Reply
Posted Jun 17, 2010
UPnP

Does anyone know how to enable UPnP on the 2Wire router/gateway?

UPnP

14,578 views
9 replies
(0) Me too
(0) Me too
Post reply
Replies
(9)
0
(0)
  • Rate this reply
Jun 17, 2010
0
(0)

The U-Verse RG is not compatible with UPnP.  If you need a firewall port opened, you have to do it manually.

 

*The views and opinions expressed on this forum are purely my own. Any product claim, statistic, quote, or other representation about a product or service should be verified with the manufacturer, provider, or party.

Re: UPnP

0
(0)
  • Rate this reply
Jan 24, 2012
0
(0)

So, what options does a customer have with their security cameras?

You dont specify to customers when selling this stuff that they cannot use their existing equipment.

 U-Verse is supposed to be the latest and greatest and wont support a simple protocol?

 

Re: UPnP

[ Edited ]
0
(0)
  • Rate this reply
Jan 24, 2012
0
(0)

Bskbkid wrote:

So, what options does a customer have with their security cameras?

To open the ports on the firewall manually that the security camera needs. Or have a router behind a router setup.

You dont specify to customers when selling this stuff that they cannot use their existing equipment.

You can keep using your current equipment. I have a 2nd router acting as an access point so I can have the 802.11n 5GHz frequency to connect to.

 U-Verse is supposed to be the latest and greatest and wont support a simple protocol?

What makes U-Verse great is that it doesn't allow for terrible protocols to be simply turned on by the average user.

 


-------

Resident Xbox ACE. Ask me almost anything about U-Verse on the Xbox.

Xbox Gamertag: americangame
PSN: americangame
Steam:americangame
When friending me mention that you found me on the AT&T forums.
*The views and opinions expressed on this forum are purely my own. Any product claim, statistic, quote, or other representation about a product or service should be verified with the manufacturer, provider, or party.

Re: UPnP

[ Edited ]
0
(0)
  • Rate this reply
Jan 24, 2012
0
(0)

You dont specify to customers when selling this stuff that they cannot use their existing equipment.

 

Having a second router will not enable the UpNp through the Att gateway if it doesnt allow it in the first place. Hence, still no way to get the information out on the interent.

 

Allow terrible protocols?

It is NOT anyone elses decision what I do or do not want in the first place. It would have no bearings or effect on Att or anyone else.

Re: UPnP

0
(0)
  • Rate this reply
Jan 24, 2012
0
(0)

Bskbkid wrote:

You dont specify to customers when selling this stuff that they cannot use their existing equipment.

 

Having a second router will not enable the UpNp through the Att gateway if it doesnt allow it in the first place. Hence, still no way to get the information out on the interent.

 Router behind router will enable UPnP if you have your router in DMZ mode.

Allow terrible protocols?

It is NOT anyone elses decision what I do or do not want in the first place. It would have no bearings or effect on Att or anyone else.

But it is AT&T's network and having a security intrusion on their network is their problem.


 

-------

Resident Xbox ACE. Ask me almost anything about U-Verse on the Xbox.

Xbox Gamertag: americangame
PSN: americangame
Steam:americangame
When friending me mention that you found me on the AT&T forums.
*The views and opinions expressed on this forum are purely my own. Any product claim, statistic, quote, or other representation about a product or service should be verified with the manufacturer, provider, or party.

Re: UPnP

0
(0)
  • Rate this reply
Jan 24, 2012
0
(0)

I will try the DMZ mode. But taht doesnt make sense that it would work through the Att gateway.

 

When you go to your router and put a system in DMZ what you are doing is really telling the router to treat the machine as if it is on the other side of the router. This means the system has no protection at all. Every single port is opened to the machine and this of course allows hackers to get at the system and try hacking it.


 

 

But it is AT&T's network and having a security intrusion on their network is their problem

 

And like that is going to keep out intruders? Cmon get real. That is the least of their worries.LOL

Their DSL modems allow it, so what is the difference?

Re: UPnP

[ Edited ]
0
(0)
  • Rate this reply
Feb 13, 2013
0
(0)

Yes, this is very easy.  From Wikipedia, UPnP uses UDP port *** and TCP port *** .  Unfortunately (strangely enough) such a standard application doesn't come preconfigured with this router.  So you just add your own application and add those ports to the application.

