UPnP

Contributor

UPnP

Does anyone know how to enable UPnP on the 2Wire router/gateway?

Message 1 of 17 (25,781 Views)
Expert
Solution
Accepted by ATTU-verseCare (Community Support)
‎09-30-2015 1:39 AM

Re: UPnP

The U-Verse RG is not compatible with UPnP.  If you need a firewall port opened, you have to do it manually.

 

Message 2 of 17 (25,761 Views)
Tutor

Re: UPnP

[ Edited ]

So, what options does a customer have with their security cameras?

You dont specify to customers when selling this stuff that they cannot use their existing equipment.

 U-Verse is supposed to be the latest and greatest and wont support a simple protocol?

 

Message 3 of 17 (24,973 Views)
ACE - Professor

Re: UPnP

[ Edited ]

Bskbkid wrote:

So, what options does a customer have with their security cameras?

To open the ports on the firewall manually that the security camera needs. Or have a router behind a router setup.

You dont specify to customers when selling this stuff that they cannot use their existing equipment.

You can keep using your current equipment. I have a 2nd router acting as an access point so I can have the 802.11n 5GHz frequency to connect to.

 U-Verse is supposed to be the latest and greatest and wont support a simple protocol?

What makes U-Verse great is that it doesn't allow for terrible protocols to be simply turned on by the average user.

 


-------

Resident Xbox ACE. Ask me almost anything about Xbox on U-Verse.

Xbox Gamertag: americangame
PSN: americangame
Steam:americangame
When friending me mention that you found me on the AT&T forums.
*The views and opinions expressed on this forum are purely my own. Any product claim, statistic, quote, or other representation about a product or service should be verified with the manufacturer, provider, or party.
Message 4 of 17 (24,964 Views)
Tutor

Re: UPnP

You dont specify to customers when selling this stuff that they cannot use their existing equipment.

 

Having a second router will not enable the UpNp through the Att gateway if it doesnt allow it in the first place. Hence, still no way to get the information out on the interent.

 

Allow terrible protocols?

It is NOT anyone elses decision what I do or do not want in the first place. It would have no bearings or effect on Att or anyone else.

Message 5 of 17 (24,958 Views)
ACE - Professor

Re: UPnP


Bskbkid wrote:

You dont specify to customers when selling this stuff that they cannot use their existing equipment.

 

Having a second router will not enable the UpNp through the Att gateway if it doesnt allow it in the first place. Hence, still no way to get the information out on the interent.

 Router behind router will enable UPnP if you have your router in DMZ mode.

Allow terrible protocols?

It is NOT anyone elses decision what I do or do not want in the first place. It would have no bearings or effect on Att or anyone else.

But it is AT&T's network and having a security intrusion on their network is their problem.


 

-------

Resident Xbox ACE. Ask me almost anything about Xbox on U-Verse.

Xbox Gamertag: americangame
PSN: americangame
Steam:americangame
When friending me mention that you found me on the AT&T forums.
*The views and opinions expressed on this forum are purely my own. Any product claim, statistic, quote, or other representation about a product or service should be verified with the manufacturer, provider, or party.
Message 6 of 17 (24,955 Views)
Tutor

Re: UPnP

[ Edited ]

I will try the DMZ mode. But taht doesnt make sense that it would work through the Att gateway.

 

When you go to your router and put a system in DMZ what you are doing is really telling the router to treat the machine as if it is on the other side of the router. This means the system has no protection at all. Every single port is opened to the machine and this of course allows hackers to get at the system and try hacking it.


 

 

But it is AT&T's network and having a security intrusion on their network is their problem

 

And like that is going to keep out intruders? Cmon get real. That is the least of their worries.LOL

Their DSL modems allow it, so what is the difference?

Message 7 of 17 (24,950 Views)
Contributor

Re: UPnP

[ Edited ]

Yes, this is very easy.  From Wikipedia, UPnP uses UDP port *** and TCP port *** .  Unfortunately (strangely enough) such a standard application doesn't come preconfigured with this router.  So you just add your own application and add those ports to the application.

 

Then you select the target device (in this case, it is my internal WiFi router that DOES support UPnP), and add the application to it.  The steps are (entering Admin password when prompted):

 

1.  Log into the router Admin page.

2.  Click "Settings", "Firewall", "Applications, Pinholes and DMZ"

3.  Scroll down to the bottom, click "Add a new user-defined application"

4.  Call it UPnP, and add UDP *** through ***, click Add.

5.  Pick TCP and enter *** through ***, and add.

6.  Click Back.

7.  Select your device from the list at top.

8.  In the Application List, scroll down and select UPnP and click Add.

9.  Click Save.

 

That's it.  Pretty easy.  I don't know why some people try to tell you things can't be done, I guess it's easier to do that than to find out the answer.

 

[port numbers removed for security]

Message 8 of 17 (22,725 Views)
Expert

Re: UPnP

[ Edited ]

jimerman wrote:

Yes, this is very easy.  From Wikipedia, UPnP uses UDP port *** and TCP port *** .  Unfortunately (strangely enough) such a standard application doesn't come preconfigured with this router.  So you just add your own application and add those ports to the application.

 

Then you select the target device (in this case, it is my internal WiFi router that DOES support UPnP), and add the application to it.  The steps are (entering Admin password when prompted):

 

1.  Log into the router Admin page.

2.  Click "Settings", "Firewall", "Applications, Pinholes and DMZ"

3.  Scroll down to the bottom, click "Add a new user-defined application"

4.  Call it UPnP, and add UDP *** through ***, click Add.

5.  Pick TCP and enter *** through ***, and add.

6.  Click Back.

7.  Select your device from the list at top.

8.  In the Application List, scroll down and select UPnP and click Add.

9.  Click Save.

 

That's it.  Pretty easy.  I don't know why some people try to tell you things can't be done, I guess it's easier to do that than to find out the answer.

