Phone Lines icon GFI Support Home

Articles in this section

See more

Configuring Universal Plug-and-Play

Author: Luis Fernandes Updated

Overview

Universal Plug and Play (UPnP) is a set of networking protocols that permits networked devices, such as personal computers, printers, and Internet gateways, amongst others, to seamlessly discover each other's presence on the network and establish functional network services for data sharing, communications, and entertainment. Kerio Control supports the UPnP protocol, and this article provides the necessary steps to configure UPnP.

Note: This protocol enables client applications, e.g., Microsoft MSN Messenger, to detect a firewall and make a request for mapping appropriate ports from the Internet to the particular host in the local network. Such mapping is always temporary, and it is either applied until the application releases the ports using UPnP messages, or until the expiration of the specified timeout.

 

Information

When configuring UPnP, the required port must not collide with any existing mapped port or any traffic rule allowing access to the firewall from the Internet. Otherwise, the UPnP port mapping request is denied.

On the other hand, apart from the fact that UPnP is a useful feature, it may also endanger network security, especially in the case of big networks with many users where many of them control the firewall. The firewall's administrator should consider carefully whether to prefer security or functionality of applications that require UPnP.

By using traffic policies as shown in the below image, you can limit the usage of UPnP and enable it to individual IP addresses or users only. The first rule allows UPnP only from the UPnP Clients IP group. The second rule denies UPnP from other hosts (IP addresses).

Screen_Shot_2019-09-20_at_5.06.37_PM.png

Back to top

 

Process

  1. In Kerio Control's administration interface, navigate to Configuration > Security Settings > Zero-configuration Networking.

  2. Under UPnP server, check the Enable UPnP service option.

    Screen_Shot_2019-09-20_at_4.50.27_PM.png

  3. (Optional) If you want to log all packets passing through ports mapped with UPnP, check Log packetsKerio Control records the communication to the Filter log.

  4. (Optional) If you want to log all connections, check Log connections. Kerio Control logs the communication to the Connection log.

  5. Click Apply to save the changes.

 

Back to top

 

Confirmation

Check the logs to see if UPnP is configured properly for Kerio Control.

 

Related Article

Back to top

Related articles