I own several Mikrotik equipment (1 RB450G, 2 RB750 and 2 751G-2HnD). I have setup the RB450G as a router which makes NAT for my private network address (192.168.1/24) I also own a QNAP server 569PRO which can use PNP to redirect incoming traffic to services for it . I have enabled UPNP on and tried any combination of
Allow To Disable External Interface
Show Dummy Rule
and it is not detected by my qnap server. It gives this error message.
------ NAT PMP Diagnostics ------
initnatpmp() returned 0 (SUCCESS)
using gateway : 192.168.1.1
sendpublicaddressrequest returned 2 (SUCCESS)
readnatpmpresponseorretry returned -7 (FAILED)
------ UPnP Diagnostics ------
upnpc : miniupnpc library test client. (c) 2006-2011 Thomas Bernard
Go to http://miniupnp.free.fr/ or http://miniupnp.tuxfamily.org/
for more information.
List of UPNP devices found on the network :
desc: http://192.168.1.39:8089/
st: upnp:rootdevice
I have also tried PortMapper 1.9.5 application and it says it doesn’t find any UPNP router on the subnet.
WARN Could not connect to router: Did not find a router
org.chris.portmapper.router.RouterException: Did not find a route
be careful with uPNP over the WAN interface it could cause many variant and different security issues
to your network.
You need also to open at the RB450G the ports at the WAN interface that the uPNP services are using
on the NAS device from QNAP, and you should than forward them by using “port forward” them to the
QNAP NAS and then opening them also there.
Check that you have an input accept rule from your QNAP and a forward rule from QNAP to WAN…
And that you have the external AND internal interface properly defined in IP/UPnP/Interfaces.
@Kreacher: Isn’t this exactly what UPnP should do automatically?
@Kreacher: Isn’t this exactly what UPnP should do automatically?
Before a while it was announced world wide that many routers are holding several
uPNP security problems at the WAN Port of many different routers from also many
different Vendors. So perhaps MikroTik was not infected by this problems, but otherwise
it is for me not so logical to activating or plain using then uPNP over the internet at the
WAN port!
Internal inside networks (LAN side) it should run for sure without problems and
over an VPN tunnel also without any problems, but plain over the internet it would
perhaps risk the security given by the MikroTik RouterOS system on the RouterBoard.
Only in my eyes but I was thinking better to tell him first, it would be better to read
as the next topic from him that he has a security problem!