A secure router is a routing device with integrated security functions such as VPN, traffic encryption, access control, firewall policy or data-flow protection. If the goods are declared merely as “router”, “network device” or “security gateway”, the shipment may face issues at the same time on HS classification, cybersecurity product import licensing, civil cryptography, ICT conformity, product labeling and C/O. This article provides an E2E (End-to-End) map for reviewing HS code, taxes, specialized policies, customs documents and risks to be blocked before ETA (Estimated Time of Arrival).

Item	What to review
Product scope	Secure router – routing equipment integrated with network security, VPN, traffic encryption, policy routing, firewall rules or access control.
Related group	VPN appliance, secure router, encrypted gateway; not automatically applicable to consumer routers, access points, CPE, firewalls or crypto appliances.
Reference HS codes	8517.62.49 / 8517.62.43 / 8517.62.51; 8471.30.90, 8471.41.90, 8471.49.90 may be reviewed if the device is an ADP-processing appliance under cybersecurity product lists.
Duty proposal	MFN is commonly 0%, VAT 10%, normal import duty reference 5%; valid C/O may allow review of special preferential duty under FTA.
Key policy	Review cybersecurity product import license if classified as VPN/anti-intrusion on transmission lines; review civil cryptography if dedicated encryption applies.
Pre-ETA control point	Do not wait until arrival to check encryption features, VPN/IPSec/SSL/TLS, Wi-Fi/cellular bands, software license, firmware, datasheet and original labels.

Legal note: This content is an operational guide for dossier preparation. A secure router may be an ordinary router, VPN appliance, encrypted gateway or dedicated network security appliance depending on the model. Therefore, HS code, duty rate and specialized policies must be checked at customs declaration time based on catalogue, datasheet, model, firmware, license/subscription, encryption functions and the actual import purpose.

SCOPE OF APPLICATION

Covered secure routers

Network routing devices with integrated security features, possibly supporting site-to-site VPN, IPSec/SSL VPN, encrypted tunnel, access control, firewall rule, routing policy or centralized security management.

Not automatically applied to the entire group

VPN appliance, encrypted gateway, firewall, access point, CPE, modem/router, crypto appliance or UTM may have different HS codes and policies depending on principal function.

Goods condition must be separated

New, refurbished, demo/lab, RMA warranty, project cargo, goods imported for EPE/FDI/factories, or goods with license/subscription may require different treatment.

Mandatory review condition

Review according to catalogue, datasheet, model and actual import purpose, especially where Wi-Fi/4G/5G module, encryption, power adapter, security license or management software is included.

CLASSIFICATION & TECHNICAL IDENTIFICATION

For secure routers, the trade name is not sufficient for a policy conclusion. The device must be identified by routing function, network interfaces, VPN/encryption features, data processing mechanism, firmware/license and deployment purpose. Misdescription may lead to wrong HS code, missing cybersecurity import license, missing civil cryptography dossier or incorrect product labeling.

Check point	Documents to compare	Risk if misdescribed	Suggested goods description
Trade name and model	Catalogue, datasheet, model list, original label	May be misclassified as an ordinary router or another security appliance	Secure router, model…, for network routing and secure connectivity
Network interfaces	Datasheet, port images, user manual	Cannot determine transmission equipment or ADP nature	State WAN/LAN/SFP ports, speed, Ethernet/Wi-Fi/cellular standards if any
VPN/encryption function	Security feature list, admin guide, license sheet	May miss cybersecurity or civil cryptography licensing review	Secure router supporting VPN/IPSec/SSL/TLS according to actual model
Wi-Fi/4G/5G/Bluetooth if any	RF specification, module certificate, test report	May trigger ICT conformity, radio frequency or applicable QCVN requirements	Clearly state wireless module and frequency bands
License/subscription	PO, invoice, license certificate, activation sheet	Wrong customs value or description for bundled software	Separate hardware, security license and support if shown separately
Goods condition	Label photos, serial list, CO/CQ, RMA/warranty papers	May trigger used/refurbished goods policy	State “brand-new” or actual condition; avoid generic wording

HS CODE – DUTIES – C/O

HS classification for a secure router must be based on principal function and actual configuration. If the product is a network transmission/reception router or secure gateway, Chapter 8517 is usually reviewed first. If it is presented as an ADP-processing appliance under cybersecurity product lists, Chapter 8471 may also need checking. A single HS code should not be applied to all secure router models.

