Hi,
I have a Fritz!Box and Roon Nucleus. To get ARC connected, I did all the steps from this thread Port Forwarding Instructions for (Most) Fritz!Box Users
Everything (ARC with my Nucleus) is working fine. I am just not sure, if enabling the checkbox „permit Independent port sharing“ in Fritz!Box is secure.
Could anybody who has some experience with IT security, please estimate how big the risk will be, if I continue with „permit Independent port sharing“ on my Fritz!Box?
Cheers
There is a good Wiki article on port forwarding if you want to get a bit under the surface of things.
A certain small risk might remain but such is life. If Roon designed ARC decently we should be good.
To put this into context: There are a number of other ports open to the internet on your FritzBox anyway as without things like telephony could not work.
hi Hubert, I am the author of the guide you mentioned.
If you enable the independent port sharing for the machine running the roon core you basically allow this machine to open ports within your fritzbox to get data forwarded via this port. So any software running on this machine can now ask your fritzbox to open a port for this machine. As described in the guide fritzbox is showing all requested ports in the overview page under Internet->Permit Access and in even more detail on the Detail page for the device.
Now for the risk assessment it depends which programs are running on the machine with the roon core.
If you have a nucelus or a roon rock installation being the only tenant on the device this is pretty save due to the fact that roon core is the only programm running there. If you host your roon core on a PC or NAS with lots of other software running in parallel the risk may be higher.
But if another program is going rogue you would see this immediately reflected in the fritzbox Port Sharing overview.
So the alternative would be not to hand the power to open any ports to the device your roon core is running on but to open the port manually.
To do that enter the fritzbox settings and go to the “Sharing for Device Page” for your roon machine but do not set the checkmark to permit independent port sharing for this device.
Instead press the “New Sharing” button.
This will open a window where you can create a new sharing. Initially “MyFritz! Sharing” is selected. You need to switch that to “Port Sharing” by clicking the radio button named “Port Sharing” Then for Application choose “Other application” and enter “Roon Arc” into the name field below.
For the protocoll you need to choose TCP and finally enter the port number Roon Arc has choosen in all 3 remaining fields: “Port to device” “Through…” and Port requested externally.
Then Press OK and OK again to activate this. It is now your responsibility to ensure that the port numbers are matching between Roon Arc in the roon settings and on the port sharing in the fritz box.
kind regards
Chris
Hi Bernd and Chris,
Thank you for your fast Feedback. 
Probably I will try the other option that Chris was describing.
Best Regards
Hubert
Hi Chris,
Just changed the configuration with „new Port sharing“ and TCP setting.
Works fine 
Thank you and Best Regards
Hubert
This topic was automatically closed 36 hours after the last reply. New replies are no longer allowed.