GoodCloud: User Management and Port security, etc

GoodCloud, AstroWarp and AstroRelay
1

Hello,

I have a three part question:

Part 1:

Is it possible currently to have a router in Goodcloud to be shared and accessed by multiple users? I've setup a router for a friend and I tried "sharing the device" by shared devices. Upon entering his email address I get an error being told there is no such user.

Is this possible to share his router with him?

Part 2:

By default GoodCloud uses port 80 to access routers despite no ports being open. Is this less or more secure if I leave it by the default setting rather then opening up Port 443 to the entire web on the router itself? Or is port 80 only open specifically for GoodCloud and to the entire web on the device itself? I just want to make sure I'm leaving no stone unturned.

Part 3:

I have an old Android phone that doesn't allow for WPA3 support. It currently is connected to the guest network. I'd like to make an exception if possible for this device via Firewall rules to be able to access resources on the main network. For example a resource that this device would need to access is an NVR security system. On previous configurations with WPA2 security the device was able to access this network resource without an issue. Now it is not able to access this resource due to the new standards of the WPA3 protocol.

Thanks,

2

I was able to solve the first part of this issue. Please advise on part two of the issue since I was able to not secure the port 80 HTTP port for the web console. I tried turning on "Force HTTPS" on local access control. However, this completely bricked remote access to the web admin console. Even with Port 443 open for HTTPs to try to allow for some consistency for the Firewall to pass that traffic through. It was not allowing the traffic to come through. I even tried enabling allow HTTPs remote access and it didn't allow traffic to port 443.

What options do I have to make my access to the web admin console more secure aside from port 80? Or is this really not a threat vector since my account security is what determines access to the cloud in the first place.

3

port 80 is open in the LAN (as well as to the router itself). Only if you want to use Goodcloud to remote access the router's web admin panel, you need to keep the default 80 port. If you force to use 443, you cannot use Goodcloud to remote access the router's web admin panel. But remote ssh and other things are OK.

Maybe just change private wifi to WPA2 or connect your NVR to guest wifi. Otherwise it will defeat the purpose of guest wifi network.