← Security

The FCC Ban on Foreign-Made Routers: What It Means for You

Published July 6, 2026

The headlines in March made it sound dramatic. The FCC effectively banned foreign made consumer routers, and since almost every router is foreign made, people panicked. Plenty of readers typed the same worried question into Google: is my router illegal now?

Short answer: no. You don't have to throw anything out, and stores can keep selling what's already authorized. The rule blocks future models, not the box blinking in your hallway. Here's what actually changed, and the handful of things worth doing about it.

What the FCC actually did in March 2026

On March 23, 2026, the FCC added foreign produced consumer routers to its Covered List. That's the same blacklist that already holds gear from Huawei and ZTE. The order is FCC document DA 26-278, and the agency published an FAQ page alongside it.

The trigger was a National Security Determination the FCC received three days earlier, on March 20. It cited unacceptable risks to national security. It named the Volt Typhoon, Flax Typhoon, and Salt Typhoon campaigns, which all abused home routers in real attacks.

The mechanics matter here. Every router sold in the US needs FCC equipment authorization before it can reach the market. Covered List devices can't get new authorizations. No authorization means no importing, no marketing, and no selling.

So is TP-Link banned in the US?

Not the way most people mean it. TP-Link routers already in stores stay legal to sell, and yours stays legal to use. What's blocked is authorization for new models, and that rule covers every foreign made brand, TP-Link included.

TP-Link has taken the most heat, to be fair. Texas sued the company in early 2025 over its security marketing claims. In January 2026, the Texas governor barred state employees from using TP-Link products. And the Commerce Department floated a TP-Link sales ban in late 2025, which the White House reportedly shelved in February 2026.

A month after that, the FCC's much broader rule landed and swept in every brand at once. TP-Link publicly pushed back on the policy that spring. Whatever you think of the company, the rule doesn't touch routers people already own.

So if there's an Archer in your house, keep using it. The TP-Link router login page works exactly like it did in February, and so does the Tether app.

Why this reaches almost every brand

The word produced is doing heavy lifting in this rule. A router counts as foreign produced if any major production stage happens abroad. That covers manufacturing, assembly, design, and development. The factory is only one stage.

That definition catches nearly everyone. Netgear, ASUS, eero, Google Nest, Linksys, Ubiquiti, and Synology all sell foreign produced models. An American logo on the box doesn't help when the engineering happens overseas. Right now, practically no major consumer router is built start to finish in the US.

The broad definition isn't an accident. The security worry is mostly about software and who writes it. Which factory screws the case together matters less. Design and development is where firmware gets built, so that's the stage regulators care about most.

One boundary worth knowing: the rule only covers consumer grade routers. Enterprise and carrier grade equipment isn't included. It's not yet clear how the gateways ISPs hand out will be treated.

What doesn't change for you

The ban isn't retroactive, and that's the headline for home users. Routers that already hold FCC authorization can keep being manufactured, imported, and sold. Store shelves look the same in July 2026 as they did in February.

You don't need to replace anything. Consumer Reports reviewed the order and confirmed that existing routers stay legal to own and use. There's no household deadline, no registration, and nobody is coming for the router in your closet. Mesh kits and extenders follow the same logic, so an authorized eero or Deco system stays on sale too.

Updates keep flowing too, at least for a while. The FCC's fact sheet says previously authorized routers can keep receiving software and firmware updates through March 1, 2027. What happens after that date isn't settled yet, and honestly, that's the part I'd watch.

Don't wait on it either. It takes about five minutes to update your router firmware, and manufacturers are allowed to keep pushing patches until at least March 2027.

What changes for future routers

New models are where you'll notice this. A router that doesn't have authorization yet can't be imported or sold in the US, full stop. That's true for TP-Link, Netgear, ASUS, and anyone else building overseas.

There's an exit ramp for manufacturers. They can apply for Conditional Approval from the Department of War or the Department of Homeland Security. That approval certifies a specific model doesn't pose an unacceptable security risk. Clear it, and the model can be authorized and sold normally.

How fast those approvals move is anyone's guess right now. If the process crawls, expect fewer new router launches in the US and longer waits for next generation hardware. Current models could hang around longer than usual. Prices on popular ones might firm up, but that part is pure speculation on my end.

If you live outside the US

This is a US rule from a US regulator, and it stops at the border. Nothing is banned in the Philippines, India, the UK, or anywhere in Latin America. Your local shops keep selling exactly what they sold before.

There's a possible ripple effect, though. The US is a huge market, and router makers plan their product lines around it. If US launches slow down, global release schedules could drift too. That's worth watching, but it's not a reason to change anything today.

What I'd actually do this week

Skip the panic buying. Some people are stockpiling routers over these headlines, and it's a waste of money. Your current router works, current models stay on sale, and replacements will exist next year.

Put the energy into boring maintenance instead, because that's what these attacks actually exploited. The Typhoon campaigns walked into home routers through stale firmware and factory logins, not unstoppable wizardry. So change your default router password if you've never touched it. Then turn on automatic firmware updates so you stay patched without thinking about it.

A weekly reboot helps too, and it's free. We've covered why the NSA recommends rebooting your router weekly in its own article, and it pairs nicely with the steps above.

If your router is more than five or six years old, treat this as a nudge to replace it. The FCC isn't the reason. Old routers eventually stop getting security patches, and that's a bigger real world risk than anything in this order.

And if you're shopping for a router this year, shop normally. Everything on a US shelf right now is authorized, and those models stay legal to buy and use, with no removal deadline announced. Pick a current model from a brand with a decent update record. You'll be fine well past 2027.


Related Articles

How to Enable WPA3 on Your Router

Upgrade your WiFi security from WPA2 to WPA3 for stronger encryption and better protection.

How to Block Devices on Your WiFi Network

Remove unwanted devices from your network using MAC address filtering and access controls.

Why You Must Change Your Default Router Password

Learn why changing your default router password is critical for home security. Step-by-step guide for Netgear, TP-Link, Asus, Linksys routers.

How to Tell If Your Router Has Been Hacked

Learn the warning signs your router has been hacked and follow our step-by-step guide to check for suspicious activity on Netgear, TP-Link, Asus routers.


More from Other Topics

How to Reset Your Router to Factory Settings
Troubleshooting WiFi Connection Problems
How to Find Your Router's Default IP Address
How to Set Up Port Forwarding

Router Guides

Popular Router Resources

Popular Router Brands