Products Firewalla Gold SE Firewalla Gold Pro Firewalla Gold Plus Firewalla Purple Firewalla Purple SE Firewalla Wi-Fi SD Product Comparison Product Reviews

Confusing handling of UPnP

Follow
Avatar
Dave Taylor

I've been playing with UPnP in an attempt to get at least some of https://help.firewalla.com/hc/en-us/community/posts/50107050146067-MQTT-Home-Assistant-support working.  I didn't actually know the Firewalla had a UPnP server until I saw it discussed on another forum because it's so well hidden, you need to go to Scan -> Port Forwarding -> Manage Port Forwarding and then you can find a UPnP option to enable.  Once you enable it and select a network to apply it to you can get (minimal) information from the Firewalla via UPnP.

None of this makes much sense.  What does enabling UPnP on the Firewalla have to do with network scans?  This should really be under Services because it's a service running on the Firewalla alongside other stuff like DNS, NTP, and RADIUS, and it would be nice to be able to apply it to specific devices rather than anything on the entire subnet.  In my case I only want Home Assistant to be able to mess with the UPnP stuff, not anyone on the network.

Finally, is there any documentation for how some of the entities that are exposed work?  My main motivation for wanting to play with it are to detect failover to the secondary WAN (see the post above), but there's only a generic "WAN status" with a boolean value, I can't tell whether the primary and/or secondary are up or down.

0

Comments

1 comment

Sort by Date Votes
  • Avatar
    Michael Reeves
    • Edited

    So UPnP is in Port Forwarding to direct it to a specific server, like Home Assistant (or in my case Synology or another Firewalla box). Then a point to point VLAN is constructed around that Double Port Forwarding to secure it and maybe even their own subnet. That's all I know, and this is from connecting two Firewalla boxes together wanting to isolate each network, both in Router mode, receiving 2 external addresses from one WAN. I'm thinking the documentation to connect these the way you want is with Double Port Forwarding.

    Now with your Home Assistant, you would not need an external address (except you're wanting to control secondary WAN overflow, just sharing an upstream address from the Home Assistant on your own network. I do not know how Home Assistant would do that. I do use HA, but have never thought of connecting it this way. I am sure it is possible to Double Port Forward one HA box to both networks, downstream in my case, upstream in yours.

    0
    Comment actions Permalink

Please sign in to leave a comment.

Didn't find what you were looking for?

New post