Reference HS code	Application condition	Risk if misapplied	Documents to compare
8517.62.49	Secure router/encrypted gateway is network data transmission/reception equipment, not merely a consumer wireless router	Wrong HS may misalign cybersecurity/civil cryptography policy and C/O	Catalogue, datasheet, port list, license, admin guide
8517.62.43	Security/gateway appliance transmitting and receiving network data where technical description fits	Questions may arise if the principal function is ordinary routing	Datasheet, feature list, security documentation
8517.62.51	Wireless LAN/Wi-Fi router according to actual model	May miss ICT/radio conformity if Wi-Fi is present	RF specs, test report, module certificate
8471.30.90 / 8471.41.90 / 8471.49.90	Only where the device is determined as ADP machine/unit or included in cybersecurity product descriptions	Wrong application may distort tax, licensing and customs description	Catalogue, CPU/storage specs, hardware structure, model list

Duties and C/O to review

HS code	Normal import duty	MFN import duty	VAT	Special preferential C/O rate	Application note
8517.62.49	5% reference	0%	10%	Review to 0% if C/O and FTA conditions are valid	Preferred review route where secure router is network transmission/reception equipment with security/VPN features.
8517.62.43	5% reference	0%	10%	Review to 0% if C/O and FTA conditions are valid	Used where the description matches a security gateway transmitting/receiving data.
8517.62.51	5% reference	0%	10%	Review to 0% if C/O and FTA conditions are valid	Only where the product is a wireless LAN/Wi-Fi router by catalogue.
8471.30.90 / 8471.41.90 / 8471.49.90	5% reference	0%	10%	Review to 0% if C/O and FTA conditions are valid	Only where configuration and nature fit ADP machine/unit classification.
Bundled license/subscription	Not fixed generally	Separate review	Separate review	By transaction nature	If invoice separates license/support, customs value and description should be handled consistently.

APPLICABLE SPECIALIZED POLICIES

Goods situation	Potential policy	Documents to check	Authority/portal if identifiable	Recommended timing	Risk note
Standard secure router without Wi-Fi/cellular or dedicated VPN/encryption	Review customs policy, product labeling and HS code; do not conclude license exemption without datasheet	Catalogue, datasheet, original label, invoice, packing list	Customs authority at declaration office	Before ETA	Generic goods name may trigger additional questions.
VPN or transmission-line anti-intrusion function	May fall under cybersecurity product import licensing, VPN line item	Datasheet, admin guide, license, feature matrix	Ministry of Public Security public service portal / National public service portal or current portal	Preferably before export from origin	Missing license can delay clearance.
Dedicated encryption/encrypted tunnel/key management	Review civil cryptography if functions fall under licensed civil cryptography import list	Crypto datasheet, encryption declaration, model list	Civil cryptography authority/current handling portal	Before PO and invoice are locked	Do not automatically equate all TLS/VPN with licensed civil cryptography; assess model and legal scope.
Wi-Fi/Bluetooth/4G/5G	Review ICT group 2, conformity, radio frequency and relevant QCVN if listed	RF specs, test report, QCVN, module certificate	Telecommunications authority/specialized portal or current body	Before ETA, preferably before purchase	Missing test report or wrong band can delay dossier.
Adapter/power supply included	Review product labeling and electrical/EMC requirements if applicable	Power specs, adapter photos, catalogue	Customs/specialized authority if applicable	When documents are locked	Undescribed accessories may affect quantity, value and policy.
Refurbished/RMA/demo goods	Review used/refurbished goods policy, value and import purpose	RMA letter, warranty papers, invoice, serial list, photos	Customs and specialized ministry if triggered	Before arrival	Do not state “new” if actually refurbished/demo.

LEGAL DOCUMENTS TO REVIEW

Document group	Legal text	Issuing body	Effective/application timing	Role in procedure	Key article/appendix	Review note
Law	Law on Customs 2014	National Assembly	Currently applicable; verify status at time of import	Basis for customs dossier, inspection and clearance	Customs dossier, inspection and clearance provisions	Review by import type.
Law	Law on Cyberinformation Security 2015	National Assembly	Currently applicable; verify amendments if any	Legal basis for cybersecurity products and civil cryptography	Provisions on cybersecurity/civil cryptography products and services	Apply only where model functions fall under scope.
Circular	Circular 13/2018/TT-BTTTT	Ministry of Information and Communications	Effective from 01 Dec 2018, amended/supplemented	Cybersecurity product import licensing list and procedure	Product list and licensing dossier	Check the amended effective version.
Circular	Circular 10/2022/TT-BTTTT	Ministry of Information and Communications	Effective from 15 Sep 2022	Amends Circular 13/2018; includes VPN product line	Appendix of cybersecurity products subject to import license	Secure routers with VPN require careful review.
Circular	Circular 29/2025/TT-BKHCN	Ministry of Science and Technology	Effective from 31 Dec 2025	ICT goods likely to be unsafe, group 2/QCVN management	Relevant appendices and QCVN	Only if model is listed or has wireless/ICT module.
Decree	Decree 211/2025/ND-CP	Government	Effective from 09 Sep 2025	Civil cryptography management and related penalties	Licensed civil cryptography product scope	Review where encrypted gateway/dedicated cryptography applies.
Decree	Decree 43/2017/ND-CP and Decree 111/2021/ND-CP	Government	Currently applicable; verify status	Product labeling and Vietnamese supplementary labels	Mandatory label contents	Check original labels before ETA.
Tariff	Current import-export tariff schedules	Government/Ministry of Finance	Applicable on declaration date	Normal duty, MFN, VAT and special preferential duty	Based on HS code and origin	Do not use outdated rates.

