FRIENDS DONT LET FRIENDS BRIDGE NETWORKS 

- what happens when they place something in a loop on their network - unless 
you are STP ready - you will have fun tracking it down. 


On Aug 2, 2010, at 11:55 AM, Kurt Fankhauser wrote:

> Everything i keep coming up with to make this work "ideal" according to the 
> customer is I"m gonna have to sell them a public ip for $10/month *grins* 
> and then make sure their CPE is in bridge mode and assign that static to the 
> customers router so they can enable UPnP themselves.
> 
> -Kurt Fankhauser
> 
> 
> ----- Original Message ----- 
> From: "Josh Luthman" <[email protected]>
> To: "WISPA General List" <[email protected]>
> Sent: Monday, August 02, 2010 11:45 AM
> Subject: Re: [WISPA] XBOX live, NAT, and UPnP
> 
> 
>> Don't the majority of us NAT at the customer SM?
>> 
>> Josh Luthman
>> Office: 937-552-2340
>> Direct: 937-552-2343
>> 1100 Wayne St
>> Suite 1337
>> Troy, OH 45373
>> 
>> 
>> 
>> On Mon, Aug 2, 2010 at 11:31 AM, Adam Kennedy <[email protected]> 
>> wrote:
>>> I would agree that it is a security hole for an ISP. UPnP would let me do 
>>> my own forwards for just about any port I want, including SSH, telnet and 
>>> web. For that matter, I could just be selfish and port map every port 
>>> from 1024 through 65535 to my IP, completely killing access to anyone 
>>> else.
>>> 
>>> In an ISP environment, the best option really is to disable UPnP if you 
>>> are doing NAT.
>>> 
>>> --
>>> Adam Kennedy
>>> Network Engineer
>>> Omnicity, Inc.
>>> 
>>> 
>>> -----Original Message-----
>>> From: [email protected] [mailto:[email protected]] On 
>>> Behalf Of Marlon K. Schafer
>>> Sent: Monday, August 02, 2010 10:43 AM
>>> To: WISPA General List
>>> Subject: Re: [WISPA] XBOX live, NAT, and UPnP
>>> 
>>> Man that sucks. We turn off upnp on ALL routers. I've always been told
>>> that it's a big security hole.
>>> 
>>> Thoughts on that?
>>> marlon
>>> 
>>> ----- Original Message -----
>>> From: "Josh Luthman" <[email protected]>
>>> To: "WISPA General List" <[email protected]>
>>> Sent: Monday, August 02, 2010 7:29 AM
>>> Subject: Re: [WISPA] XBOX live, NAT, and UPnP
>>> 
>>> 
>>> I don't seem to have any issues with double or triple NAT.
>>> 
>>> When I was working with MT to fix the upnp issue with Xboxes. I have
>>> it marked as 4.6 with modifications (it was an unofficial 4.6 they
>>> gave me) so I would say 4.7 or higher should enable Xbox upnp. Even
>>> this requires a public IP on the Mikrotik to remove even nice strict
>>> (I think it's called open?).
>>> 
>>> Josh Luthman
>>> Office: 937-552-2340
>>> Direct: 937-552-2343
>>> 1100 Wayne St
>>> Suite 1337
>>> Troy, OH 45373
>>> 
>>> 
>>> 
>>> On Mon, Aug 2, 2010 at 10:07 AM, Kurt Fankhauser <[email protected]> 
>>> wrote:
>>>> So does anyone here have any customers that use XBOX live and bark to 
>>>> you
>>>> about you NAT? Apparently the XBOX live service is very picky about 
>>>> being
>>>> behind any NAT device and its ability to make connections to other
>>>> servers.
>>>> From what I gathered is that the LIVE service uses Universal Plug and 
>>>> Play
>>>> (UPnP) to get around this but the question I have is. If your doing
>>>> masquerade on a Mikrotik Core Router should you enable UPnP on that
>>>> device?
>>>> Or should I just issue public IP's to the customer that games and let 
>>>> them
>>>> worry about it? And if you have UPnP enabled on the core router and then
>>>> do
>>>> a double-NAT through the customers Linksys router with UPnP enable does
