Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Most secure option for UnRaid Connect remote access?

Featured Replies

Curious about peoples thoughts as to the best practice setup of Unraid Connect for remote access?

Dynamic - UPnP

Dynamic - Manual Port Forward

Always On - UPnP

Always On - Manual Port Forward

From memory UPnP has/had some security issues on home routers, but I am far from an expert in the field so would prefer to defer to those in the know.

Thanks

Edited by nametaken_thisonetoo
Clarity

Solved by ljm42

  • nametaken_thisonetoo changed the title to Most secure option for UnRaid Connect remote access?
  • Solution

If UPnP is enabled on your router, you might as well use it. If you have disabled UPnP in your router because you think your router's implementation has security issues then I'm not going to argue with you.

 

There are several benefits to UPnP here:

  1. You don't have manually configure your router to do port forwarding, so it is easier
  2. In "Static - UPnP" mode, the system picks a new random WAN port every time you reboot the server. 
  3. In "Dynamic - UPnP" mode, it picks a new random WAN port every time Remote Access is enabled from Connect. And the wan port is fully closed when remote access is disabled from the Connect side.

So assuming you trust your router's implementation of UPnP, then "Dynamic - UPnP" is the best option to choose. 

 

If you don't trust your router's implementation of UPnP then I would choose "Dynamic - Manual Port Forward"

 

For more information about Remote Access please see https://wiki.unraid.net/Connect#Remote_Access_.28optional.29

  • Author
2 hours ago, ljm42 said:

If UPnP is enabled on your router, you might as well use it. If you have disabled UPnP in your router because you think your router's implementation has security issues then I'm not going to argue with you.

 

There are several benefits to UPnP here:

  1. You don't have manually configure your router to do port forwarding, so it is easier
  2. In "Static - UPnP" mode, the system picks a new random WAN port every time you reboot the server. 
  3. In "Dynamic - UPnP" mode, it picks a new random WAN port every time Remote Access is enabled from Connect. And the wan port is fully closed when remote access is disabled from the Connect side.

So assuming you trust your router's implementation of UPnP, then "Dynamic - UPnP" is the best option to choose. 

 

If you don't trust your router's implementation of UPnP then I would choose "Dynamic - Manual Port Forward"

 

For more information about Remote Access please see https://wiki.unraid.net/Connect#Remote_Access_.28optional.29

Thanks, really appreciate the detailed response. I guess the conundrum is that although I have no reason not to trust my router UPnP implementation (UPnP is currently disabled on my Synology RT2600ac), I also have no real way of knowing if it can/should be trusted. I'd imagine that might be similar situation for others too.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.