Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    No Connectivity With Shield TV, Roku, or Fire TV

    Scheduled Pinned Locked Moved General pfSense Questions
    25 Posts 7 Posters 2.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      jblkstne @Gertjan
      last edited by

      @Gertjan Thanks for the reply. Wouldn't that be the equivalent of when I disabled the entire firewall and tried it?

      1 Reply Last reply Reply Quote 0
      • johnpozJ
        johnpoz LAYER 8 Global Moderator
        last edited by johnpoz

        What rules do you have exactly on pfsense? Your not trying to do any static arp stuff? Or policy routing out some vpn? You running blocking software like IPS or pfblocker that could be messing with IPs these devices are trying to talk to?

        Your saying your other clients all work?

        I have multiple roku devices, all work just fine. There is nothing special to do.. 2 wireless sticks, and my roku tv is wired..

        Pfsense doesn't care what your device is. tcp/ip is tcp/ip..

        Can you ping your roku devices IP? I can ping both a wired and wireless device.

        Pinging roku-kitchen.local.lan [192.168.7.99] with 32 bytes of data:
        Reply from 192.168.7.99: bytes=32 time=3ms TTL=63
        Reply from 192.168.7.99: bytes=32 time=1ms TTL=63
        
        Pinging tcl-tv.local.lan [192.168.7.3] with 32 bytes of data:
        Reply from 192.168.7.3: bytes=32 time=1ms TTL=63
        Reply from 192.168.7.3: bytes=32 time=2ms TTL=63
        

        So I know the rokus should answer ping.

        edit: Btw completely disable firewall not going to be same as any any rule, because that would turn off nat feature. So without nat your rfc1918 IP devices not going to be able to talk to the internet.

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.11 | Lab VMs 2.8, 24.11

        1 Reply Last reply Reply Quote 0
        • J
          jblkstne @Gertjan
          last edited by

          @Gertjan @johnpoz Everything was default, fresh install. No VPN, no blocking software. I was able to successfully ping from my desktop PC to the Shield with no issue. I will try the rule when I can and see if there is any change, since when I disabled the firewall temporarily it disabled NAT. Thanks for pointing that out. (Will have to wait for an opportunity to try again, probably Friday. My girlfriend works from home so she wouldn't be too happy if I started messing with the network, lol)

          1 Reply Last reply Reply Quote 0
          • johnpozJ
            johnpoz LAYER 8 Global Moderator
            last edited by

            if everything was default then the default rule would of been there with any any.. And if you were not using any blocking software like ips or pfblocker then pfsense doesn't know if your client is your pc or a phone or roku..

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            SG-4860 24.11 | Lab VMs 2.8, 24.11

            1 Reply Last reply Reply Quote 0
            • T
              thearm
              last edited by

              Hey, @jblkstne . Did you find a resolution to this yet? I have a similar issue to you. Kodi on my Shield (connected via wire to a TP Link router in AP mode, which is then connected via wire to pfsense in the basement) in our living room cannot access my server/Windows shares. The PC running Kodi in my bedroom, connected via wifi to the AP, is able to. My laptops connected via wifi can access the shares.

              I'm taking a break from this at the moment and removed pfsense and put back my Asus router for now, which is working fine.

              Thanks!

              J 1 Reply Last reply Reply Quote 0
              • J
                jblkstne @thearm
                last edited by

                Hi @thearm!

                I unfortunately never did find a solution. I actually broke it all down and moved, I have a whole new setup I just put up in the last week in a new house with a whole network rack. I'm running a TP Link Omada controller and two Wifi 6 access points, one for each floor in the new house fed by a T-Mobile 5G gateway and two 4x4 antennas I just mounted on the side of the house (two Waveform MIMO kits, there is only one cable ISP in my area and they are horribly unreliable and ridiculously expensive, so I'm on 5G for the new house). I'm about to rack mount my server in the rack I set up, but I'm debating just getting a $60 Omada firewall instead of running PF Sense on my server like I was in the old house since it will seamlessly integrate with my Omada controller. If I end up trying PF Sense again with the new setup though I'll follow up and let you know how it goes although I'm not sure I'll feel like fighting that really strange issue when there's a pretty inexpensive solution that will seamlessly integrate with my with my new gear.

                1 Reply Last reply Reply Quote 0
                • stephenw10S
                  stephenw10 Netgate Administrator
                  last edited by

                  If both those things are connected to the TP-Link just using wifi vs Ethernet it must be something the TP-Link is doing. pfSense does not see that traffic any differently and treats it all the same.

                  Steve

                  johnpozJ 1 Reply Last reply Reply Quote 0
                  • johnpozJ
                    johnpoz LAYER 8 Global Moderator @stephenw10
                    last edited by

                    How would pfsense even see that traffic? Device A talking to device B on the same network pfsense has nothing to do with that..

