UPnP support
-
Well i've tried both Msn 7.5 and Msn live (8.0.0812).
My Rules are default:
LAN
Prot: any /source: lan net /destination address: any / destination port: any /gateway: anyWAN
NONEDMZ
Allow out -> any destination (DNS, HTTP, HTTPS)
Allow out -> LAN net (ICMP, IDENT)My network testing conf is like this:
Internet -> routeur -> 4 interner address -> IP1 Linksys -> client 1
-> IP2 PFsense -> client 2Funny enougth in this configuration it's not working and the log are showing something wrong when trying to connect via audio…
client 1 open port udp 6016 / 6017
client 2 open port udp client2:32912 -> ip2:23827 / client2:2036 -> ip2:23828
all i see on the pflog are block match (rule 47/0) and sometimes for different port....pflogs:
block in on wan ip1.6016 -> client 2.32912
block in on wan ip1.6017 -> client 2.2036
block in on wan ip1.6017 -> ip2.57520
block in on wan ip1.6016 -> ip2.58676Thanks for your help
cheers, -
What version pfSense are you using?? The version is important.
The client is connected on the LAN port correct? I tested with Live Messenger 8.0.0812.00 and it properly mapped the ports.
Also in Live Messenger goto Tools -> Options menu. When that dialog appears click Connection on the left.
Mine says
"You are directly connected to .NET Messenger Service.
You are connected to the Internet through a UPnP symmetric NAT."
If it does not say that it should enable the connection troubleshooter below. Click start and see what it finds.
-
pfsense 1.01
For Msn I'will see this tomorow no power again here -.-;
-
I don't understand why you have the linksys where it is?
PF can handle multiple WAN IP addresses and can do 1:1 NAT for you if that's what you want… there's really no reason to use the Linksys as a router that I can think of...
-
ok
So i have a internet connection with 2 spare public ip addresse.
For the test i use 2 public ip addresse one is connected to the linksys and the other one to pfsense.
Make the test more realistic…Cheers.
-
msn tell me whith:
pfsense that i'm connected thru a UPNP symetric NAT. (Administrator)
Linksys that i'm connected thru a UPnP Port Restricted NAT. (Administrator)Both are directly connected to .NET Messenger Service.
Cheers,
-
Arg
I've actually tried to connect to each other while connected directly on internet and i had the same problem -.-;
Wondering what's wrong with my computer…Thanks for your time and you great support.
-
Hi,
does this Package work without any Problems on an Multi-Wan Setup?
Regards -
Arg
I've actually tried to connect to each other while connected directly on internet and i had the same problem -.-;
Wondering what's wrong with my computer…Thanks for your time and you great support.
I'm guessing maybe you have a software firewall installed on the PC that was behind the Linksys, something other than the XP firewall. This would stop certain ports from working, even if the Linksys is allowing all of the mappings…
-
I committed version 20061123. This addresses the address in use error, which can happen if other services are using the interface assigned to miniupnpd. Full installs just reinstall the package. Embeddeds you can update via the usual instructions.
-
Just a note, this package is working EXCELLENT now!! No more 100% CPU problems, no address in use problems in the case of a service restart, really no problems!!
Thanks for all your hard work everyone involved!!
-
Excellent. This package indeed has turned out to be a first class package.
We will be merging this into -BASE for future versions due to it working so well.
So all you embedded users, rejoice.
-
Agreed…
This has come such a long way... Congratulations for making this such a first class package and helping to make pfsense even better..
Riley
-
Yay for putting it in -BASE!
All your -BASE are belong to us? ;D
Again, it is really great that pfSense is now the only free firewall implementation to properly handle UPnP. I have a feeling that once it goes into -BASE we might get more XBox owners looking for a good firewall system… :)
-
Nice looking package. I have a question - I appologise if it has already been answered.
Is this package able to handle Multi/Dual WAN setups, or does it simply route traffic through one of the two links? (is it possible to choose which?)
Thanks!
– Phob
-
Single WAN only ATM.
-
Single WAN only ATM.
I could be wrong on this but can't they just use the external address field to specify which wan to use? This would require have a static ip or a dynamic one that rarely changes.
-
Single WAN only ATM.
I could be wrong on this but can't they just use the external address field to specify which wan to use? This would require have a static ip or a dynamic one that rarely changes.
It needs to also add reply-to against the firewall rules to make this work properly iirc.
-
Outstanding work all!
I haven't seen anyone else bring this up but I don't see the port mappings on the status page. I know the daemon is working.
If I type:
pfctl -aminiupnpd -sn
rdr log on vr1 inet proto tcp from any to any port = 6881 label "utorrent" -> 192.168.10.149 port 6881
pfctl -aminiupnpd -sr
pass in log quick on vr1 inet proto tcp from any to any port = 6881 keep state label "utorrent"
I see my mappings but they never show up on https://pfsense/status_upnp.php. In Firefox 2.0 I do see a table with blank rows, if there is one mapping I see one blank row, if there are 4 mappings I see 4 blank rows. In IE6 I see no table at all.
Thx,
Tim
-
Outstanding work all!
I haven't seen anyone else bring this up but I don't see the port mappings on the status page. I know the daemon is working.
If I type:
pfctl -aminiupnpd -sn
rdr log on vr1 inet proto tcp from any to any port = 6881 label "utorrent" -> 192.168.10.149 port 6881
pfctl -aminiupnpd -sr
pass in log quick on vr1 inet proto tcp from any to any port = 6881 keep state label "utorrent"
I see my mappings but they never show up on https://pfsense/status_upnp.php. In Firefox 2.0 I do see a table with blank rows, if there is one mapping I see one blank row, if there are 4 mappings I see 4 blank rows. In IE6 I see no table at all.
Thx,
Tim
Thats really weird. I just tested on both Firefox 2.0 and IE6. Mine shows the mappings. Remove and reinstall the package and see if that fixes it.