Community discussions

MikroTik App
 
silajim
just joined
Topic Author
Posts: 13
Joined: Tue Mar 16, 2021 11:33 pm

Upnp stuck

Mon Jun 28, 2021 10:30 pm

Hi,
I got a hap ac2, and I have configured upnp but sometimes it get's stuck. If the application exits abrutply for some times the upnp will not work for that application. The nat rules are still there but it cannot connect. Any ideas?
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11982
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: Upnp stuck

Tue Jun 29, 2021 1:06 pm

Ask the productor of the application to fix it.
 
erlinden
Forum Guru
Forum Guru
Posts: 1920
Joined: Wed Jun 12, 2013 1:59 pm
Location: Netherlands

Re: Upnp stuck

Tue Jun 29, 2021 1:07 pm

Why don't you just forward ports? UPnP is pretty evil (at least from a security perspective).
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11982
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: Upnp stuck

Tue Jun 29, 2021 1:12 pm

UPnP is better because (if the program is well coded) use random ports changed everitime,
instead using a static port everytime open is less secure...
 
erlinden
Forum Guru
Forum Guru
Posts: 1920
Joined: Wed Jun 12, 2013 1:59 pm
Location: Netherlands

Re: Upnp stuck

Tue Jun 29, 2021 1:20 pm

UPnP is better because (if the program is well coded) use random ports changed everitime,
instead using a static port everytime open is less secure...
So you don't mind that any application (either being "well coded" or not) is allowed to open inbound ports? And you call that secure??
Please...advising UPnP as best practice is total nonsense.
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11982
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: Upnp stuck

Tue Jun 29, 2021 2:43 pm

Is the opposite...
Better a everytime open port at same number or open at the moment, when is needed, a random port?

If some appication, malaware or not, use plug and play or open remote 80 or 443 ports, what's the difference?
How you can prevent (on mikrotik side) that? Block all 80 and 443 traffic and everytime modify the configuration for every website?
 
erlinden
Forum Guru
Forum Guru
Posts: 1920
Joined: Wed Jun 12, 2013 1:59 pm
Location: Netherlands

Re: Upnp stuck

Tue Jun 29, 2021 2:57 pm

UPnP opens ports and forwards them to the client. Theoretically all 65k ports might be publicly open on your router and mapped to any device running in your network. Network wide open. We don't have to agree on this, but be aware with what you advise.
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11982
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: Upnp stuck

Tue Jun 29, 2021 3:01 pm

Also you must be aware of what I have wrote on previous post,
without consider my point of view, are fact.
Just only one device, inside the network, compromised and port open or not, all is useless...
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11982
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: Upnp stuck

Tue Jun 29, 2021 3:05 pm

With advent of httpS, DoX, etc. what user gain on (hypotetic) privacy, is lost on (user) control...
 
silajim
just joined
Topic Author
Posts: 13
Joined: Tue Mar 16, 2021 11:33 pm

Re: Upnp stuck

Wed Jun 30, 2021 12:17 pm

Oh wow, I didn't ask if upnp was safe guys. I also have port mappings but I cannot be arsed to open every port for every online game I play, or for every thing I do.
Back to the topic, it's a mikrotik issue I believe since in order for it to work I need to manually delete the auto generated rules, unless.... It's my pc ip that is not the same (after a crash) and the ports list as open
 
User avatar
normis
MikroTik Support
MikroTik Support
Posts: 26322
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia

Re: Upnp stuck  [SOLVED]

Wed Jun 30, 2021 1:52 pm

RouterOS has no timeout for UPNP rules, either the App will remove them, or a RouterOS reboot will.
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11982
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: Upnp stuck

Wed Jun 30, 2021 2:32 pm

Can't be a MikroTik matter if application suck...
For example HikVision DVR/NVR, Uplay, Steam and WatsApp, BitTorrent, etc. close previous UPnP rules if for some reason old are stuck.
This is how things work...
 
silajim
just joined
Topic Author
Posts: 13
Joined: Tue Mar 16, 2021 11:33 pm

Re: Upnp stuck

Wed Jun 30, 2021 3:03 pm

Can't be a MikroTik matter if application suck...
For example HikVision DVR/NVR, Uplay, Steam and WatsApp, BitTorrent, etc. close previous UPnP rules if for some reason old are stuck.
This is how things work...
I see, I will report it to de devs

EDIT:
Actually the ports are randomized, so what happens makes no sense

This usually happens after a couple of PC crashes QBittorrent cannot open the ports again
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11982
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: Upnp stuck

Wed Jun 30, 2021 3:08 pm

You write QBittorrent, but on my post I specified BitTorrent.
Probably the "fork" have some problem than main BitTorrent do not have...

Uplay and WhatsApp use random ports, and work everytime.
 
heavenlyangel
just joined
Posts: 18
Joined: Fri Apr 16, 2021 5:48 pm

Re: Upnp stuck

Fri Jul 29, 2022 1:33 am

Winbox used to let you delete UPNP NAT entries, but now it does not. Downgrade.

Who is online

Users browsing this forum: Bing [Bot], cmmike, hatred, mszru, mtkvvv and 54 guests