You dont specify to customers when selling this stuff that they cannot use their existing equipment.
Having a second router will not enable the UpNp through the Att gateway if it doesnt allow it in the first place. Hence, still no way to get the information out on the interent.
Allow terrible protocols?
It is NOT anyone elses decision what I do or do not want in the first place. It would have no bearings or effect on Att or anyone else.
You dont specify to customers when selling this stuff that they cannot use their existing equipment.
Having a second router will not enable the UpNp through the Att gateway if it doesnt allow it in the first place. Hence, still no way to get the information out on the interent.
Router behind router will enable UPnP if you have your router in DMZ mode.
Allow terrible protocols?
It is NOT anyone elses decision what I do or do not want in the first place. It would have no bearings or effect on Att or anyone else.
But it is AT&T's network and having a security intrusion on their network is their problem.
I will try the DMZ mode. But taht doesnt make sense that it would work through the Att gateway.
When you go to your router and put a system in DMZ what you are doing is really telling the router to treat the machine as if it is on the other side of the router. This means the system has no protection at all. Every single port is opened to the machine and this of course allows hackers to get at the system and try hacking it.
But it is AT&T's network and having a security intrusion on their network is their problem
And like that is going to keep out intruders? Cmon get real. That is the least of their worries.LOL
Their DSL modems allow it, so what is the difference?
Yes, this is very easy. From Wikipedia, UPnP uses UDP port *** and TCP port *** . Unfortunately (strangely enough) such a standard application doesn't come preconfigured with this router. So you just add your own application and add those ports to the application.
Then you select the target device (in this case, it is my internal WiFi router that DOES support UPnP), and add the application to it. The steps are (entering Admin password when prompted):
1. Log into the router Admin page.
2. Click "Settings", "Firewall", "Applications, Pinholes and DMZ"
3. Scroll down to the bottom, click "Add a new user-defined application"
4. Call it UPnP, and add UDP *** through ***, click Add.
5. Pick TCP and enter *** through ***, and add.
6. Click Back.
7. Select your device from the list at top.
8. In the Application List, scroll down and select UPnP and click Add.
9. Click Save.
That's it. Pretty easy. I don't know why some people try to tell you things can't be done, I guess it's easier to do that than to find out the answer.
Yes, this is very easy. From Wikipedia, UPnP uses UDP port *** and TCP port *** . Unfortunately (strangely enough) such a standard application doesn't come preconfigured with this router. So you just add your own application and add those ports to the application.
Then you select the target device (in this case, it is my internal WiFi router that DOES support UPnP), and add the application to it. The steps are (entering Admin password when prompted):
1. Log into the router Admin page.
2. Click "Settings", "Firewall", "Applications, Pinholes and DMZ"
3. Scroll down to the bottom, click "Add a new user-defined application"
4. Call it UPnP, and add UDP *** through ***, click Add.
5. Pick TCP and enter *** through ***, and add.
6. Click Back.
7. Select your device from the list at top.
8. In the Application List, scroll down and select UPnP and click Add.
9. Click Save.
That's it. Pretty easy. I don't know why some people try to tell you things can't be done, I guess it's easier to do that than to find out the answer.
[port numbers removed for security]
There is so much wrong with this post that I barely know where to begin.
1. First of all, you don't even understand what the original poster is trying to do. He wants the U-Verse 2Wire router to participate in a UPnP session with one of the hosts on his network, not just route the UPnP packets. Your "solution" above allows (some, but not all) UPnP packets to flow through the 2Wire but does absolutely nothing to address his issue -- the 2Wire still will not answer a UPnP request from a device on his network because the 2Wire doesn't implement the protocol.
2. UPnP is designed to allow hosts on the network to open firewall holes on the router upon request. UPnP is a very badly designed, very insecure protocol that does no AAA whatsoever. (No authentication -- the router will follow the request no matter who you are. No authorization -- the device attempting to open firewall ports has full access to open any firewall port it wants. No accounting -- there is no log or audit trail of who did what.) It's bad enough that this protocol allows any host on the internal network to be able to do this to the router -- it's a virus writer's/hacker's dream -- they get a small piece of software installed on a machine that can do UPnP, they use it to open all the firewall ports they want and then have full reign to fire gigantic exploits to any machine on your network now that your firewall has been reduced to a slice of Swiss cheese.
Oh, but you've done it MUCH better. You've opened the UPnP ports on the 2Wire with your "solution" above so that anyone on the Internet can open the ports from the WAN side instead of just from the LAN side. With those ports open, this is fully possible due to holes and bugs in UPnP routing code in many routers (see this link).
You sir are a prime example of why there are so many compromised machines on the Internet that are responsible for nearly all of the botnets, the spam, the DDOS attacks, etc. Your advice is so bad and so wrong that I'm recommending to the moderators that they edit the port numbers out of your post to prevent anyone from attempting to follow your instructions, which would open their computers, their network, and by extension everybody else's network to massive risk.
Do yourself and every other user on the Internet a favor, and please go take up a job in some other industry than computers, because this field is not for you.
man you called that right. UPnP is a hackers dream and to me it smacks of DMZ doing the pin hole thing is much safer good post it should be listed as a sticky for all to see
Hi SomeJoe7777 and any other knowledgeable members,
I am a novice and cannot understand most of what you guys are talking about, but I would greatly appreciate any help from you to solve my issue....I want to connect Google Chromecast, but I have been unsuccessful for last 2 weeks. I have contacted AT&T tech support on phone, and they had no idea what to tell me...I tried contacting Google support and they could only offer generic advice which did not work....all I could find searching on this topic was that it needs UPnP enabled, which is what landed me on this thread.
