| | |
|
|
|
| NetGear DG814 Router + UPnP |
|---|
| message from Lawrence Stromski on 22 Sep 2003 |
I have a NetGear DG814 Router with the latest firmware release. I noticed
that UPnP support has just been added on this router. All my network PC's
are 2000/XP/2003 so I'm toying with the idea of actually activating UPnP.
I have all the security patches relating to UPnP for Windows and all my
service pack revisions are up to date.
I wanna do this really because Port Forwarding on the DG814 is somthing of
nothing really. If I open up every port I need to for every game I own,
every IM client, every everything, I won't have room for it all and my
network protection is gonna end up like swiss cheese anyway. Might as well
get rid of a firewall :-)
I much rather the UPnP idea, open up ports on demand.
My questions are:
1. Is it going to be secure if I activate it?
2. Is it going to be stable, particularly with XP?
3. Can I go the conventional way with some PC's if I wish and use UPnP on
the rest or does windows not give you a choice?
If anyone has a DG814 and has UPnP activated, I'd love to hear your
opinions.
Thanks!
Lawrence Stromski.
|
| Mo replied to Lawrence Stromski on 23 Sep 2003 |
Hi Lawrence,
1. Is it going to be secure if I activate it?
I've been using the DG814 UPnP features since Beta 4.7RC1 was released
(current firmware 4.8) and haven't experience any security issues with UPnP
turned on. I would recommend installing a software firewall on your PC's (I
use Norton Internet Security 2003) for added layer of security. Just make
sure the Microsoft Windows security patch MS01-059 for Unchecked Buffer in
Universal Plug and Play has been installed. Also take a look at
http://tinyurl.com/1gjr for further info. Firmware 4.8 includes improved
UPnP implementation to prevent unauthenticated access from the WAN/Internet.
2. Is it going to be stable, particularly with XP?
I use Windows XP Home Edition with UPnP enabled, and its been 100% stable!
3. Can I go the conventional way with some PC's if I wish and use UPnP on
the rest or does windows not give you a choice?
Yes, can't see why not. For those PC's without UPnP enabled you might need
to create port forwarding if their hosting any internet services like
HTTP,SMTP and game server's.
Here some tips to get UPnP working correctly with DG814.
Windows XP install the Internet Gateway Device Discovery & Control Client
and Universal Plug and Play components in Networking Services - Windows
Components Wizard - Add/Remove Windows Components. You might need to disable
the software firewall temporary to enable DG814 UPnP feature to open port
forwarding for any Internet applications (Counter-Strike dedicated servers
etc, static port forwarding is recommend) you are hosting on a Windows
Operating System.
Its not unusual to see zombie port forwarding on the DG814 UPnP portmap
table, you can delete it via Windows XP - Network Connections - Internet
Gateway - Internet Connection and right click - select properties.
Mo
"Lawrence Stromski" <a@b.com> wrote in message
news:bknsor$dnm$1@sparta.btinternet.com...
|
| Lawrence Stromski replied to Mo on 23 Sep 2003 |
Tks for the tips Mo, I note your using XP Home, I have XP Professional so if
Microsoft's origional marketing claims were right, it should be 150%
stable..... heh, I don't think so.
How does the router/UPnP deal with two seperate nodes trying to open the
same port to the outside world? e.g. if I have two machines with two
identical counterstrike servers on the same port, how does the router/UPnP
select which node to forward to or does it refuse the port to the second
machine?
(I know I can change ports in real life, but I'm thinking theoretical.) I'm
actually thinking of another service for which you can't change the port,
Remote Desktop/RDP.
Lawrence Stromski.
"Mo" <nobody@nowhere.com> wrote in message
news:bko3ab$nl1$1@sparta.btinternet.com...
|
| Mo replied to Lawrence Stromski on 23 Sep 2003 |
Hmm, not sure about that! Its not good practice to allocate the same TCP/IP
port number to more then one IP address in the Port Forwarding mapping
table. I've never really tried it, so I can't talk from experience. Normally
if your hosting two or more dedicated counter-strike servers their port
numbers are different example CS~1 port 27015, CS~2 port 27016 etc. You
could host two counter-strike servers on the same PC but 512DL/256UL
bandwidth is an issue it just wouldn't be practical.......too much lag.
Mo
"Lawrence Stromski" <a@b.com> wrote in message
news:bko8jm$161$1@sparta.btinternet.com...
|
|
Archived message: NetGear DG814 Router + UPnP (Broadband - Cable, Internet, Routers etc.)
