OPNsense Forum
Archive => 18.1 Legacy Series => Topic started by: JL on June 30, 2018, 09:03:13 am
-
Dear,
My set-up is the latest production release of OpSense on a system with three network interfaces (WAN,Mobile,LAN)
While my entire Sonos setup is working fine as it is entirely connected to Mobile i now seek to make connections to it from LAN. This uses ssdp which is a multicast based protocol over 239.255.255.250 over port 1900/udp.
STATUS not working : traffic from Sonos Desktop does cross the interfaces but does not return
Validation i run a packet capture on the Mobile interface for "224.0.0.0/4 or 192.168.29.100" which is my Lan IP
As a "narrow it down approach" i've tried various settings. Now i have a rule on top of the rulebase permitting all address towards 239.255.255.250 on both Mobile and Lan, for these rules i've also enable 'allow options' and enabled 'any flags'
In a desperate attempt i've even created src: any dst: 239.255.255.250 for any protocol as well as src: 239.255.255.250 dst: any for any protocol on both networks
Please comment or advise on what to search for. Multicast is a notable omission in any threat related to opnsense.
[update 10:22 CET 29/06/2018 ]
The Sonos App on a Microsoft System is sending SSDP (239.255.255.250) to port 1900/udp but this does not cross the interfaces on the firewall (since multicast)
Installed the IGMP Proxy Service (mixed non-results thus far)
Configured Mobile as Upstream as the Sonos Speakers are here as well as the Sonos Controller on a Tablet
Configured LAN as Downstream as the Sonos Desktop Application is located here
For each of the configured IGMP i have configured the relevant subnet and also added 239.255.255.250/32
-
still no luck
the igmp proxy did make a difference but it remains unclear why the speakers are not responding to discovery over multi-cast on port 1900/udp
despite a few packet capture i've not seen the speakers respond at this time