ZyXEL Communications NSA320 8.5.1 UPnP and the NSA’s IP Address, 8.5.2 UPnP and Security, 8.5.3 The NSA’s Services and UPnP

Chapter 8 Network

8.5.1 UPnP and the NSA’s IP Address

It is recommended that the NSA use a static IP address (or a static DHCP IP address) if you will allow access to the NSA from the Internet. The UPnP-created NAT mappings keep the IP address the NSA had when you applied your settings in the UPnP Port Mapping screen. They do not automatically update if the NSA’s IP address changes.

Note: WAN access stops working if the NSA’s IP address changes.

For example, if the NSA’s IP address was 192.168.1.33 when you applied the UPnP Port Mapping screen’s settings and the NSA later gets a new IP address of 192.168.1.34 through DHCP, WAN access stops working because the Internet gateway still tries to forward traffic to IP address 192.168.1.33. Since you can no longer access the NSA from the WAN, you would have to access the NSA from the LAN and re-apply your UPnP Port Mapping screen settings to update the Internet gateway’s UPnP port mappings.

Figure 84 UPnP Using the Wrong IP Address

192.168.1.34

a.b.c.d

192.168.1.33

8.5.2 UPnP and Security

UPnP’s automated nature makes it easier to use than manually configuring firewall and NAT rules, but it is also less secure. Using UPnP may make your network more susceptible to snooping and hacking attacks.

8.5.3 The NSA’s Services and UPnP

This section introduces the NSA’s services which an Internet gateway can use UPnP to allow access to from the Internet.

BitTorrent

BitTorrent is a distributed peer-to-peer file-sharing protocol that the NSA’s download service can use. Using UPnP port mapping for BitTorrent lets BitTorrent work faster.