VIEW / DOWNLOAD ORIGINAL LEGAL TEXTS

Enterprises may search by document number on official legal document portals, the Government portal or issuing authority websites. Enterprises should cross-check on official portals or issuing authority websites before application.

Circular 13/2018/TT-BTTTT Circular 10/2022/TT-BTTTT Cybersecurity product import licensing procedure Circular 29/2025/TT-BKHCN Decree 211/2025/ND-CP

CUSTOMS CLEARANCE DOCUMENT SET

Commercial documents

Commercial Invoice, Packing List, Bill of Lading/Air Waybill, Sales Contract/Purchase Order, C/O if claiming preferential duty, catalogue/datasheet, goods photos, original labels and model/serial list.

Specialized documents if any

Cybersecurity product import license, civil cryptography dossier, ICT conformity dossier, test report, technical documents, Vietnamese label, license/subscription and security feature description.

Document group	Required documents	Used for	Usually prepared by	Common error	Pre-ETA check
Commercial	Invoice, Packing List, B/L or AWB	Declaration, value and quantity check	Shipper, buyer, logistics/docs	Goods name only says “router” or model mismatch	Compare name, model, serial, origin and quantity against catalogue
Technical	Catalogue, datasheet, admin guide, feature matrix	HS and ATTT/MMDS/ICT policy determination	Supplier, IT/procurement	Missing VPN/encryption/frequency details	Request official PDF and mark relevant features
Cybersecurity	Import license if listed	Specialized submission/customs explanation	Importer/compliance	No license before ETA	Review VPN/anti-intrusion line before export
Civil cryptography	Encryption documents, crypto declaration, license if applicable	Determine if MMDS list applies	Importer, legal, supplier	Confusing ordinary security with dedicated crypto or vice versa	Compare model/functions with current list
Origin	C/O, through B/L if transit, third-party invoice if any	Special preferential duty claim	Shipper, buyer	Wrong form, description or HS on C/O	Review C/O draft before issuance
Labeling	Original label photos, Vietnamese supplementary label, serial label	Clearance and market circulation	Importer, warehouse, compliance	Missing model/manufacturer/origin/specs	Take label photos before ETA

DECISION POINTS THAT MAY HOLD THE SHIPMENT

Decision point	Question to answer	Evidence	Consequence if unclear	Recommended handling
HS code	Is it a network secure router, VPN appliance, encrypted gateway or ADP-processing appliance?	Catalogue, datasheet, feature list	HS consultation or explanation request	Classify by principal function, not trade name.
Cybersecurity license	Does the model fall under VPN/anti-intrusion transmission line item?	Circular 10/2022, datasheet, license	Additional license may be required	Review before ETA and prepare if applicable.
Civil cryptography	Does it have dedicated cryptography or key management?	Encryption declaration, admin guide	May require license/explanation	Request supplier function confirmation in writing.
ICT conformity	Does it have Wi-Fi/4G/5G/Bluetooth or radio function?	RF specs, test report, QCVN	Specialized dossier may be delayed	Check band and QCVN before purchase.
C/O	Is C/O form, criterion, description and HS consistent?	C/O draft, invoice, B/L	Preferential duty may be denied	Review C/O before original issuance.
Goods condition	New, refurbished, demo or RMA?	Invoice, photos, serial list, warranty/RMA papers	Wrong value/used goods policy	State actual condition in documents.

E2E IMPORT PROCESS FOR SECURE ROUTER

Step 1: Pre-ETA review

Finalize provisional HS code, cybersecurity, civil cryptography, ICT/conformity, duty, C/O, labeling and new/used status before arrival.

