Allow UPNP

Sorry if this is an FAQ… But how do i enable UPNP through comodo firewall?
Btw yes i DO require upnp and the ports it could map are random so i can’t create rules.
Thanks in advance :slight_smile:

I am no expert but as far as I know: (I have UPnP on as well btw)

There seem to be 3 dll’s for UPnP in my list but if I remember correctly you only need to allow that for svchost.exe because thats the component handling it. (Oh well, I can already see the pros walking me to the gallows for that lol)

After that, the only problem could be that programs that need open ports for your router or other devices have a choice of what ports to use and you have to allow several in the rules.

But, as I’ve said, I am no pro on that issue.


If you’re using UPnP on Outbound connections, that’s not a big issue. If, however, you are using it through your router for unsolicited Inbound connections (such as a p2p or other sharing application, etc) there may be trouble.

That is because Network Monitor does not allow unsolicited Inbound connections. We have to create a rule (or rules) to Allow these Inbound connections. Since that obviously creates a security risk, we utilize as much detail as possible when creating the rule (such as source/remote IP, destination Port, Protocol, etc).

If UPnP port assignment will change each time, this poses some difficulties for Inbound connections. You would at least need to define a source (or “remote”) IP address. Perhaps there is a range of Ports that are used/accessed by/for the UPnP discovery? If these details are not available, then your only option might be to add a TCP/UDP In rule to Network Monitor, carefully placing it below any other Inbound rules. When you need to use the UPnP feature, Edit that rule and set to Allow. When you’re done, Edit and change to Block.