Jump to content
RESET Forums (homeservershow.com)

Router won't UPnP for WHS 2011 Remote Web Access


g725s
 Share

Recommended Posts

I have a bad history with GoDaddy.... 

I avoid them whenever I can. And that means paying for my own domain via eNom. 

 

But glad to hear that got sorted out.

Link to comment
Share on other sites

I have a bad history with GoDaddy.... 

I avoid them whenever I can. And that means paying for my own domain via eNom. 

 

But glad to hear that got sorted out.

 

The FREE option from Windows Server through the setup wizard is with GoDaddy.  So you really don't have an option there if you want FREE and easy.  For my needs it is good enough for me right  now.

 

Now that the certificate is fixed I can click on RWA from the LaunchPad and it will launch the browser for RWA which I can now view from within my LAN, where I could not before.

 

I'm wondering if maybe this certificate problem was the cause of UPnP not working on my router in the first place.  Not that I need or want UPnP to work at this point.  But just curious.

Edited by g725s
Link to comment
Share on other sites

Probably, but I concur that there's no need to enable UPnP. Friends don't let friends UPnP ;)

 

Yes, I appreciate the heads up on that one, thanks to you guys.  I won't be enabling UPnP.

 

But this router is somewhat state-of-the-art, you would think the UPnP would work without problem.  I did flash it with the latest Merlin firmware but that only adds more features and would not affect UPnP.

Link to comment
Share on other sites

If you mean that UPnP should function; i.e. work the way it's supposed to, then yes, it should. Not that we want it to ;)

 

If you mean the router is advanced enough that UPnP should work without security risks, then no, the router really can't do that. The problem is that malware gets into the inside of your network, usually by a computer browsing to a bad web site, then it just does what any other legitimate app does to configure UPnP, except it opens ports for nefarious purposes.

Link to comment
Share on other sites

Yes, I appreciate the heads up on that one, thanks to you guys.  I won't be enabling UPnP.

 

But this router is somewhat state-of-the-art, you would think the UPnP would work without problem.  I did flash it with the latest Merlin firmware but that only adds more features and would not affect UPnP.

UPnP works great.

 

I mean, once a computer gets infected with a botnet virus, it's super easy for it to open ports (such as file sharing, or for RAT tools) and allow outside access to your system. With no prompts or notifications. All silently, and without your knowledge. Unless you're OCD and check the UPNP entries all the time.

 

 

That's why you should disable UPNP. Always. In fact, I'm glad that pfsense, untangled and sophos don't support UPNP at all.

 

 

 

 

The FREE option from Windows Server through the setup wizard is with GoDaddy.  So you really don't have an option there if you want FREE and easy.  For my needs it is good enough for me right  now.

 

Now that the certificate is fixed I can click on RWA from the LaunchPad and it will launch the browser for RWA which I can now view from within my LAN, where I could not before.

 

I'm wondering if maybe this certificate problem was the cause of UPnP not working on my router in the first place.  Not that I need or want UPnP to work at this point.  But just curious.

Yup, I know. That's why I opted to pay for the eNom option over the free option.

It may cost me per year, but it's worth paying that to be free of GoDaddy. IMO.

Link to comment
Share on other sites

UPnP works great.

 

I mean, once a computer gets infected with a botnet virus, it's super easy for it to open ports (such as file sharing, or for RAT tools) and allow outside access to your system. With no prompts or notifications. All silently, and without your knowledge. Unless you're OCD and check the UPNP entries all the time.

 

 

That's why you should disable UPNP. Always. In fact, I'm glad that pfsense, untangled and sophos don't support UPNP at all.

 

 

 

 

 

 

Could you enable UPnP just for setting up a device, and then disable it after you've setup the device?  Could a Botnet Virus make changes that would not be visible?

Edited by g725s
Link to comment
Share on other sites

Could you enable UPnP just for setting up a device, and then disable it after you've setup the device?  Could a Botnet Virus make changes that would not be visible?

 

No, it couldn't. As long as you check the port forward settings on your router, and you can account for each one as something you need, you're good.

 

I haven't tried this, but one thing you might be able to do is disconnect the router from the Internet while running the wizard. It might not work though, if the wizard insists on talking to the Internet while it's configuring things. Still, it might get far enough to configure the UPnP ports before complaining. All in all though, I think it's just as easy to set up the ports manually.

Link to comment
Share on other sites

I tried that with an RT-N66U. It didn't work for me.  The upside was that I had had plenty of practice at manual port forwarding which stood me in good stead when I moved to UT and Sophos which for good reason do not allow UPnP.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...