NSG Security Gateways support UPNP

stevessteves Member Posts: 5
edited September 4, 2019 10:19PM in Ideas

Do the NSG security gateways, such as the NSG100, support UPNP port forwarding?

All Replies

  • Nebula_ChrisNebula_Chris Zyxel Official Agent Posts: 188  mod

    Hello @steves

    NSG don't support UPNP in current stage, I will put this idea to our feature queue and also move this post to the idea section anyone who likes this can leave your comment or press like button below.☺️


    /Chris

    Desley
  • DesleyDesley Member Posts: 1
    edited November 2, 2019 12:07AM

    @Nebula_Chris I would like to use upnp, because my customers use it for their music

  • AlfonsoAlfonso Member Posts: 224  Master Member

    Upnp is a security risk.

    A virus, Trojan horse, worm, or other malicious program that manages to infect a computer on your local network can use UPnP, just like legitimate programs can. While a router normally blocks incoming connections, preventing some malicious access, UPnP could allow a malicious program to bypass the firewall entirely. 

    So my recommendation is not supporting Upnp.


    Regards

  • In an enterprise or business situation, I agree... But we have a fair number of larger residential customers that want a managed network and UPnP is very beneficial in that environment. I was not looking for a blanket solution for all customers, but the Nebula product is priced properly to do managed residential networks, both single family and multi-family dwellings, and UPnP is beneficial with a multitude of gaming and mutlimedia applications used often in homes and some of the other possible security issues are alleviated with the built in content and security measures of the NSG appliances.

    It is a "wish list" item though.

  • AlfonsoAlfonso Member Posts: 224  Master Member


    Hi @steves

    A "fair" solution could be:

    • UPnP will be disabled by default
    • Before enable it, a warning message could be showed.


    Please, do not see me as a boycott of your idea.


    Regards

    Nebula_Bayardo
  • I am more than fine with this as a solution, as not having it enabled would be more common than having it enabled. We probably install these 85% in enterprise scenarios and 15% in residential, so having it disabled by default would be better but it would sure be nice to have that for the residential installations.

    Alfonso
Sign In to comment.