Lede 17.01.4 with miniupnpd and Playstation 4

Installing and Using OpenWrt
21

@Kherby UPnP is inherently insecure due to lack of authentication. I don't feel like getting into the weeds, but a google search will bring up plenty of sites that explain why it's insecure and why it should not be used. Again, UPnP is added as a convenience to the user who's too lazy to figure out port forwarding for whatever device needing port redirects.

  • Here's a decent explanation on StackExchange

.
@would The rules I posted were for PSN itself, so it's likely RSS requires ports other than those listed, of which can be found on the game developer's website/forum. The same could also be determined by tailing the system log and/or configuring a log rule for the PlayStation's IP and then watching for what requests are dropped/rejected.

  • Open NAT: Device is not firewalled by the router and able to communicate with all three NAT types on remote devices

    • This is the equivalent of connecting the device directly to the WAN port on the modem, and is not recommended.

  • NAT 2 (moderate): Device is behind a firewall and able to communicate with remote devices utilizing Open or NAT 2

  • NAT 3 (strict): Device can only connect with remote devices utilizing Open NAT, and network services such as multi-player online gaming will not work as intended.

    • In regards to PSN, the PlayStation will be able to connect with and download data from PSN, but not connect with remote PlayStations for online gaming.

  • This write up explains the above pretty well, as well as provides additional ports that will need redirect rules.

22

Well I've enabled upnp only for my PS4 console and got NAT type 2 at the psn network test, btw. even without upnp and port forwarding. But thats not the point...
I figured out that the only way for me to get "NAT: Open ingame" is upnp (it might be different from game to game).

As an example I've tried RS:Siege and CoD and these should be quite popular.
And if I remember right it's best to have "NAT:Open Ingame" for the most multiplayer games with "hosted servers" involved, for example in CoD.

With port forwarding i wasn't able to achieve that and it's not that i haven't tried in the first place.:wink:

23

I think you may be misunderstanding what UPnP is/does.... it auto opens/forwards inbound ports from WAN when requested by a device, in this case the PS4. There will only be a handful of inbound WAN ports which will need to be opened for any arbitrary game/service/application. You can find the ports for the two games mentioned via a couple of ways...

  • Check out the game developer's website/forum
  • Check out the PlayStation forum
  • Google PS4 port forwards
  • Create an iptables command to log all inbound traffic to your PS4, then after a match, review the ports that were opened

You never want Open NAT, as it means your device is directly accessible from WAN.