What's new

Solved UPnP enabled for Aimesh.

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

DJones

Very Senior Member
Doing a audit of my network devices, and noticed AImesh nodes use UPnP despite UPnP disabled on the main router. Now UPnP shouldn't be a security concern because it's a node on LAN before the WAN, and doesn't actually expose ports to the internet, and quite likey is used to auto configure the RT-AX58U aimesh node to not require manual port forwording. But I can't fathom why it's even required IF the firewall isn't in use on a node, just a curious thing on asus's part. This is running Merlin on both my main and node, but that shouldn't make any difference. I know Merlin can't configure AImesh as it's propriatary, but if it's not needed and can be turned off should I attempt to do so?

Screenshot 2024-06-16 233707.png
 
See this:


That was my first reference when looking up that port. Apple AirPlay might be applicable as I do have iphone's otherwise no current connections outgoing are on that port.

Many embedded Linux based systems (i.e. home routers, remote management devices, IP cameras) have UPnP enabled, broadcasting their kernel version and hardware architecture over port 49152.

Again odd the upnp Damon is even running. I guess maybe it's to forward those broadcasts from the node?

The whole reason I'm auditing my network is because I was getting https://en.wikipedia.org/wiki/Martian_packet flooding my server logs, due to a misconfiguration. As it seems LACP layer 3&4 instead of 2&3, was the cause or if not the cause it was at least able to see the issue on layer 4. And it was from devices on my AImesh node and the node itself. STP wasn't also enabled on the node so I took care of enabling that.
 
Last edited:
IIRC AiMesh uses WPS to connect to the nodes in some way.

Used during wireless node discovery process in initial AiMesh setup. Some folks advice disabling WPS after on the main router, but I'm not sure it's the best idea. It's hard to test what happens when the node loses the connection for some reason. Quite possible WPS is also used to restore it after. 🤷‍♂️
 
Thanks everyone who provided answers. I believe that solves my confusion/concern from that particular port. I’ll leave it be as it has a useful component and wasn’t Upnp as shown by zenmap.
 

Similar threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top