NAT gives you a false sense of security

traffic goes through NAT, so packets are going through!
attacks using malformed payloads/TCP headers go through too

hiding address does not hide your identity
web cookies: why can you buy things over the net even with NAT?
passive OS fingerprint

NAT is a single point of failure, does not scale well
maintenance headache, difficult to provision

UPnP is a complexity on top of complexity
no authentication par se
with UPnP botnet/shellcode can punch holes