Jump to content
RESET Forums (homeservershow.com)
Sign in to follow this  
g725s

Router won't UPnP for WHS 2011 Remote Web Access

Recommended Posts

ikon

I can confirm that it's now working. Doesn't help when the certificate issuer screws it up..... :angry:

Share this post


Link to post
Share on other sites
Drashna Jaelre

I have a bad history with GoDaddy.... 

I avoid them whenever I can. And that means paying for my own domain via eNom. 

 

But glad to hear that got sorted out.

Share this post


Link to post
Share on other sites
g725s

I have a bad history with GoDaddy.... 

I avoid them whenever I can. And that means paying for my own domain via eNom. 

 

But glad to hear that got sorted out.

 

The FREE option from Windows Server through the setup wizard is with GoDaddy.  So you really don't have an option there if you want FREE and easy.  For my needs it is good enough for me right  now.

 

Now that the certificate is fixed I can click on RWA from the LaunchPad and it will launch the browser for RWA which I can now view from within my LAN, where I could not before.

 

I'm wondering if maybe this certificate problem was the cause of UPnP not working on my router in the first place.  Not that I need or want UPnP to work at this point.  But just curious.

Edited by g725s

Share this post


Link to post
Share on other sites
ikon

Probably, but I concur that there's no need to enable UPnP. Friends don't let friends UPnP ;)

Share this post


Link to post
Share on other sites
g725s

Probably, but I concur that there's no need to enable UPnP. Friends don't let friends UPnP ;)

 

Yes, I appreciate the heads up on that one, thanks to you guys.  I won't be enabling UPnP.

 

But this router is somewhat state-of-the-art, you would think the UPnP would work without problem.  I did flash it with the latest Merlin firmware but that only adds more features and would not affect UPnP.

Share this post


Link to post
Share on other sites
ikon

If you mean that UPnP should function; i.e. work the way it's supposed to, then yes, it should. Not that we want it to ;)

 

If you mean the router is advanced enough that UPnP should work without security risks, then no, the router really can't do that. The problem is that malware gets into the inside of your network, usually by a computer browsing to a bad web site, then it just does what any other legitimate app does to configure UPnP, except it opens ports for nefarious purposes.

Share this post


Link to post
Share on other sites
Drashna Jaelre

Yes, I appreciate the heads up on that one, thanks to you guys.  I won't be enabling UPnP.

 

But this router is somewhat state-of-the-art, you would think the UPnP would work without problem.  I did flash it with the latest Merlin firmware but that only adds more features and would not affect UPnP.

UPnP works great.

 

I mean, once a computer gets infected with a botnet virus, it's super easy for it to open ports (such as file sharing, or for RAT tools) and allow outside access to your system. With no prompts or notifications. All silently, and without your knowledge. Unless you're OCD and check the UPNP entries all the time.

 

 

That's why you should disable UPNP. Always. In fact, I'm glad that pfsense, untangled and sophos don't support UPNP at all.

 

 

 

 

The FREE option from Windows Server through the setup wizard is with GoDaddy.  So you really don't have an option there if you want FREE and easy.  For my needs it is good enough for me right  now.

 

Now that the certificate is fixed I can click on RWA from the LaunchPad and it will launch the browser for RWA which I can now view from within my LAN, where I could not before.

 

I'm wondering if maybe this certificate problem was the cause of UPnP not working on my router in the first place.  Not that I need or want UPnP to work at this point.  But just curious.

Yup, I know. That's why I opted to pay for the eNom option over the free option.

It may cost me per year, but it's worth paying that to be free of GoDaddy. IMO.

Share this post


Link to post
Share on other sites
g725s

UPnP works great.

 

I mean, once a computer gets infected with a botnet virus, it's super easy for it to open ports (such as file sharing, or for RAT tools) and allow outside access to your system. With no prompts or notifications. All silently, and without your knowledge. Unless you're OCD and check the UPNP entries all the time.

 

 

That's why you should disable UPNP. Always. In fact, I'm glad that pfsense, untangled and sophos don't support UPNP at all.

 

 

 

 

 

 

Could you enable UPnP just for setting up a device, and then disable it after you've setup the device?  Could a Botnet Virus make changes that would not be visible?

Edited by g725s

Share this post


Link to post
Share on other sites
ikon

Could you enable UPnP just for setting up a device, and then disable it after you've setup the device?  Could a Botnet Virus make changes that would not be visible?

 

No, it couldn't. As long as you check the port forward settings on your router, and you can account for each one as something you need, you're good.

 

I haven't tried this, but one thing you might be able to do is disconnect the router from the Internet while running the wizard. It might not work though, if the wizard insists on talking to the Internet while it's configuring things. Still, it might get far enough to configure the UPnP ports before complaining. All in all though, I think it's just as easy to set up the ports manually.

Share this post


Link to post
Share on other sites
Poppapete

I tried that with an RT-N66U. It didn't work for me.  The upside was that I had had plenty of practice at manual port forwarding which stood me in good stead when I moved to UT and Sophos which for good reason do not allow UPnP.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  



×
×
  • Create New...