Bypassing UPNP

sysengrnz

sysengrnz

New Member
I've got a security question relating to the UPNP protocol:

The internet gateway router that we're currently using has UPNP disabled by default due to ISP restrictions.

A lot of filesharing applications and in particular game updates require the use of UPNP to manage and find the downloads online.

Is there a way of tunneling through a well known port such as 80, 8080 or 443 to utilize the UPNP functionality of applications?
 
Re:

I figured out that HTTP-Tunnel software worked a charm to allow the downloads that I required. This was used due to UPNP being disabled on my gateway router. For reference sake if anybody else falls into the same category as what I was in. This software utilizes a paid service so be mindful. Could not find a free service that would do the same thing.
 
re:

No, We were never given the password to our internet router due to the ISP having a strict policy. It is a corporate gateway, so it would have been locked down from the people that originally set it up.

Because we had no password, we could not confirm what the settings were on the router and in essence, could not create port forwarding/redirection on the device. I made the assumption that UPNP must be disabled as my understanding is that the service dynamically forwards port's on request, which the gateway router was never doing to begin with.

Http-Tunnel was the only solution.
 
If you're allowed there's usually a way to reset the modem to factory defaults, and that way you can setup the settings however you want to.

What's the exact model of modem/router?
 
Re:

I could reset the root password by resetting it on the back, but I do not have the ISP credentials to re-configure it once it resets.

The German provider that we're currently going through (sat internet) are very strict on there hardware, and will not provide us any information to configure it ourselves. They'd send a technician out to do it if it was required. The link is operational at present, so resetting would potentially put clients/users out of action for a long time. I cannot do that.

Easier method was obviously tunnel through over ports that I already knew were open through tests I performed on it. A bit unfortunate really, definitely not ideal, but what ever works I guess.
 
If you are running NAT you can forward any port to any machine as long as it isn't already reserved for something, like say ssh.
 
re:

Unfortunately no NAT is configured, we were given a /29 subnet with 6 usable addresses. Client uses an external IP address which is on the same network as the modem. I wish it was NAT enabled, would have made my life a lot easier.
 
Why not NAT it yourself then? you can still use NAT to translate from your private network to your 6 public IPs.
 
Re:

The problem is that I cannot utilize some applications which require random ports even on the external side with a public IP address. This tell's me that either A. The gateway router is blocking the ports, or the ISP is. The ISP will not budge on opening ports up there end (Strict security policy by the sounds of it), which means NAT would prove ineffective right? Those clients behind the Firewall have been blocked from everything but the every day ports that they need to use, as well as a few others like Skype.

Basically limited due to bandwidth restrictions on our Internet Bearer.
 
Last edited:
That has to be your ISP then man. Nothing you can do about that, unless the apps you are trying to use can use a different IP range.

I take it this is probably peer to peer stuff?
 
You must log in or register to reply here.
Back
Top