What's new

AiProtection scan / UPnP

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Patrick9876

Regular Contributor
RT-AC86U, Merlin 386.11

I am not currently using AiProtection but started looking at it today. It looks like the scan function works whether or not AiProtection is enabled, but does it work correctly? The scan claims I have UPnP services enabled. The WAN - Internet Connection display says I have it disabled. Is AiProtection complaining about UPnP on the LAN interfaces rather than WAN? Is there even a way to turn off UPnP on the LAN? And do I want to?
 
SSH into the router and run the following command to see if miniupnpd is running:
Code:
ps | grep upnp
 
I'm Linux illiterate so I don't know the significance of what was displayed. I see
Code:
17062 admin-rt  3328 S    grep upnp
It looks like that is just the process running grep so I guess UPnP is not running.

Off topic: that "admin-rt" looks like it should be the admin userid (which I would not post), but it isn't. Is it a generic or default userid just for the display? (I tried logging on with it before posting this and it was rejected.)
 
Yes, it doesn't look like it's running otherwise you'd see something like this:
Code:
# ps | grep upnp
 7940 admin     3248 S    miniupnpd -f /etc/upnp/config
 8482 admin     1156 D    grep upnp

admin-rt ought to be the name of the admin userid. I don't know why you're seeing that. Check the passwd file to see if there are duplicate entries for uid 0:
Code:
cd /etc
cat passwd
 
Hmm. I find it a bit disconcerting that AiProtection presents inaccurate information. It does correctly indicate that I have Port Forwarding active. (I expose one UDP port.)

Regarding the passwd file, it shows the real admin userid (not admin-rt), nas, nobody, tor, and a couple OpenVPN server userids. I suspect I may have been using admin-rt at one time, but not for several years.
 
@Tech9: Yes, I have Dual Wan (Fail Over mode) enabled. How does that figure in?

@Collin Taylor: I have only one powered on router. (I have an old AC87U on a shelf somewhere but none powered up and on my LAN.)
 
@Tech9: Yes, I have Dual Wan (Fail Over mode) enabled. How does that figure in?

You have 2x WAN interfaces and the secondary (currently inactive) perhaps has UPnP enabled.

I'm pretty sure this is causing AiProtection test to show UPnP enabled with currently miniupnpd not running.
 
As per @Tech9's post, try directly setting UPnP off for both interfaces and check again. Reboot to make sure the change sticks.
Code:
nvram set wan0_upnp_enable=0
nvram set wan1_upnp_enable=0
nvram commit
 
The two interfaces must be in GUI as well. I remember a drop down menu in WAN section.

I've played with Dual WAN quite a bit on different Asus routers, but unfortunately with no good/consistent results.
 
My secondary WAN is USB - USM modem / tethered phone. The USB WAN config doesn't have a UPnP option to turn on or off. But if the Dual WAN option is what is confusing AiProtection then I won't worry about it. But I'll take what AiProtection says with a grain of salt, too.
 

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top