No Connectivity With Shield TV, Roku, or Fire TV
-
@Gertjan Thanks for the reply. Wouldn't that be the equivalent of when I disabled the entire firewall and tried it?
-
What rules do you have exactly on pfsense? Your not trying to do any static arp stuff? Or policy routing out some vpn? You running blocking software like IPS or pfblocker that could be messing with IPs these devices are trying to talk to?
Your saying your other clients all work?
I have multiple roku devices, all work just fine. There is nothing special to do.. 2 wireless sticks, and my roku tv is wired..
Pfsense doesn't care what your device is. tcp/ip is tcp/ip..
Can you ping your roku devices IP? I can ping both a wired and wireless device.
Pinging roku-kitchen.local.lan [192.168.7.99] with 32 bytes of data: Reply from 192.168.7.99: bytes=32 time=3ms TTL=63 Reply from 192.168.7.99: bytes=32 time=1ms TTL=63 Pinging tcl-tv.local.lan [192.168.7.3] with 32 bytes of data: Reply from 192.168.7.3: bytes=32 time=1ms TTL=63 Reply from 192.168.7.3: bytes=32 time=2ms TTL=63So I know the rokus should answer ping.
edit: Btw completely disable firewall not going to be same as any any rule, because that would turn off nat feature. So without nat your rfc1918 IP devices not going to be able to talk to the internet.
-
@Gertjan @johnpoz Everything was default, fresh install. No VPN, no blocking software. I was able to successfully ping from my desktop PC to the Shield with no issue. I will try the rule when I can and see if there is any change, since when I disabled the firewall temporarily it disabled NAT. Thanks for pointing that out. (Will have to wait for an opportunity to try again, probably Friday. My girlfriend works from home so she wouldn't be too happy if I started messing with the network, lol)
-
if everything was default then the default rule would of been there with any any.. And if you were not using any blocking software like ips or pfblocker then pfsense doesn't know if your client is your pc or a phone or roku..
-
Hey, @jblkstne . Did you find a resolution to this yet? I have a similar issue to you. Kodi on my Shield (connected via wire to a TP Link router in AP mode, which is then connected via wire to pfsense in the basement) in our living room cannot access my server/Windows shares. The PC running Kodi in my bedroom, connected via wifi to the AP, is able to. My laptops connected via wifi can access the shares.
I'm taking a break from this at the moment and removed pfsense and put back my Asus router for now, which is working fine.
Thanks!
-
Hi @thearm!
I unfortunately never did find a solution. I actually broke it all down and moved, I have a whole new setup I just put up in the last week in a new house with a whole network rack. I'm running a TP Link Omada controller and two Wifi 6 access points, one for each floor in the new house fed by a T-Mobile 5G gateway and two 4x4 antennas I just mounted on the side of the house (two Waveform MIMO kits, there is only one cable ISP in my area and they are horribly unreliable and ridiculously expensive, so I'm on 5G for the new house). I'm about to rack mount my server in the rack I set up, but I'm debating just getting a $60 Omada firewall instead of running PF Sense on my server like I was in the old house since it will seamlessly integrate with my Omada controller. If I end up trying PF Sense again with the new setup though I'll follow up and let you know how it goes although I'm not sure I'll feel like fighting that really strange issue when there's a pretty inexpensive solution that will seamlessly integrate with my with my new gear.
-
If both those things are connected to the TP-Link just using wifi vs Ethernet it must be something the TP-Link is doing. pfSense does not see that traffic any differently and treats it all the same.
Steve
-
How would pfsense even see that traffic? Device A talking to device B on the same network pfsense has nothing to do with that..
-
@johnpoz said in No Connectivity With Shield TV, Roku, or Fire TV:
How would pfsense even see that traffic? Device A talking to device B on the same network pfsense has nothing to do with that..
Very true... But once I put my Asus router back in place, Kodi on my Shield in my living room starts talking to my server in the basement. Not sure why yet. Once I get the mental energy to look into it further, I will and I'll let you guys know what I figure out.
Thanks and have a nice holiday!
-
@thearm how are you trying to access kodi? what url or fqdn, ip how extactly do you access it http://ipaddress:port?
-
@johnpoz It is via computer name. I added the computer name to the sources list in Kodi when I got the Shield a few years ago. I could try by IP, but it would be nice to know what the problem actually is with using the PC name.
On my Win10 laptop, I can access the servers shares just fine via computer name on wifi from the TP Link AP. Granted, that is Win10 compared to Android, so maybe not a good comparison. Just an FYI.
-
@thearm said in No Connectivity With Shield TV, Roku, or Fire TV:
t is via computer name.
so just a host name, not a fully qualified name with domain.tld etc..
You computer could be auto adding the domain suffix.. If not your doing a broadcast for it.. It is always better to use fully qualified domain name..
Can you access the share via IP? Or actually use what the fqdn is..
-
@johnpoz I'll get back to you once I put pfsense back in place. Not sure when that will be, but I will do it soon. Thanks for the help thus far.
-
Ok, I set it up again tonight. Kodi on the Shield, connected via hard wire to an AP with openWRT, gives an 'connection timed out' error when connecting to a share on a Windows server. I rebooted the shield and then I got an 'invalid argument' when trying to open the same share. I tried to connect to the SMB share, via PC name, and I get a 'connection refused'.
My wireless PC in the bedroom, connected to the same AP, has no trouble getting to the same share.
When I ping my server, I get an IPV6 response it seems. So I tried to diable 'Allow IPv6' which doesn't work. However, I'm going to reboot my devices and see if that changes things. IPV6 is not enabled on my Windows server that I can remember, but I'll check.
Weird...
-
Stand down. I think it is a Comodo software firewall rule (shown below) on my server was causing the issue. Once I deleted it, kodi can now connect. Not sure why the PC in my bedroom via wifi can get to the share but the shield could not. And, not sure why the Shield can get to it if I put my Asus router in place instead of pfsense.
Here is a pic of the rule (older version, but this is the same rule): https://help.comodo.com/uploads/Comodo%20Internet%20Security/1bca1244957cf78a78b90fc0d6acd490/5eac818f1e1c4adc19d335055b06586b/f7356b41de168af74a9f88f43cd245f1/cis_firewall_global1.png
-
@thearm Glad you figured it out. I ended up going full Omada so I haven't had any issues like I did before but obviously couldn't chime back in with any experience.
