The FCC Ban on Foreign-Made Routers: What It Means for You
Published July 6, 2026
The headlines in March made it sound dramatic. The FCC effectively banned foreign made consumer routers, and since almost every router is foreign made, people panicked. Plenty of readers typed the same worried question into Google: is my router illegal now?
Short answer: no. You don't have to throw anything out, and stores can keep selling what's already authorized. The rule blocks future models, not the box blinking in your hallway. Here's what actually changed, and the handful of things worth doing about it.
What the FCC actually did in March 2026
On March 23, 2026, the FCC added foreign produced consumer routers to its Covered List. That's the same blacklist that already holds gear from Huawei and ZTE. The order is FCC document DA 26-278, and the agency published an FAQ page alongside it.
The trigger was a National Security Determination the FCC received three days earlier, on March 20. It cited unacceptable risks to national security. It named the Volt Typhoon, Flax Typhoon, and Salt Typhoon campaigns, which all abused home routers in real attacks.
The mechanics matter here. Every router sold in the US needs FCC equipment authorization before it can reach the market. Covered List devices can't get new authorizations. No authorization means no importing, no marketing, and no selling.
So is TP-Link banned in the US?
Not the way most people mean it. TP-Link routers already in stores stay legal to sell, and yours stays legal to use. What's blocked is authorization for new models, and that rule covers every foreign made brand, TP-Link included.
TP-Link has taken the most heat, to be fair. Texas sued the company in early 2025 over its security marketing claims. In January 2026, the Texas governor barred state employees from using TP-Link products. And the Commerce Department floated a TP-Link sales ban in late 2025, which the White House reportedly shelved in February 2026.
A month after that, the FCC's much broader rule landed and swept in every brand at once. TP-Link publicly pushed back on the policy that spring. Whatever you think of the company, the rule doesn't touch routers people already own.
So if there's an Archer in your house, keep using it. The TP-Link router login page works exactly like it did in February, and so does the Tether app.
Why this reaches almost every brand
The word produced is doing heavy lifting in this rule. A router counts as foreign produced if any major production stage happens abroad. That covers manufacturing, assembly, design, and development. The factory is only one stage.
That definition catches nearly everyone. Netgear, ASUS, eero, Google Nest, Linksys, Ubiquiti, and Synology all sell foreign produced models. An American logo on the box doesn't help when the engineering happens overseas. Right now, practically no major consumer router is built start to finish in the US.
The broad definition isn't an accident. The security worry is mostly about software and who writes it. Which factory screws the case together matters less. Design and development is where firmware gets built, so that's the stage regulators care about most.
One boundary worth knowing: the rule only covers consumer grade routers. Enterprise and carrier grade equipment isn't included. It's not yet clear how the gateways ISPs hand out will be treated.
What doesn't change for you
The ban isn't retroactive, and that's the headline for home users. Routers that already hold FCC authorization can keep being manufactured, imported, and sold. Store shelves look the same in July 2026 as they did in February.
You don't need to replace anything. Consumer Reports reviewed the order and confirmed that existing routers stay legal to own and use. There's no household deadline, no registration, and nobody is coming for the router in your closet. Mesh kits and extenders follow the same logic, so an authorized eero or Deco system stays on sale too.
Updates keep flowing too, at least for a while. The FCC's fact sheet says previously authorized routers can keep receiving software and firmware updates through March 1, 2027. What happens after that date isn't settled yet, and honestly, that's the part I'd watch.
Don't wait on it either. It takes about five minutes to update your router firmware, and manufacturers are allowed to keep pushing patches until at least March 2027.
What changes for future routers
New models are where you'll notice this. A router that doesn't have authorization yet can't be imported or sold in the US, full stop. That's true for TP-Link, Netgear, ASUS, and anyone else building overseas.
There's an exit ramp for manufacturers. They can apply for Conditional Approval from the Department of War or the Department of Homeland Security. That approval certifies a specific model doesn't pose an unacceptable security risk. Clear it, and the model can be authorized and sold normally.
How fast those approvals move is anyone's guess right now. If the process crawls, expect fewer new router launches in the US and longer waits for next generation hardware. Current models could hang around longer than usual. Prices on popular ones might firm up, but that part is pure speculation on my end.
If you live outside the US
This is a US rule from a US regulator, and it stops at the border. Nothing is banned in the Philippines, India, the UK, or anywhere in Latin America. Your local shops keep selling exactly what they sold before.
There's a possible ripple effect, though. The US is a huge market, and router makers plan their product lines around it. If US launches slow down, global release schedules could drift too. That's worth watching, but it's not a reason to change anything today.
What I'd actually do this week
Skip the panic buying. Some people are stockpiling routers over these headlines, and it's a waste of money. Your current router works, current models stay on sale, and replacements will exist next year.
Put the energy into boring maintenance instead, because that's what these attacks actually exploited. The Typhoon campaigns walked into home routers through stale firmware and factory logins, not unstoppable wizardry. So change your default router password if you've never touched it. Then turn on automatic firmware updates so you stay patched without thinking about it.
A weekly reboot helps too, and it's free. We've covered why the NSA recommends rebooting your router weekly in its own article, and it pairs nicely with the steps above.
If your router is more than five or six years old, treat this as a nudge to replace it. The FCC isn't the reason. Old routers eventually stop getting security patches, and that's a bigger real world risk than anything in this order.
And if you're shopping for a router this year, shop normally. Everything on a US shelf right now is authorized, and those models stay legal to buy and use, with no removal deadline announced. Pick a current model from a brand with a decent update record. You'll be fine well past 2027.
Related Articles
Upgrade your WiFi security from WPA2 to WPA3 for stronger encryption and better protection.
Remove unwanted devices from your network using MAC address filtering and access controls.
Learn why changing your default router password is critical for home security. Step-by-step guide for Netgear, TP-Link, Asus, Linksys routers.
Learn the warning signs your router has been hacked and follow our step-by-step guide to check for suspicious activity on Netgear, TP-Link, Asus routers.
More from Other Topics
Router Guides
Popular Router Resources
- Default Router Passwords
- Router Brands
- Default IP Addresses
- What Is My IP?
- WiFi QR Code Generator
- Internet Speed Test
- Port Checker
- All Network Tools