 

Then you select the target device (in this case, it is my internal WiFi router that DOES support UPnP), and add the application to it.  The steps are (entering Admin password when prompted):

 

1.  Log into the router Admin page.

2.  Click "Settings", "Firewall", "Applications, Pinholes and DMZ"

3.  Scroll down to the bottom, click "Add a new user-defined application"

4.  Call it UPnP, and add UDP *** through ***, click Add.

5.  Pick TCP and enter *** through ***, and add.

6.  Click Back.

7.  Select your device from the list at top.

8.  In the Application List, scroll down and select UPnP and click Add.

9.  Click Save.

 

That's it.  Pretty easy.  I don't know why some people try to tell you things can't be done, I guess it's easier to do that than to find out the answer.

 

[port numbers removed for security]

Re: UPnP

[ Edited ]
0
(0)
  • Rate this reply
Feb 13, 2013
0
(0)

jimerman wrote:

Yes, this is very easy.  From Wikipedia, UPnP uses UDP port *** and TCP port *** .  Unfortunately (strangely enough) such a standard application doesn't come preconfigured with this router.  So you just add your own application and add those ports to the application.

 

Then you select the target device (in this case, it is my internal WiFi router that DOES support UPnP), and add the application to it.  The steps are (entering Admin password when prompted):

 

1.  Log into the router Admin page.

2.  Click "Settings", "Firewall", "Applications, Pinholes and DMZ"

3.  Scroll down to the bottom, click "Add a new user-defined application"

4.  Call it UPnP, and add UDP *** through ***, click Add.

5.  Pick TCP and enter *** through ***, and add.

6.  Click Back.

7.  Select your device from the list at top.

8.  In the Application List, scroll down and select UPnP and click Add.

9.  Click Save.

 

That's it.  Pretty easy.  I don't know why some people try to tell you things can't be done, I guess it's easier to do that than to find out the answer.

 

[port numbers removed for security]



 

There is so much wrong with this post that I barely know where to begin.

 

1. First of all, you don't even understand what the original poster is trying to do.  He wants the U-Verse 2Wire router to participate in a UPnP session with one of the hosts on his network, not just route the UPnP packets.  Your "solution" above allows (some, but not all) UPnP packets to flow through the 2Wire but does absolutely nothing to address his issue -- the 2Wire still will not answer a UPnP request from a device on his network because the 2Wire doesn't implement the protocol.

 

2. UPnP is designed to allow hosts on the network to open firewall holes on the router upon request.  UPnP is a very badly designed, very insecure protocol that does no AAA whatsoever.  (No authentication -- the router will follow the request no matter who you are.  No authorization -- the device attempting to open firewall ports has full access to open any firewall port it wants.  No accounting -- there is no log or audit trail of who did what.)  It's bad enough that this protocol allows any host on the internal network to be able to do this to the router -- it's a virus writer's/hacker's dream -- they get a small piece of software installed on a machine that can do UPnP, they use it to open all the firewall ports they want and then have full reign to fire gigantic exploits to any machine on your network now that your firewall has been reduced to a slice of Swiss cheese.

 

Oh, but you've done it MUCH better.  You've opened the UPnP ports on the 2Wire with your "solution" above so that anyone on the Internet can open the ports from the WAN side instead of just from the LAN side.  With those ports open, this is fully possible due to holes and bugs in UPnP routing code in many routers (see this link).

 

 

You sir are a prime example of why there are so many compromised machines on the Internet that are responsible for nearly all of the botnets, the spam, the DDOS attacks, etc.  Your advice is so bad and so wrong that I'm recommending to the moderators that they edit the port numbers out of your post to prevent anyone from attempting to follow your instructions, which would open their computers, their network, and by extension everybody else's network to massive risk.

 

Do yourself and every other user on the Internet a favor, and please go take up a job in some other industry than computers, because this field is not for you.

 

*The views and opinions expressed on this forum are purely my own. Any product claim, statistic, quote, or other representation about a product or service should be verified with the manufacturer, provider, or party.

Re: UPnP

[ Edited ]
0
(0)
  • Rate this reply
Nov 11, 2013
0
(0)
man you called that right. UPnP is a hackers dream and to me it smacks of DMZ doing the pin hole thing is much safer good post it should be listed as a sticky for all to see

Re: UPnP

Share this post
Share this post