Does anyone still use Microsoft Windows Media Extender? Any issue with OPNsense?

[Peebee01]

Hi,

I'm a new user to OPNSense, I have some networking knowledge but I cant get Windows Media Center Extender to work on my LAN after adding an OPNSense based router.

I know this Media center is from the stone age, but my wife doesnt want to use anything else for satellite TV. We have a windows 7 PC for TV in the living room and an XBOX360 in the bed room used as a media center extender. Both are connected to a L2 switch and the switch is connected to a proxmox server running OPNSense 24.1. Both are set as clients to the DHCP server running in OPNsense, I'm using the standard OPNsense firewall rules which include not filtering LAN-LAN traffic, yet.... As soon as the OPNsense router is connected, the extender no longer can connect to the windows 7 PC.

Mediacenter has always been very picky when it comes to firewalls. There are many posts about the exact same thing happen once the Windows PC was equipped with anything other than the built in microsoft firewall. (The firewall on my PC is fully switched off).

For a firewall running on a PC, Microsoft requires the following long list of rules for Mediacenter to work:
Application      Protocol/Port      Direction      Network
svchost.exe      UDP 1900      Inbound      Local Subnet
svchost.exe      TCP 3390      Inbound      Local Subnet
svchost.exe      TCP 2177      Inbound, Outbound   Local Subnet
svchost.exe      UDP 2177      Inbound, Outbound   Local Subnet
system           TCP 10244      Inbound, Outbound   Local Subnet
ehshell.exe      UDP 5004, 5005   Inbound, Outbound   Local Subnet
ehshell.exe      TCP 8554-8558   Inbound, Outbound   Local Subnet
ehshell.exe      UDP 50004- 50013   Inbound, Outbound   Local Subnet
ehshell.exe      UDP 7777-7781   Inbound, Outbound   Local Subnet
mcx2prov.exe      Random      Inbound, Outbound   Internet
mcrmgr.exe      Random      Inbound, Outbound    Internet

None of this has been a problem for years, with different ISP routers. However, now that Im using OPNSense some of these ports are apparently blocked. Nothing shows up in my firewall live log viewer related to dropped packets (probably to be expected as this is LAN-LAN traffic)

If I replace OPNsense with the old router of my ISP, there is no problem. Both are using the same 192.168.1.0 range (not simultaneously ofcourse) and there is no other change than replacing the ISP router with the virtual router in OPNsense. The Proxmox PC uses 2 realtek NICs. One is used a LAN the other as WAN. As my ISP router can not be put in bridge mode, I change that to 192.168.2.0 range to hand an IP address 192.168.2.10 to the WAN port of Proxmox and I enable DMZ on the ISP router for the Proxmox WAN port. So its ISP router - Proxmox WAN - Proxmox LAN - L2 Switch with both windows PC and XBOX360 based extender.

Could anyone help and point me in the right direction? How could just having OPNsense on the network result in blocking this traffic? Especially given this traffic doesnt have to pass through the router, it could just be switched from the PC to the extender I believe.

[Monviech (Cedrik)]

The OPNsense can't block Layer 2 traffic. When the Windows PC and XBOX360 are connected to the same switch, they can communicate directly with each other.

The OPNsense never sees this traffic.

The Windows PC Probably changes Firewall Zones due to the new Router giving it a new IP. And in that Zone the Media Player isnt allowed.

[Peebee01]

Oh man I feel so stupid.... As the firewall was switched off I didnt even bother to look at the network settings on the PC but indeed the new router made Windows7 think it was on a coroporate instead of a home network. Changing it to "home network" solved my problem.

Thanks for taking the time to respond and your help. Much appreciated!