Chapter 18
Other settings
228
Enable UPnP
This option enables UPnP.
Warning
If
WinRoute
is running on
Windows XP
,
Windows Server 2003
,
Windows Vista
or
Windows
Server 2008
, check that the following system services are not running before you start
the
UPnP
function:
•
SSDP Discovery Service
•
Universal Plug and Play Device Host
If any of these services is running, close it and deny its automatic startup. In
WinRoute
,
these services work with the UPnP protocol in
Windows
, and therefore they cannot be
used together with
UPnP
.
Note:
The
WinRoute
installation program detects the services and offers their stopping
and denial.
Log packets
If this option is enabled, all packets passing through ports mapped with UPnP will be
recorded in the
Filter
log (see chapter
Log connections
If this option is enabled, all packets passing through ports mapped with UPnP will be
recorded in the
Connection
log (see chapter
).
Warning
Apart from the fact that UPnP is a useful feature, it may also endanger network security,
especially in case of networks with many users where the firewall could be controlled by too
many users. A
WinRoute
administrator should consider carefully whether to prefer security or
functionality of applications that require UPnP.
Using traffic policy (see chapter
) you can limit usage of UPnP and enable it to certain IP
addresses or certain users only.
Example:
Figure 18.4
Traffic rules allowing UPnP for specific hosts
The first rule allows UPnP only from
UPnP Clients
IP group. The second rule denies UPnP from
other hosts (IP addresses).
Summary of Contents for KERIO WINROUTE FIREWALL 6
Page 1: ...Kerio WinRoute Firewall 6 Administrator s Guide Kerio Technologies s r o...
Page 157: ...12 3 Content Rating System Kerio Web Filter 157 Figure 12 7 Kerio Web Filter rule...
Page 247: ...19 4 Alerts 247 Figure 19 14 Details of a selected event...
Page 330: ...Chapter 23 Kerio VPN 330 Figure 23 55 The Paris filial office VPN server configuration...
Page 368: ...368...