How to allow wireless display (Miracast?)

Started by o58rHtfJdDiU3p, July 09, 2025, 09:52:49 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
July 09, 2025, 09:52:49 AM
Hello,

I recently replaced my old Netgear router (FreshTomato) with a mini PC running Proxmox + OPNsense.
I have a Fritz!Box connected to the internet via the OPNsense WAN port. The LAN goes to several dumb switches and a mesh Wifi AP setup.
I run DNS via a standalone Pi-hole server.
The setup was exactly the same before, and I really only replaced the router.

The new OPNsense router is working well so far, and I'm happy with my decision to switch. My DHCP leases, port maps, and web servers are already up and running again, and Pi-hole is also neatly integrated.

The only problem:
My girlfriend uses a Windows 10 laptop as a monitor and keyboard for another work PC. (Don't ask why please.) This has previously been done via the wireless display function that is integrated in Windows. I'm not sure what technology is behind it, but I suspect something like Miracast.
The problem is that due to the new firewall, the notebook is apparently no longer automatically listed as a wireless display.

I've already worked on the problem a bit and tried various configurations with the help of chatbots.
Two firewall rules in particular:

Rule 1 (for Miracast Discovery):
Action: Pass
Interface: LAN
Direction: In
Protocol: TCP/UDP
Source: Any
Destination: Any LAN Net
Destination Port Range: From 1900 to 1900 (for SSDP)
Destination Port Range: From 5353 to 5353 (for mDNS)
Destination Port Range: From 7236 to 7236 (for Miracast Control)
Destination Port Range: From 5357 to 5358 (for mDNS/SSDP fallback)

Rule 2 (for Miracast Streaming - broader, as it is dynamic):
Action: Pass
Interface: LAN
Direction: In
Protocol: TCP/UDP
Source: Any LAN Net
Destination: Any LAN Net
Destination Port Range: From 49152 to 65535

Additionally, I have also installed the UPnP plugin and activated "Enable UPnP & NAT-PMP"

I'm not entirely clear on this and have a healthy dose of chatbot skepticism, so here's my question:
Do you know what exactly this Windows Wireless Display connection does?
How can I configure OPNsense so that it works again?

I'm not even sure whether this feature works over the internet or purely over the LAN.

Thank you in advance!
July 09, 2025, 05:36:17 PM #1
Miracast can use either Wifi Direct or an available Access Point.

If the Access Points SSID for the windows client and wireless monitor is the same, they are in the same layer2 broadcast domain and the firewall does not do anything.

So I think that either your decices cannot communicate directly via layer 2 cause of your Wifi mesh setup, and Wifi Direct also doesnt work for some reason.

https://learn.microsoft.com/en-us/windows-hardware/design/device-experiences/wireless-projection-validation-projection-over-existing-network
Hardware:
DEC740
July 09, 2025, 08:46:59 PM #2
Thanks for the answer.

Problem solved:

It's almost embarrassing...
By changing routers, the two Windows computers detected new networks and automatically switched the Windows Defender firewall to "public." xD

Thanks, Microsoft!
July 09, 2025, 09:35:33 PM #3
Heh good job :)
Hardware:
DEC740
Print
Go Up Pages1
User actions