2.4.5 broke UPNP
-
According to tixati, a torrent app for Windows, UPnP is not working on 2.4.5 for me. I did this test on 2.5.0 before and it also wasn't working.
@stephenw10 said in 2.4.5 broke UPNP:
It does look like this is a change to the minipnpd daemon that will not open a connection when the client requests a public IP if it does not have one to give. You might be able to override that by giving it a public IP to pass as suggested.
My ISP is using 1:1 CG-NAT for IPv4 (100.65..). I can open ports though and pfSense uses the "true" internet-IP for DDNS and stuff.
-
Hmm, interesting. Kinda seems pointless them using CGN if they are 1:1...
But, yes, this will fail if your WAN is not public until we get a fix for it.
Steve
-
@stephenw10 said in 2.4.5 broke UPNP:
Hmm, interesting. Kinda seems pointless them using CGN if they are 1:1...
Thank goodness it is pointless.
-
You can edit /var/etc/miniupnpd.conf and add
ext_ip=x.x.x.x.
Of course that will be lost is you make any changes to the upnp config etc but it should at least allow it to start for now.Steve
-
-
Hmm, you still see errors from miniupnpd logged?
-
@stephenw10 I anonymized it.
Apr 11 22:47:50 miniupnpd 87475 HTTP listening on port 2189 Apr 11 22:47:50 miniupnpd 87475 HTTP IPv6 address given to control points : [2a02:2450:x:x:x:x:x:x] Apr 11 22:47:50 miniupnpd 87475 setsockopt(udp, IPV6_RECVPKTINFO): Invalid argument Apr 11 22:49:17 miniupnpd 87475 shutting down MiniUPnPd -
Hmm, you're using IPv6? And that worked in 2.4.4p3?
-
You might also try this: https://forum.netgate.com/post/901337
However it looks like maybe you are hitting something different.
Steve
-
Adding the ext_ip line works for me, I looks like you're hitting some other issue:
steve@steve-MMLP7AP-00 ~ $ upnpc -s upnpc : miniupnpc library test client. (c) 2005-2014 Thomas Bernard Go to http://miniupnp.free.fr/ or http://miniupnp.tuxfamily.org/ for more information. List of UPNP devices found on the network : desc: http://172.21.16.1:2189/rootDesc.xml st: urn:schemas-upnp-org:device:InternetGatewayDevice:1 Found a (not connected?) IGD : http://172.21.16.1:2189/ctl/IPConn Trying to continue anyway Local LAN ip address : 172.21.16.5 Connection Type : IP_Routed Status : Connected, uptime=17s, LastConnectionError : ERROR_NONE Time started : Sun Apr 12 00:45:45 2020 MaxBitRateDown : 1000000000 bps (1000.0 Mbps) MaxBitRateUp 1000000000 bps (1000.0 Mbps) ExternalIPAddress = 1.2.3.4 Bytes: Sent: 2881492721 Recv: 853789240 Packets: Sent: 36156776 Recv: 52749504Steve
-
Ha, I should have read the bug report more carefully.
So no need to edit the file, you can create that line from the webgui using the override WAN IP field anyway. But it still doesn't work because: https://redmine.pfsense.org/issues/10398#note-2
Steve
-
@stephenw10 Thanks Steve, Let's hope it'll get fixed ore something is done like "Merlin" did, which is btw a great product(-enhancement).
-
So they probably fixed it, to bad I can't test it myself, because I have no clue how I would and don't asky my why I have an account on github in the first place...
-
...my account on github is only for complaining...
-
Hi folks, I've just solved that issue setting the WAN interface as PPPoE.
-
It allows you to use a private IP as WAN for UPnP?
How do you get the IP if that's the case?
Steve
-
@stephenw10 while trying, I've put in the operator router IP, and the WAN ip itself, UPnP in some case had started to respond but my services was still closed in...
With PPPoE the WAN interface now shows the operator router public IP
-
Oh you mean like PPPoE pass-through on the ISP device? So pfSense gets the public IP directly?
That would certainly do it but it's not usually an option. If it is you should be doing that anyway.
Steve
-
-
Hmm, interesting. You would not normally be able to just change the WAN to PPPoE (from dhcp?). The ISP and the ISPs router would need to already be configured for that.
Steve
