Why do I get a warning that my router allows ”Unchecked NAT-PMP” when it is disabled.

HenryHill
HenryHill Member Posts: 4
First Comment Photogenic
NAT-PMP is disabled in the router but I have opened a few ports manually. 
The router is the ”latest” ;) version of the Apple Airport Time Machine with the latest firmware.



Answers

  • Robin_from_Fing
    Robin_from_Fing Administrator, Fing Team Posts: 4,885
    250 Answers 2500 Comments 500 Likes 100 Awesomes
    admin
    Hi @HenryHill
    Thanks for your post. Can you share the screenshot of the warning?
    Robin (Admin at Fing)
    Getting Started? Please refer to Community guidelines & Community User Guides. HAPPY POSTING!!!
  • HenryHill
    HenryHill Member Posts: 4
    First Comment Photogenic


  • HenryHill
    HenryHill Member Posts: 4
    First Comment Photogenic
    I've also checked my router using Shields up at grc.com and all probes were rejected.
  • Robin_from_Fing
    Robin_from_Fing Administrator, Fing Team Posts: 4,885
    250 Answers 2500 Comments 500 Likes 100 Awesomes
    admin
    HenryHill said:
    I've also checked my router using Shields up at grc.com and all probes were rejected.
    It may be a false positive we had some issues with Apple Airport with Fingbox.
    Robin (Admin at Fing)
    Getting Started? Please refer to Community guidelines & Community User Guides. HAPPY POSTING!!!
  • HenryHill
    HenryHill Member Posts: 4
    First Comment Photogenic
    So a bug then. I wish you happ hunting :smile:
  • felicem
    felicem Member Posts: 6
    Name Dropper First Comment Photogenic
    Hi, I'm getting the same warning. My fingbox is connected to an ASUS Rapture GT-AX11000 router, and UPnP is disabled. The vulnerability analysis report should provide more detailed information regarding the NAT-PMP violation. How can I determine if this is another false positive case ?

    Thank you, 
    Felice 
  • felicem
    felicem Member Posts: 6
    Name Dropper First Comment Photogenic
    Just thought I'd add my screenshot. As you can see no detailed info about NAT-PMP ... just a warning.


  • felicem
    felicem Member Posts: 6
    Name Dropper First Comment Photogenic
    @Robin should I create a brand new post for this NAT-PMP warning I am seeing ? Any tips for troubleshooting this ?
  • Robin_from_Fing
    Robin_from_Fing Administrator, Fing Team Posts: 4,885
    250 Answers 2500 Comments 500 Likes 100 Awesomes
    admin
    felicem said:
    @Robin should I create a brand new post for this NAT-PMP warning I am seeing ? Any tips for troubleshooting this ?
    It will be okay if you want to keep your query here. To address this, Can you check under router settings if NAT-PMP is enabled or disabled.

    The Network Vulnerability Test automatically runs weekly but you can also perform and on-demand scan. The test is made up of two parts:

    The Remote Scan Test performs a port scan on your public Internet address (the individual numerical address visible to the public when you are online) to see which ports are open to the external world: these are the open doors into your home, and you should make sure to have only the strictly necessary ones open.

    The Internal Router Audit checks the router addresses, the NAT configuration and whether or not  UPnP or NAT-PMP is activated. In the house metaphor, this would be the equivalent of checking the security measures placed inside the building in case an intruder did make it through the door.

    Robin (Admin at Fing)
    Getting Started? Please refer to Community guidelines & Community User Guides. HAPPY POSTING!!!
  • felicem
    felicem Member Posts: 6
    Name Dropper First Comment Photogenic
    Hi @Robin thanks for your quick reply.
    I have disabled UPnP on my ASUS router. I also ran a security assessment from the router itself, and can see that it passed the check for UPnP service disabled.
    I am aware of on demand vulnerability test from fingbox, that's what I have mostly been doing.
    It would be awesome if fingbox can tell me specifically which part of the internal audit failed ... i.e. exactly what triggered fingbox to report that NAT-PMP is enabled. Are there any debug logs we can look at in the fingbox ? Is this is a false positive, how can we report it to the developper folks ? This is a new purchase, I am wondering if there is some other formal support from fingbox where we can report these kinds of issues ?
    Thank you,
    Felice
  • felicem
    felicem Member Posts: 6
    Name Dropper First Comment Photogenic
    Hi @Robin is there any way to get in touch with design ? How do issue get escalated to development team ?
    Thank you.
  • Robin_from_Fing
    Robin_from_Fing Administrator, Fing Team Posts: 4,885
    250 Answers 2500 Comments 500 Likes 100 Awesomes
    admin
    felicem said:
    Hi @Robin is there any way to get in touch with design ? How do issue get escalated to development team ?
    Thank you.
    I have replied to you via your support ticket. Can you check and reply to me there in case I need more info to investigate this? Thanks
    Robin (Admin at Fing)
    Getting Started? Please refer to Community guidelines & Community User Guides. HAPPY POSTING!!!
    felicem
  • felicem
    felicem Member Posts: 6
    Name Dropper First Comment Photogenic
    Thank you Robin. Done.