Despite what seems to be adequate port forwarding, all my GET requests do not return an answer when fired from outside the LAN.
Is this by design? if yes, does a workaround exist? Why blocking so many interesting use cases?
Yes, this is by design for security purposes. Unfortunately, there is no direct workaround. We definitely understand the huge amount of use cases a remotely-accessible API can provide, and are factoring that into future API planning, but in the meantime this cannot be achieved through port-forwarding.
One potential option to enable some of these use cases would be to build out a client on your LAN that more securely talks to a remote server. As a conceptual example, you can check out what I did to hack together a SoundTouch Alexa skill a couple years ago before our official one was live: https://github.com/Zach-Rose-Bose/SoundTouch_Alexa_Skill. It's not a scalable or performant solution, but the Local and Remote server concept there uses polling of the cloud from the LAN to retrieve requests which are then executed directly on the LAN.
Let me know if you have any further questions on this topic!
the soundtouch 20 igrnoes any packets which are from outside the network.
The soundtouch 10 accepts every tcp packet from everywhere.
So really security?
Can you confirm your SoundTouch 10 is on firmware version 19.0.5 or later? That was the version where we implemented this security mechanism. Can you also provide information about the steps you took where you observed your SoundTouch 10 accepting all packets regardless of where they were sent from?