I just changed my home network equipment - previously I had a Netgear R7800 router, now I have a Ubiquiti Dream Machine Pro. I gave my college kids fire sticks with Channels DVR clients so that they could watch TV from our home server. With the Netgear router, I did not have to forward any ports for Channels to work remotely. Once I changed to the Ubiquiti equipment, Channels no longer worked remotely. I had to manually forward port 8089 to the Channels DVR server to get it to work. Can anyone explain what is going on here?
Old router had either upnp or nat-pmp enabled by default. You can enable that on your new router too.
2 Likes
Im actually in this situation now, well have I have the new equipment but havent implemented it yet. Are you saying you would recommend just enabling upnp on the Dream Machine vs manually forwarding port 8089? Be gentle, Im very new to networking but want to do the most prudent thing. I do a lot of remote viewing so I need this to be an option, just want the most secure one.
I would not do this. UI devices have UPnP disabled by default, and it should be left this way. Use a DHCP reservation (called "Use Fixed IP Address") in the Network application, and then set up a static port forward rule.
(Also of note: UI devices do NAT hairpinning, so you can set your devices such as your tablet/laptop to access your DVR from the https://my.channelsdvr.net address, and it will just work. If you are at home, it will use the remote URL, but all traffic will stay local and never leave your home network. I find this useful for using a single bookmark to manage my DVR regardless of where I am. If you manually adjust DNS settings beyond just specifying something other than your ISP servers, this may not be the case; but generally it uses its own caching server before reaching out to an external DNS.)
Most secure of the two is manual port forwarding.
UPNP and NATPMP opens up your router for anything to forward ports, including malware.
There is always a trade-off between security and convenience.
https://docs.netgate.com/pfsense/en/latest/services/upnp.html#security-concerns
1 Like