Show Posts
1
General Discussion / Re: UDP Broadcast Relay
« on: September 08, 2023, 07:37:14 pm »
I'm trying to get a (for me) complex setup going, an access point with a VLAN trunk and the management VLAN as PVID, being able to communicate with a server on a different subnet but it's using UDP broadcast. So that's why I'm here as firewall rules didn't seem to solve this.
Setup:
Opt3-6: VLAN 10, 20, 30, 90 (PVID) with DHCP on them all. All are seperate "interface" with parent igc2 as the real network interface. This part seems to be working as the AP device gets a DHCP address of 192.168.90.200 on VLAN 90 (gateway 192.168.90.1). This interface is called "WLANManagement".
LAN: on interface igc1, with no VLAN, subnet 192.168.0.0/24. I have a Omada Controller server here on IP 192.168.0.244.
The server and the AP can't communicate at default.
The AP sends a broadcast from 192.168.90.200 with port udp/random to 255.255.255.255 with port udp/29810.
As I adopted it earlier on the same subnet as the server to test and update, I'm not in need of the adoption feature right now, but I'll also be needing to be able to adopt devices using the device IP and tcp/29814. This shouldn't need the broadcast relay.
I've created a broadcast-relay with the following settings:
Relay Port: 29810
Interfaces: LAN,WLANManagement
Broadcast Address: 0.0.255.255 (since communicating between 192.168.0.0 and 192.168.90.0 I assumed this)
Source Address: empty (but also tried 1.1.1.1)
I also have a firewall rule on interface WLANManagement:
protocol: IPv4 - UDP
src: WLANManagement net
src_port: *
dst: *
dst_port: 29810
gateway: *
But it's still getting blocked by the "Default deny / state violation rule".
I also tried with Port Forward before UDP broadcast relay but that didn't work either. I'm lost how to proceed as I'm not sure I've set UDP broadcast relay correctly or I'm making a mistake with my firewall rules.
EDIT: I made it work with Firewall > NAT > Port Forward for UDP/29810 and TCP/29814.
Setup:
Opt3-6: VLAN 10, 20, 30, 90 (PVID) with DHCP on them all. All are seperate "interface" with parent igc2 as the real network interface. This part seems to be working as the AP device gets a DHCP address of 192.168.90.200 on VLAN 90 (gateway 192.168.90.1). This interface is called "WLANManagement".
LAN: on interface igc1, with no VLAN, subnet 192.168.0.0/24. I have a Omada Controller server here on IP 192.168.0.244.
The server and the AP can't communicate at default.
The AP sends a broadcast from 192.168.90.200 with port udp/random to 255.255.255.255 with port udp/29810.
As I adopted it earlier on the same subnet as the server to test and update, I'm not in need of the adoption feature right now, but I'll also be needing to be able to adopt devices using the device IP and tcp/29814. This shouldn't need the broadcast relay.
I've created a broadcast-relay with the following settings:
Relay Port: 29810
Interfaces: LAN,WLANManagement
Broadcast Address: 0.0.255.255 (since communicating between 192.168.0.0 and 192.168.90.0 I assumed this)
Source Address: empty (but also tried 1.1.1.1)
I also have a firewall rule on interface WLANManagement:
protocol: IPv4 - UDP
src: WLANManagement net
src_port: *
dst: *
dst_port: 29810
gateway: *
But it's still getting blocked by the "Default deny / state violation rule".
I also tried with Port Forward before UDP broadcast relay but that didn't work either. I'm lost how to proceed as I'm not sure I've set UDP broadcast relay correctly or I'm making a mistake with my firewall rules.
EDIT: I made it work with Firewall > NAT > Port Forward for UDP/29810 and TCP/29814.