I have the 5031NV router/gateway....please tell me if and how I can use Chromecast....I do not want to change my service just due to this reason. I would request you to please give me simple/detailed steps as I am not that familiar with networking jargon.
Thank you so much in anticipation of some help....
Accepted Solution
SomeJoe7777
Expert
•
9.4K Messages
14 years ago
The U-Verse RG is not compatible with UPnP. If you need a firewall port opened, you have to do it manually.
0
0
Bskbkid
Tutor
•
3 Messages
12 years ago
So, what options does a customer have with their security cameras?
You dont specify to customers when selling this stuff that they cannot use their existing equipment.
U-Verse is supposed to be the latest and greatest and wont support a simple protocol?
0
0
americangame
Professor
•
1.3K Messages
12 years ago
0
0
Bskbkid
Tutor
•
3 Messages
12 years ago
You dont specify to customers when selling this stuff that they cannot use their existing equipment.
Having a second router will not enable the UpNp through the Att gateway if it doesnt allow it in the first place. Hence, still no way to get the information out on the interent.
Allow terrible protocols?
It is NOT anyone elses decision what I do or do not want in the first place. It would have no bearings or effect on Att or anyone else.
0
americangame
Professor
•
1.3K Messages
12 years ago
0
0
Bskbkid
Tutor
•
3 Messages
12 years ago
I will try the DMZ mode. But taht doesnt make sense that it would work through the Att gateway.
When you go to your router and put a system in DMZ what you are doing is really telling the router to treat the machine as if it is on the other side of the router. This means the system has no protection at all. Every single port is opened to the machine and this of course allows hackers to get at the system and try hacking it.
But it is AT&T's network and having a security intrusion on their network is their problem
And like that is going to keep out intruders? Cmon get real. That is the least of their worries.LOL
Their DSL modems allow it, so what is the difference?
0
0
jimerman
Contributor
•
1 Message
11 years ago
Yes, this is very easy. From Wikipedia, UPnP uses UDP port *** and TCP port *** . Unfortunately (strangely enough) such a standard application doesn't come preconfigured with this router. So you just add your own application and add those ports to the application.
Then you select the target device (in this case, it is my internal WiFi router that DOES support UPnP), and add the application to it. The steps are (entering Admin password when prompted):
1. Log into the router Admin page.
2. Click "Settings", "Firewall", "Applications, Pinholes and DMZ"
3. Scroll down to the bottom, click "Add a new user-defined application"
4. Call it UPnP, and add UDP *** through ***, click Add.
5. Pick TCP and enter *** through ***, and add.
6. Click Back.
7. Select your device from the list at top.
8. In the Application List, scroll down and select UPnP and click Add.
9. Click Save.
That's it. Pretty easy. I don't know why some people try to tell you things can't be done, I guess it's easier to do that than to find out the answer.
[port numbers removed for security]
0
SomeJoe7777
Expert
•
9.4K Messages
11 years ago
There is so much wrong with this post that I barely know where to begin.
1. First of all, you don't even understand what the original poster is trying to do. He wants the U-Verse 2Wire router to participate in a UPnP session with one of the hosts on his network, not just route the UPnP packets. Your "solution" above allows (some, but not all) UPnP packets to flow through the 2Wire but does absolutely nothing to address his issue -- the 2Wire still will not answer a UPnP request from a device on his network because the 2Wire doesn't implement the protocol.
2. UPnP is designed to allow hosts on the network to open firewall holes on the router upon request. UPnP is a very badly designed, very insecure protocol that does no AAA whatsoever. (No authentication -- the router will follow the request no matter who you are. No authorization -- the device attempting to open firewall ports has full access to open any firewall port it wants. No accounting -- there is no log or audit trail of who did what.) It's bad enough that this protocol allows any host on the internal network to be able to do this to the router -- it's a virus writer's/hacker's dream -- they get a small piece of software installed on a machine that can do UPnP, they use it to open all the firewall ports they want and then have full reign to fire gigantic exploits to any machine on your network now that your firewall has been reduced to a slice of Swiss cheese.
Oh, but you've done it MUCH better. You've opened the UPnP ports on the 2Wire with your "solution" above so that anyone on the Internet can open the ports from the WAN side instead of just from the LAN side. With those ports open, this is fully possible due to holes and bugs in UPnP routing code in many routers (see this link).
You sir are a prime example of why there are so many compromised machines on the Internet that are responsible for nearly all of the botnets, the spam, the DDOS attacks, etc. Your advice is so bad and so wrong that I'm recommending to the moderators that they edit the port numbers out of your post to prevent anyone from attempting to follow your instructions, which would open their computers, their network, and by extension everybody else's network to massive risk.
Do yourself and every other user on the Internet a favor, and please go take up a job in some other industry than computers, because this field is not for you.
0
tazmo8448
Teacher
•
23 Messages
10 years ago
0
0
ash2525
Tutor
•
5 Messages
10 years ago
Hi SomeJoe7777 and any other knowledgeable members,
I am a novice and cannot understand most of what you guys are talking about, but I would greatly appreciate any help from you to solve my issue....I want to connect Google Chromecast, but I have been unsuccessful for last 2 weeks. I have contacted AT&T tech support on phone, and they had no idea what to tell me...I tried contacting Google support and they could only offer generic advice which did not work....all I could find searching on this topic was that it needs UPnP enabled, which is what landed me on this thread.
I have the 5031NV router/gateway....please tell me if and how I can use Chromecast....I do not want to change my service just due to this reason. I would request you to please give me simple/detailed steps as I am not that familiar with networking jargon.
Thank you so much in anticipation of some help....
0
0