (PON) devices, where all CPE in a group of, say, 32 premises receive the same light via an optical splitter.
Thus network partitioning is a requirement of the architecture. There is no concept of a traditional “WAN” port facing the Internet.
-mel via cell
On Jul 10, 2020, at 12:21 PM, Owen DeLong <owen@delong.com> wrote:
Um, from the article it appears that this isn’t on the Management interface, but the WAN port of the OLT.
Owen
But who, who I ask, opens their management interface to the public Internet?!?!
Maybe this is vulnerability if you have a compromised management network, but anybody who opens CPE up to the Internet is just barking mad :-)
-mel via cell