The access to the internal functions can be controlled separately for accesses from the local or from remote networks - for all configuration services separately. The configuration access can generally be permitted or forbidden, a pure read access or - if your model is equipped with VPN - also can be permitted only over VPN. You can open the configuration dialogue with the access rights from the local or from remote networks over the button access rights:
Note: If you want to remove the network
access to the router over the WAN completely, set the configuration access
from distant nets for all methods to 'denied'.
LANconfig: Management / Admin / access rights
WEBconfig: LCOS menu tree / Setup / Config / Access-list