>>>> that
>>>> not work because of the double-NAT?
>>>> 
>>>> 
>>>> 
>>>> Kurt Fankhauser
>>>> WAVELINC
>>>> P.O. Box 126
>>>> Bucyrus, OH 44820
>>>> 419-562-6405
>>>> www.wavelinc.com
>>>> 
>>>> 
>>>> 
>>>> 
>>>> 
>>>> 
>>>> 
>>>> 
>>>> --------------------------------------------------------------------------------
>>>> WISPA Wants You! Join today!
>>>> http://signup.wispa.org/
>>>> --------------------------------------------------------------------------------
>>>> 
>>>> WISPA Wireless List: [email protected]
>>>> 
>>>> Subscribe/Unsubscribe:
>>>> http://lists.wispa.org/mailman/listinfo/wireless
>>>> 
>>>> Archives: http://lists.wispa.org/pipermail/wireless/
>>>> 
>>> 
>>> 
>>> --------------------------------------------------------------------------------
>>> WISPA Wants You! Join today!
>>> http://signup.wispa.org/
>>> --------------------------------------------------------------------------------
>>> 
>>> WISPA Wireless List: [email protected]
>>> 
>>> Subscribe/Unsubscribe:
>>> http://lists.wispa.org/mailman/listinfo/wireless
>>> 
>>> Archives: http://lists.wispa.org/pipermail/wireless/
>>> 
>>> 
>>> 
>>> --------------------------------------------------------------------------------
>>> WISPA Wants You! Join today!
>>> http://signup.wispa.org/
>>> --------------------------------------------------------------------------------
>>> 
>>> WISPA Wireless List: [email protected]
>>> 
>>> Subscribe/Unsubscribe:
>>> http://lists.wispa.org/mailman/listinfo/wireless
>>> 
>>> Archives: http://lists.wispa.org/pipermail/wireless/
>>> 
>>> 
>>> --------------------------------------------------------------------------------
>>> WISPA Wants You! Join today!
>>> http://signup.wispa.org/
>>> --------------------------------------------------------------------------------
>>> 
>>> WISPA Wireless List: [email protected]
>>> 
>>> Subscribe/Unsubscribe:
>>> http://lists.wispa.org/mailman/listinfo/wireless
>>> 
>>> Archives: http://lists.wispa.org/pipermail/wireless/
>>> 
>> 
>> 
>> --------------------------------------------------------------------------------
>> WISPA Wants You! Join today!
>> http://signup.wispa.org/
>> --------------------------------------------------------------------------------
>> 
>> WISPA Wireless List: [email protected]
>> 
>> Subscribe/Unsubscribe:
>> http://lists.wispa.org/mailman/listinfo/wireless
>> 
>> Archives: http://lists.wispa.org/pipermail/wireless/
>> 
> 
> 
> 
> --------------------------------------------------------------------------------
> WISPA Wants You! Join today!
> http://signup.wispa.org/
> --------------------------------------------------------------------------------
> 
> WISPA Wireless List: [email protected]
> 
> Subscribe/Unsubscribe:
> http://lists.wispa.org/mailman/listinfo/wireless
> 
> Archives: http://lists.wispa.org/pipermail/wireless/

_____________________________________________________________________________________
Glenn Kelley | Principle | HostMedic |www.HostMedic.com 
  Email: [email protected]
Pplease don't print this e-mail unless you really need to.


--------------------------------------------------------------------------------
WISPA Wants You! Join today!
http://signup.wispa.org/
--------------------------------------------------------------------------------
 
WISPA Wireless List: [email protected]

Subscribe/Unsubscribe:
http://lists.wispa.org/mailman/listinfo/wireless

Archives: http://lists.wispa.org/pipermail/wireless/

Reply via email to