@Kherby UPnP is inherently insecure due to lack of authentication. I don't feel like getting into the weeds, but a google search will bring up plenty of sites that explain why it's insecure and why it should not be used. Again, UPnP is added as a convenience to the user who's too lazy to figure out port forwarding for whatever device needing port redirects.
- Here's a decent explanation on StackExchange
.
@would The rules I posted were for PSN itself, so it's likely RSS requires ports other than those listed, of which can be found on the game developer's website/forum. The same could also be determined by tailing the system log and/or configuring a log rule for the PlayStation's IP and then watching for what requests are dropped/rejected.
-
Open NAT: Device is not firewalled by the router and able to communicate with all three NAT types on remote devices
- This is the equivalent of connecting the device directly to the WAN port on the modem, and is not recommended.
-
NAT 2 (moderate): Device is behind a firewall and able to communicate with remote devices utilizing Open or NAT 2
-
NAT 3 (strict): Device can only connect with remote devices utilizing Open NAT, and network services such as multi-player online gaming will not work as intended.
- In regards to PSN, the PlayStation will be able to connect with and download data from PSN, but not connect with remote PlayStations for online gaming.
-
This write up explains the above pretty well, as well as provides additional ports that will need redirect rules.