FRIENDS DONT LET FRIENDS BRIDGE NETWORKS - what happens when they place something in a loop on their network - unless you are STP ready - you will have fun tracking it down.
On Aug 2, 2010, at 11:55 AM, Kurt Fankhauser wrote: > Everything i keep coming up with to make this work "ideal" according to the > customer is I"m gonna have to sell them a public ip for $10/month *grins* > and then make sure their CPE is in bridge mode and assign that static to the > customers router so they can enable UPnP themselves. > > -Kurt Fankhauser > > > ----- Original Message ----- > From: "Josh Luthman" <[email protected]> > To: "WISPA General List" <[email protected]> > Sent: Monday, August 02, 2010 11:45 AM > Subject: Re: [WISPA] XBOX live, NAT, and UPnP > > >> Don't the majority of us NAT at the customer SM? >> >> Josh Luthman >> Office: 937-552-2340 >> Direct: 937-552-2343 >> 1100 Wayne St >> Suite 1337 >> Troy, OH 45373 >> >> >> >> On Mon, Aug 2, 2010 at 11:31 AM, Adam Kennedy <[email protected]> >> wrote: >>> I would agree that it is a security hole for an ISP. UPnP would let me do >>> my own forwards for just about any port I want, including SSH, telnet and >>> web. For that matter, I could just be selfish and port map every port >>> from 1024 through 65535 to my IP, completely killing access to anyone >>> else. >>> >>> In an ISP environment, the best option really is to disable UPnP if you >>> are doing NAT. >>> >>> -- >>> Adam Kennedy >>> Network Engineer >>> Omnicity, Inc. >>> >>> >>> -----Original Message----- >>> From: [email protected] [mailto:[email protected]] On >>> Behalf Of Marlon K. Schafer >>> Sent: Monday, August 02, 2010 10:43 AM >>> To: WISPA General List >>> Subject: Re: [WISPA] XBOX live, NAT, and UPnP >>> >>> Man that sucks. We turn off upnp on ALL routers. I've always been told >>> that it's a big security hole. >>> >>> Thoughts on that? >>> marlon >>> >>> ----- Original Message ----- >>> From: "Josh Luthman" <[email protected]> >>> To: "WISPA General List" <[email protected]> >>> Sent: Monday, August 02, 2010 7:29 AM >>> Subject: Re: [WISPA] XBOX live, NAT, and UPnP >>> >>> >>> I don't seem to have any issues with double or triple NAT. >>> >>> When I was working with MT to fix the upnp issue with Xboxes. I have >>> it marked as 4.6 with modifications (it was an unofficial 4.6 they >>> gave me) so I would say 4.7 or higher should enable Xbox upnp. Even >>> this requires a public IP on the Mikrotik to remove even nice strict >>> (I think it's called open?). >>> >>> Josh Luthman >>> Office: 937-552-2340 >>> Direct: 937-552-2343 >>> 1100 Wayne St >>> Suite 1337 >>> Troy, OH 45373 >>> >>> >>> >>> On Mon, Aug 2, 2010 at 10:07 AM, Kurt Fankhauser <[email protected]> >>> wrote: >>>> So does anyone here have any customers that use XBOX live and bark to >>>> you >>>> about you NAT? Apparently the XBOX live service is very picky about >>>> being >>>> behind any NAT device and its ability to make connections to other >>>> servers. >>>> From what I gathered is that the LIVE service uses Universal Plug and >>>> Play >>>> (UPnP) to get around this but the question I have is. If your doing >>>> masquerade on a Mikrotik Core Router should you enable UPnP on that >>>> device? >>>> Or should I just issue public IP's to the customer that games and let >>>> them >>>> worry about it? And if you have UPnP enabled on the core router and then >>>> do >>>> a double-NAT through the customers Linksys router with UPnP enable does >>>> that >>>> not work because of the double-NAT? >>>> >>>> >>>> >>>> Kurt Fankhauser >>>> WAVELINC >>>> P.O. Box 126 >>>> Bucyrus, OH 44820 >>>> 419-562-6405 >>>> www.wavelinc.com >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> -------------------------------------------------------------------------------- >>>> WISPA Wants You! Join today! >>>> http://signup.wispa.org/ >>>> -------------------------------------------------------------------------------- >>>> >>>> WISPA Wireless List: [email protected] >>>> >>>> Subscribe/Unsubscribe: >>>> http://lists.wispa.org/mailman/listinfo/wireless >>>> >>>> Archives: http://lists.wispa.org/pipermail/wireless/ >>>> >>> >>> >>> -------------------------------------------------------------------------------- >>> WISPA Wants You! Join today! >>> http://signup.wispa.org/ >>> -------------------------------------------------------------------------------- >>> >>> WISPA Wireless List: [email protected] >>> >>> Subscribe/Unsubscribe: >>> http://lists.wispa.org/mailman/listinfo/wireless >>> >>> Archives: http://lists.wispa.org/pipermail/wireless/ >>> >>> >>> >>> -------------------------------------------------------------------------------- >>> WISPA Wants You! Join today! >>> http://signup.wispa.org/ >>> -------------------------------------------------------------------------------- >>> >>> WISPA Wireless List: [email protected] >>> >>> Subscribe/Unsubscribe: >>> http://lists.wispa.org/mailman/listinfo/wireless >>> >>> Archives: http://lists.wispa.org/pipermail/wireless/ >>> >>> >>> -------------------------------------------------------------------------------- >>> WISPA Wants You! Join today! >>> http://signup.wispa.org/ >>> -------------------------------------------------------------------------------- >>> >>> WISPA Wireless List: [email protected] >>> >>> Subscribe/Unsubscribe: >>> http://lists.wispa.org/mailman/listinfo/wireless >>> >>> Archives: http://lists.wispa.org/pipermail/wireless/ >>> >> >> >> -------------------------------------------------------------------------------- >> WISPA Wants You! Join today! >> http://signup.wispa.org/ >> -------------------------------------------------------------------------------- >> >> WISPA Wireless List: [email protected] >> >> Subscribe/Unsubscribe: >> http://lists.wispa.org/mailman/listinfo/wireless >> >> Archives: http://lists.wispa.org/pipermail/wireless/ >> > > > > -------------------------------------------------------------------------------- > WISPA Wants You! Join today! > http://signup.wispa.org/ > -------------------------------------------------------------------------------- > > WISPA Wireless List: [email protected] > > Subscribe/Unsubscribe: > http://lists.wispa.org/mailman/listinfo/wireless > > Archives: http://lists.wispa.org/pipermail/wireless/ _____________________________________________________________________________________ Glenn Kelley | Principle | HostMedic |www.HostMedic.com Email: [email protected] Pplease don't print this e-mail unless you really need to.
-------------------------------------------------------------------------------- WISPA Wants You! Join today! http://signup.wispa.org/ -------------------------------------------------------------------------------- WISPA Wireless List: [email protected] Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/
