Comments

12 comments

  • Avatar
    Firewalla

    UPnP ports are inserted using the UPnP protocol from the client.   Most of the time, Firewalla can not control the UPnP ports;  For example, even with block, when Firewalla blocks one UPnP port, another one can be opened by the client at any time. 

    The only way to control the UPnP protocol is not to use it or do something on the router side.   A few of you express strong interest in better control UPnP on the Firewalla Gold, we will likely to look at that in a later release

    0
    Comment actions Permalink
  • Avatar
    bruno faria (BOF007)

    @firewalla please add a flush upnp ports as a option, I'm fine with them reopening if I leave upnp on but if it don't I can't get rid of like 50 upnp ports on my fw without (in my eyes) starting from scratch

    1
    Comment actions Permalink
  • Avatar
    Firewalla

    are these UPnP ports added continuously from the same client?  If it is, a flush will not help.  Many devices will just add them again.  

    0
    Comment actions Permalink
  • Avatar
    bruno faria (BOF007)

    It's from various clients, but I have upnp off now, and the ports are still listed, I'd like to flush the listed ports when I turn off upnp, and if I turn it back on I understand the ports will be remapped.

    Thanks for the speedy response

    1
    Comment actions Permalink
  • Avatar
    Firewalla

    Make sense, I've already sent this to our developers and see if this can be changed. 

    2
    Comment actions Permalink
  • Avatar
    Mitch Anderson

    I would also like to reiterate a desire to flush the ports that are open. Seems minecraft on the nintendo switch... Uses a new/different port every time. While the ps4 (fortnite/rocket league mostly) will reuse the same 3? Ports it has... But the switch currently has like 20 open all for minecraft. Switch has been powered off for over a couple days too.. so either a ttl? On the ports or a manual flush option would be great.

    1
    Comment actions Permalink
  • Avatar
    FF

    Unless I am missing something, is there anyway to disable upnp at the firewalla level like any other routers so we don't have to disable it manually on each client ?

     

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    Network->NAT Settings->Port Forwarding->UPnP

    0
    Comment actions Permalink
  • Avatar
    Manny Cavalier

    Where to enable/disable UPNP in Red/Blue?

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    Red/Blue are not router, so they don't have UPnP

    0
    Comment actions Permalink
  • Avatar
    Manny Cavalier

    Oh, I see. Thanks! I thought there is still an option to enable/disable it in Red and Blue since you can block TCP/UDP ports on the Rules settings.

    0
    Comment actions Permalink
  • Avatar
    Justin Sharp

    I'm finding that if I choose to block the UPNP port, it is blocking both the WAN interface and the LAN interface.  Example - I have a Synology NAS running Drive Sync.  This requires 6690 on my LAN.  The Syno also requested a UPNP port on the WAN.  Firewalla added it, thereby opening 55xxx to the internet forwarding to 6690.  If I block this UPNP add, it blocks 6690 direct on my LAN.  That's not a good user experience IMO, it should just block the forwarded port added via UPNP...

    0
    Comment actions Permalink

Please sign in to leave a comment.