 

[port numbers removed for security]



 

There is so much wrong with this post that I barely know where to begin.

 

1. First of all, you don't even understand what the original poster is trying to do.  He wants the U-Verse 2Wire router to participate in a UPnP session with one of the hosts on his network, not just route the UPnP packets.  Your "solution" above allows (some, but not all) UPnP packets to flow through the 2Wire but does absolutely nothing to address his issue -- the 2Wire still will not answer a UPnP request from a device on his network because the 2Wire doesn't implement the protocol.

 

2. UPnP is designed to allow hosts on the network to open firewall holes on the router upon request.  UPnP is a very badly designed, very insecure protocol that does no AAA whatsoever.  (No authentication -- the router will follow the request no matter who you are.  No authorization -- the device attempting to open firewall ports has full access to open any firewall port it wants.  No accounting -- there is no log or audit trail of who did what.)  It's bad enough that this protocol allows any host on the internal network to be able to do this to the router -- it's a virus writer's/hacker's dream -- they get a small piece of software installed on a machine that can do UPnP, they use it to open all the firewall ports they want and then have full reign to fire gigantic exploits to any machine on your network now that your firewall has been reduced to a slice of Swiss cheese.

 

Oh, but you've done it MUCH better.  You've opened the UPnP ports on the 2Wire with your "solution" above so that anyone on the Internet can open the ports from the WAN side instead of just from the LAN side.  With those ports open, this is fully possible due to holes and bugs in UPnP routing code in many routers (see this link).

 

 

You sir are a prime example of why there are so many compromised machines on the Internet that are responsible for nearly all of the botnets, the spam, the DDOS attacks, etc.  Your advice is so bad and so wrong that I'm recommending to the moderators that they edit the port numbers out of your post to prevent anyone from attempting to follow your instructions, which would open their computers, their network, and by extension everybody else's network to massive risk.

 

Do yourself and every other user on the Internet a favor, and please go take up a job in some other industry than computers, because this field is not for you.

 

Message 9 of 17 (22,692 Views)
Teacher

Re: UPnP

man you called that right. UPnP is a hackers dream and to me it smacks of DMZ doing the pin hole thing is much safer good post it should be listed as a sticky for all to see
Message 10 of 17 (17,589 Views)
Tutor

Re: UPnP

Hi SomeJoe7777 and any other knowledgeable members,

 

I am a novice and cannot understand most of what you guys are talking about, but I would greatly appreciate any help from you to solve my issue....I want to connect Google Chromecast, but I have been unsuccessful for last 2 weeks. I have contacted AT&T tech support on phone, and they had no idea what to tell me...I tried contacting Google support and they could only offer generic advice which did not work....all I could find searching on this topic was that it needs UPnP enabled, which is what landed me on this thread.

 

I have the 5031NV router/gateway....please tell me if and how I can use Chromecast....I do not want to change my service just due to this reason. I would request you to please give me simple/detailed steps as I am not that familiar with networking jargon.

 

Thank you so much in anticipation of some help....

Message 11 of 17 (10,927 Views)
ACE - Expert

Re: UPnP

I haven't seen any reports of anyone getting a Chromecast to work without using UPnP.  (Someone may have, but I haven't seen it yet and quite a few seem to think it's the only way to get it to work.).

Given this, and the fact that the NV 5031 doesn't itself support UPnP,  I'd have to advise you to get your own wireless router and connect it behind the RG (see see post 2 in this thread, or search for 5031 and ROUTER in these forums).

Or return the Chromecast.

 

 

*The views and opinions expressed on this forum are purely my own. Any product claim, statistic, quote, or other representation about a product or service should be verified with the manufacturer, provider, or party.
Message 12 of 17 (10,908 Views)
Tutor

Re: UPnP

Thanks for the link to SomeJoe's post, but it is still too technical and confusing for me, especially when the word router is used generically and I don't know which of the two devices is being referred to....but I don't expect you to waste more time explaining it....I will have to try it when I get the courage!!

 

I have the Cisco Linksys E1000 with me....can I use that for this purpose along with the 5031NV??

 

Also, where will I plug in the main DSL/Broadband cable coming in to the house? It will be to the Linksys E1000, right, not the 5031NV as it is right now??

Message 13 of 17 (10,873 Views)
Tutor

Re: UPnP

All,

 

Just wanted to update that I went ahead and bought a second Chromecast and it worked without a hitch...so, maybe, just maybe others could be stuck with a bad device as well but would never suspect it.

 

I made no changes, no UPnP settings, nothing to the 5031NV router, and did not connect any other router behind or in front of it....it got set up in less than 5 minutes.

 

Now just wondering what to do with the defective Chromecast which is beyond the return timeline with Amazon!!

 

Regards...

Message 14 of 17 (10,802 Views)
Contributor

Re: UPnP

Just to clarify for any future readers, the main DSL/Broadband cable coming into the house must always go directly to the Uverse Residential Gateway(RG), in this case your 5031 NV.

 

You can never connect any 3rd party router or non-Uverse modem in front of your Uverse RG or your service will no longer work.

Message 15 of 17 (6,672 Views)
Share this topic
Announcements

Welcome to the AT&T Community Forums!!! Stop by the Community How-To section for tips on how to get started.