Step 2: Lock documents and technical files

Finalize Invoice, Packing List, B/L/AWB, catalogue, datasheet, model/serial list, license/subscription, label photos and VPN/encryption feature documents.

Step 3: Register license/specialized procedure if applicable

If the model is subject to cybersecurity, civil cryptography or ICT management, prepare dossier on the current portal before ETA.

Step 4: Customs declaration

Declare clear goods description, model, principal function and origin; prepare explanation on value, HS, C/O, catalogue, license and specialized policies for Yellow/Red channel.

Step 5: Clearance, delivery and post-clearance retention

After clearance, control Vietnamese labels, retain license, C/O, test reports, catalogue and HS explanation for post-clearance audit.

PRE-ETA RISK CHECKLIST

Risk	Consequence	Pre-ETA control	Document to check
Generic goods name	HS and policy may be questioned	State secure router and VPN/encryption function if any	Invoice, Packing List, datasheet
Missing cybersecurity license	Clearance delay and storage charges	Check Circular 10/2022 before arrival	Datasheet, feature list, license
Civil cryptography not reviewed	License/explanation may be required	Ask supplier for encryption/key management confirmation	Admin guide, crypto declaration
Wrong C/O description or HS	Preferential duty may be denied	Review C/O draft before issuance	C/O, invoice, B/L, C/O form
License/subscription not separated	Value and description inconsistency	Align PO/invoice presentation	PO, invoice, license certificate
Model mismatch	Document amendment or inspection risk	Lock model/serial list before ETA	Invoice, packing list, label photos, catalogue

FAQ – COMMON QUESTIONS

Does importing a secure router require a license?

It may require a license if the model is in the cybersecurity product list, especially VPN/anti-intrusion transmission line items. Do not conclude before reviewing datasheet and model.

Does a secure router require civil cryptography license?

Only where it has dedicated encryption, encrypted gateway, key management or licensed civil cryptography features. Technical files must be reviewed.

Which HS codes are commonly reviewed?

Usually 8517.62.49, 8517.62.43 or 8517.62.51; some appliances may require review under 8471 depending on configuration and cybersecurity list.

Is conformity certification/declaration required?

If the model has Wi-Fi/Bluetooth/4G/5G or is listed as ICT group 2, applicable QCVN, test report and conformity dossier should be reviewed.

Can C/O reduce import duty?

Possibly, if C/O is valid, form and origin criterion are correct, and goods description and HS match the declaration.

Should software license be shown on invoice?

If license/subscription is sold with or priced separately from the device, it should be consistently shown on PO, invoice and valuation documents.

Are warranty/RMA goods handled like commercial goods?

Not automatically. Import type, value, warranty dossier, goods condition and specialized policies must be reviewed for each shipment.

EXECUTION SUPPORT FOR SECURE ROUTER SHIPMENTS

This article provides a map of HS code, duties, documents and specialized policies. For real shipments, enterprises still need to review catalogue, datasheet, model, documents, origin, license/subscription and actual import purpose.

Pre-ETA review

Check HS code, cybersecurity license, civil cryptography, ICT conformity, C/O, duties, labeling and model.

Compliance dossier control

Check Invoice, Packing List, B/L/AWB, C/O, catalogue, datasheet, test report, license and labels.

International logistics & customs

Coordinate agents, carriers/airlines, ETA, pre-alert, customs declaration and Green/Yellow/Red channel handling.

Post-clearance retention

Retain lot files, HS explanation, licenses, C/O, specialized documents and label photos for post-clearance audit.

For shipments that may involve specialized inspection, licenses, C/O or product labeling, enterprises should not wait until cargo arrival to start compliance review. A small inconsistency among Invoice, Packing List, catalogue, datasheet, C/O or labels may lead to document supplement requests, delayed clearance or unplanned storage charges. TGIMEX supports E2E import planning: pre-ETA policy review, document checking, international freight coordination, customs declaration, clearance handling, inland delivery and post-clearance record retention.

Có liên quan

QUICK CONSULTATION

NEED TO REVIEW IMPORT PROCEDURES OR A SHIPPING PLAN?

Send us the product name, shipping route, current dossier, or implementation request in advance so we can suggest a suitable approach that is practical, focused, and aligned with your shipment.

CALL NOW

HOTLINE 0963 856 664 / 0982 135 393

EMAIL info@tgimex.com

SUITABLE FOR International shipping · Customs procedures · Import licenses · B2B logistics

ELECTRICAL – ELECTRONICS – IT EQUIPMENT

F&B

MACHINERY

HOUSEHOLD GOODS

COSMETICS – PERSONAL CARE