                    An intelligent man is sometimes forced to be drunk to spend time with his fools
                    If you get confused: Listen to the Music Play
                    Please don't Chat/PM me for help, unless mod related
                    SG-4860 24.11 | Lab VMs 2.8, 24.11

                    T 1 Reply Last reply Reply Quote 0
                    • T
                      thearm @johnpoz
                      last edited by

                      @johnpoz said in No Connectivity With Shield TV, Roku, or Fire TV:

                      How would pfsense even see that traffic? Device A talking to device B on the same network pfsense has nothing to do with that..

                      Very true... But once I put my Asus router back in place, Kodi on my Shield in my living room starts talking to my server in the basement. Not sure why yet. Once I get the mental energy to look into it further, I will and I'll let you guys know what I figure out.

                      Thanks and have a nice holiday!

                      johnpozJ 1 Reply Last reply Reply Quote 0
                      • johnpozJ
                        johnpoz LAYER 8 Global Moderator @thearm
                        last edited by

                        @thearm how are you trying to access kodi? what url or fqdn, ip how extactly do you access it http://ipaddress:port?

                        An intelligent man is sometimes forced to be drunk to spend time with his fools
                        If you get confused: Listen to the Music Play
                        Please don't Chat/PM me for help, unless mod related
                        SG-4860 24.11 | Lab VMs 2.8, 24.11

                        T 1 Reply Last reply Reply Quote 0
                        • T
                          thearm @johnpoz
                          last edited by thearm

                          @johnpoz It is via computer name. I added the computer name to the sources list in Kodi when I got the Shield a few years ago. I could try by IP, but it would be nice to know what the problem actually is with using the PC name.

                          On my Win10 laptop, I can access the servers shares just fine via computer name on wifi from the TP Link AP. Granted, that is Win10 compared to Android, so maybe not a good comparison. Just an FYI.

                          johnpozJ 1 Reply Last reply Reply Quote 0
                          • johnpozJ
                            johnpoz LAYER 8 Global Moderator @thearm
                            last edited by johnpoz

                            @thearm said in No Connectivity With Shield TV, Roku, or Fire TV:

                            t is via computer name.

                            so just a host name, not a fully qualified name with domain.tld etc..

                            You computer could be auto adding the domain suffix.. If not your doing a broadcast for it.. It is always better to use fully qualified domain name..

                            Can you access the share via IP? Or actually use what the fqdn is..

                            An intelligent man is sometimes forced to be drunk to spend time with his fools
                            If you get confused: Listen to the Music Play
                            Please don't Chat/PM me for help, unless mod related
                            SG-4860 24.11 | Lab VMs 2.8, 24.11

                            T 1 Reply Last reply Reply Quote 0
                            • T
                              thearm @johnpoz
                              last edited by

                              @johnpoz I'll get back to you once I put pfsense back in place. Not sure when that will be, but I will do it soon. Thanks for the help thus far.

                              T 1 Reply Last reply Reply Quote 0
                              • T
                                thearm @thearm
                                last edited by

                                Ok, I set it up again tonight. Kodi on the Shield, connected via hard wire to an AP with openWRT, gives an 'connection timed out' error when connecting to a share on a Windows server. I rebooted the shield and then I got an 'invalid argument' when trying to open the same share. I tried to connect to the SMB share, via PC name, and I get a 'connection refused'.

                                My wireless PC in the bedroom, connected to the same AP, has no trouble getting to the same share.

                                When I ping my server, I get an IPV6 response it seems. So I tried to diable 'Allow IPv6' which doesn't work. However, I'm going to reboot my devices and see if that changes things. IPV6 is not enabled on my Windows server that I can remember, but I'll check.

                                Weird...

                                T 1 Reply Last reply Reply Quote 0
                                • T
                                  thearm @thearm
                                  last edited by thearm

                                  Stand down. I think it is a Comodo software firewall rule (shown below) on my server was causing the issue. Once I deleted it, kodi can now connect. Not sure why the PC in my bedroom via wifi can get to the share but the shield could not. And, not sure why the Shield can get to it if I put my Asus router in place instead of pfsense.

                                  Here is a pic of the rule (older version, but this is the same rule): https://help.comodo.com/uploads/Comodo%20Internet%20Security/1bca1244957cf78a78b90fc0d6acd490/5eac818f1e1c4adc19d335055b06586b/f7356b41de168af74a9f88f43cd245f1/cis_firewall_global1.png

                                  J 1 Reply Last reply Reply Quote 0
                                  • J
                                    jblkstne @thearm
                                    last edited by

                                    @thearm Glad you figured it out. I ended up going full Omada so I haven't had any issues like I did before but obviously couldn't chime back in with any experience.

                                    1 Reply Last reply Reply Quote 0
                                    • First post
                                      Last post
                                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.