pfsense:upnp_universal_plug_and_play
Differences
This shows you the differences between two versions of the page.
| Next revision | Previous revision | ||
| pfsense:upnp_universal_plug_and_play [2020/03/07 10:06] – created peter | pfsense:upnp_universal_plug_and_play [2020/11/30 14:45] (current) – peter | ||
|---|---|---|---|
| Line 3: | Line 3: | ||
| UPnP and NAT-PMP both allow devices and programs that support them to automatically add dynamic port forwards and firewall entries. | UPnP and NAT-PMP both allow devices and programs that support them to automatically add dynamic port forwards and firewall entries. | ||
| - | < | + | < |
| - | **WARNING:** Risks!!! | + | **ALERT:** Risks!!! |
| - | Any service that allows a client device to dynamically open ports on a firewall can pose a risk to the network | + | Any service that allows a client device to dynamically open ports on a firewall can pose a risk to the network. |
| + | |||
| + | A mischievous application could pose as a UPnP client and open up the system to hackers. | ||
| + | |||
| + | pfSense does provide ability to unlock only for certain IP / CIDR ranges, but this is still open to abuse. | ||
| + | |||
| + | It is safer to rather open ports on a case by case basis. | ||
| </ | </ | ||
| Line 13: | Line 19: | ||
| ===== Configure UPNP ===== | ===== Configure UPNP ===== | ||
| - | < | + | |
| - | Services > UPnP & NAT-PMP | + | Navigate too **Services |
| - | </ | + | |
| Configure the following options: | Configure the following options: | ||
| Line 58: | Line 63: | ||
| ---- | ---- | ||
| - | < | + | ===== ACL (Access Control List) for PS3 and PS4 ===== |
| + | |||
| + | < | ||
| + | allow 80-65535 192.168.1.45/ | ||
| + | </ | ||
| + | |||
| + | where the PS has a static IP of 192.168.1.45 | ||
| + | |||
| + | ---- | ||
| + | |||
| + | < | ||
| **NOTE: | **NOTE: | ||
| </ | </ | ||
| + | |||
| + | |||
pfsense/upnp_universal_plug_and_play.1583575598.txt.gz · Last modified: 2020/07/15 09:30 (external edit)