none
I have a Linksys WRT50GL Router with UPNP Enabled and WHS cannot configure the router... RRS feed

  • Question

  • I have a Linksys WRT50GL Router with UPNP Enabled and WHS cannot configure the router... Has anyone else had this problem? What do I do?
    Monday, April 20, 2009 5:54 PM

All replies

  • UPnP enabled or UPnP configuration enabled? This is not the same - the first means something like that the device provides information about its status and services via UPnP, the other allows other devices to configure the router.
    Since I usually tend to think of the later as a security risk (because malware from a malicious website could do the same as Windows Home Server) I recommend, to apply port forwarding manually for the necessary ports (80, 443 and 4125 in WHS standard configuration) via the configuration website of the router.
    Best greetings from Germany
    Olaf
    Monday, April 20, 2009 6:23 PM
    Moderator
  • Olaf,

    I did configure it manually and it works. The UPNP says :

    Used by certain programs to automatically open ports for communication.

    That sounds like a security risk in which malware could attack correct? If so, I'm going to turn it off.

    Also, is it safe to have these ports forwarded to my WHS. Does WHS have a good method of knowing what requests to accept and reject from the ports? It just seems like a security risk to me to enable port forwarding for port 80 to the WHS.

    What are your thoughts? Thanks


    Monday, April 20, 2009 6:39 PM
  • Hi,
    each connection from outside to PCs in your network is a potential risk. You are not enforced to use port 80, if you bookmark your home server page instead as https://servername.homeserver.com, you can leave that away.
    Other than that you can only ensure, that the server gets patched regulary against vulnerabilities via Windows Update and maybe install a security suite, which is WHS compatible.
    If you have no need to access the home server from outside at all, you could also leave that feature disabled.
    Ensure also to perform regular backups of data in the shared folders to external drives, which you disconnect and put them away somewhere else. That way you would not only protect the data against malware, but also against other bad stuff, which could happen to your server, like overvoltage, fire and water, theft, malicious children ;-)
    As for UPnP configuration - this can only come from inside of your network. But of course malware, which infected a PC in your network, is is already there and could use the known method to reconfigure the router for its own communication business.
    Best greetings from Germany
    Olaf
    Monday, April 20, 2009 9:55 PM
    Moderator
  • So you would turn that UPnP off?

    What security suites are available for WHS? Does it have a good firewall built-in or should I be concerned about sensitive information being comprimised? Thanks
    Monday, April 20, 2009 11:32 PM
  • So you would turn that UPnP off?

    I personally prefer to set up the port forwarding myself.  However, if you're not familiar with how it works, you might want to use uPnP instead (if it will properly configure your router).

    What security suites are available for WHS?

    Actual suites?  None.  There are a couple A/Vs for it: avast! and F-Secure both have WHS versions of their product.

    Does it have a good firewall built-in or should I be concerned about sensitive information being comprimised? Thanks
    It has the standard Windows Server 2003 firewall.  I use Remote Access on my server (I just make sure my server is always up-to-date with the latest security updates).  Works fine for me.
    Tuesday, April 21, 2009 12:05 AM
    Moderator
  • Thanks  kariya. I'm a WIndows Server 2003 Guy, so this makes me feel much better. I tried using the PnP but that didn't work so I did it manually.
    Tuesday, April 21, 2009 12:36 AM