Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    SSDP form UPnP Portforwarding not working

    Scheduled Pinned Locked Moved NAT
    1 Posts 1 Posters 554 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      dd-han
      last edited by

      Hi, I get some UPnP Port Forwarding problem with my pfSense firewall (version 2.5.2, amd64 on Proxmox VE).

      When I just start UPnP & NAT-PMP function, everything works fine and I can run upnpc -L from my windows PC and get port forwarding status:

      upnpc : miniupnpc library test client, version 1.9.
 (c) 2005-2014 Thomas Bernard.
Go to http://miniupnp.free.fr/ or http://miniupnp.tuxfamily.org/
for more information.
List of UPNP devices found on the network :
 desc: http://192.168.5.3:2189/rootDesc.xml
 st: urn:schemas-upnp-org:device:InternetGatewayDevice:1

Found valid IGD : http://192.168.5.3:2189/ctl/IPConn
Local LAN ip address : 192.168.5.119
 i protocol exPort->inAddr:inPort description remoteHost leaseTime
 0 TCP 25543->192.168.5.40:25543 'NAT-PMP 25543 tcp' '' 0
 1 UDP  5291->192.168.5.119:5291  'libminiupnpc' '' 0

      After several minute, upnpc -L no longer works. It find my TV only:

      upnpc : miniupnpc library test client, version 1.9.
 (c) 2005-2014 Thomas Bernard.
Go to http://miniupnp.free.fr/ or http://miniupnp.tuxfamily.org/
for more information.
List of UPNP devices found on the network :
 desc: http://192.168.5.126:54380/MediaRenderer_LSPX-S2.xml
 st: upnp:rootdevice

UPnP device found. Is it an IGD ? : http://192.168.5.126:54380/
Trying to continue anyway
Local LAN ip address : 192.168.5.119
GetListOfPortMappings() returned 501 (Action Failed)
GetListOfPortMappings() returned 501 (Action Failed)

      I have to add argument -u to bypass discovery upnpc -u http://192.168.5.3:2189/ctl/IPConn -L or it will not works. Other program like game or Parsec that require P2P can't register more port (resisted port still work). That makes be believe miniupnpd still works, but SSDP dead.

      upnpc : miniupnpc library test client, version 1.9.
 (c) 2005-2014 Thomas Bernard.
Go to http://miniupnp.free.fr/ or http://miniupnp.tuxfamily.org/
for more information.
Found valid IGD : http://192.168.5.3:2189/
Local LAN ip address : 192.168.5.119
 i protocol exPort->inAddr:inPort description remoteHost leaseTime
 0 TCP 25543->192.168.5.40:25543 'NAT-PMP 25543 tcp' '' 0
 1 UDP  5291->192.168.5.119:5291  'libminiupnpc' '' 0

      Also I run miniupnpd with debug enabled on my firewall, it seen that SSDP discovery stop after miniupnpd 46283 - - 240 rt_msg : msglen=240 version=5 type=1

      miniupnpd 46283 - - level=0 type=20
miniupnpd 46283 - - sdl_index = 2  vtnet1:ea.70.7.72.35.b8
miniupnpd 46283 - - ST: urn:dial-multiscreen-org:service:dial:1 (ver=1)
miniupnpd 46283 - - SSDP M-SEARCH from 192.168.5.102:47530 ST: urn:dial-multiscreen-org:service:dial:1
miniupnpd 46283 - - level=0 type=20
miniupnpd 46283 - - sdl_index = 2  vtnet1:ea.70.7.72.35.b8
miniupnpd 46283 - - ST: urn:dial-multiscreen-org:service:dial:1 (ver=1)
miniupnpd 46283 - - SSDP M-SEARCH from 192.168.5.102:47530 ST: urn:dial-multiscreen-org:service:dial:1
miniupnpd 46283 - - 240 rt_msg : msglen=240 version=5 type=1
miniupnpd 46283 - -  RTM_ADD
miniupnpd 46283 - - 240 rt_msg : msglen=240 version=5 type=1
miniupnpd 46283 - -  RTM_ADD
miniupnpd 46283 - - 240 rt_msg : msglen=240 version=5 type=1
miniupnpd 46283 - -  RTM_ADD
miniupnpd 46283 - - 240 rt_msg : msglen=240 version=5 type=1
miniupnpd 46283 - -  RTM_ADD
miniupnpd 46283 - - 240 rt_msg : msglen=240 version=5 type=1
miniupnpd 46283 - -  RTM_ADD
miniupnpd 46283 - - 240 rt_msg : msglen=240 version=5 type=1
miniupnpd 46283 - -  RTM_ADD
miniupnpd 46283 - - 240 rt_msg : msglen=240 version=5 type=1
miniupnpd 46283 - -  RTM_ADD
miniupnpd 46283 - - 240 rt_msg : msglen=240 version=5 type=1
miniupnpd 46283 - -  RTM_ADD
miniupnpd 46283 - - 240 rt_msg : msglen=240 version=5 type=1
miniupnpd 46283 - -  RTM_ADD
miniupnpd 46283 - - 240 rt_msg : msglen=240 version=5 type=1
miniupnpd 46283 - -  RTM_ADD
miniupnpd 46283 - - 240 rt_msg : msglen=240 version=5 type=1
miniupnpd 46283 - -  RTM_ADD
miniupnpd 46283 - - 240 rt_msg : msglen=240 version=5 type=1
miniupnpd 46283 - -  RTM_ADDminiupnpd 46283 - - HTTP REQUEST from 192.168.5.119:62392 : GET /ctl/IPConn (HTTP/1.1)
miniupnpd 46283 - - Host: 192.168.5.3:2189
miniupnpd 46283 - - HTTP REQUEST from 192.168.5.119:62393 : POST / (HTTP/1.1)
miniupnpd 46283 - - Host: 192.168.5.3:2189
miniupnpd 46283 - - SOAPAction: #GetListOfPortMappings
miniupnpd 46283 - - HTTP REQUEST from 192.168.5.119:62394 : POST / (HTTP/1.1)
miniupnpd 46283 - - Host: 192.168.5.3:2189
miniupnpd 46283 - - SOAPAction: #GetListOfPortMappings

      full log: minuupnpd.log.txt

      Config file( I manually add ipv6_disable=yes, but nothing changes):

      port=2189
listening_ip=vtnet1
packet_log=yes
system_uptime=yes
secure_mode=yes
presentation_url=https://192.168.5.3/
uuid=d41d8cd9-f00b-204e-9800-998ecf8427e
serial=D41D8CD9
model_number=2.5.2-RELEASE
allow 1024-65535 192.168.5.0/24 1024-65535
enable_upnp=yes
enable_natpmp=yes
ipv6_disable=yes

      not sure that problems comes from miniupnpd or pfSense. But SSDP should not works only several minutes.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.