TiVo Says Port 8080 Closed. Tools to Check?
-
Good idea to check the state table. I'd checked the logs, but there's nothing. Here's what shows up in the state table during a connection attempt:
States Interface Protocol Source (Original Source) -> Destination (Original Destination) State Packets Bytes VPN_LAN tcp 192.168.20.6:60422 -> 208.73.181.202:8080 TIME_WAIT:TIME_WAIT 1 / 1 60 B / 40 B VPN2_WAN tcp 10.8.0.214:55750 (192.168.20.6:60422) -> 208.73.181.202:8080 TIME_WAIT:TIME_WAIT 1 / 1 60 B / 40 B
192.168.20.6 is my TiVo
208.73.181.202 is on the list of TiVo's servers
10.8.0.214 is that VPN WAN interface's addressSo, it looks like the traffic is at least leaving my system. I'll try to figure out something with a packet capture.
-
Here's a packet capture for port 8080 on that OpenVPN client:
17:35:15.115962 IP 10.8.0.214.30048 > 208.73.181.202.8080: tcp 0 17:35:15.129437 IP 208.73.181.202.8080 > 10.8.0.214.30048: tcp 0
And, here's one for the TiVo's IP address and port 8080 on the local VPN interface:
17:40:51.048594 IP 192.168.20.6.60503 > 208.73.181.202.8080: tcp 0 17:40:51.063299 IP 208.73.181.202.8080 > 192.168.20.6.60503: tcp 0
And, just for grins, here's one for the TiVo's IP address and port 8080 on the local VPN interface while the TiVo's doing its port diagnostics and saying port 8080 is closed:
18:06:24.626166 IP 192.168.20.6.60600 > 208.73.181.202.8080: tcp 0 18:06:24.642865 IP 208.73.181.202.8080 > 192.168.20.6.60600: tcp 0
I'm 99.99% clueless, but to me, that looks like during the diagnostics, port 8080 is working fine and during a download something went there and back again involving port 8080. I guess that means this isn't related to pfSense at all. Heck, it doesn't even look like it's related to the VPN.
-
That looks like good two-way traffic - at least from something.
-
Anyone know what the time codes in those packet captures mean? The first three parts are obviously hours, minutes, and seconds. But, is the last part millionths of a second?
-
Yeah, 6 decimal places is milliseconds.
-
Thanks. I couldn't find anything saying that that final clump of numbers was some kind of fractional second or something else entirely.
BTW: 10^(-6) seconds is actually microseconds:
https://en.wikipedia.org/wiki/Microsecond
A millisecond is a thousandth of a second.
-
right
-
If I had to guess, I'd say TiVo is blocking access from the VPN provider.
Especially if it works fine from your regular network.
Mine don't seem to do anything fancy with the traffic that leaves my network, nothing I'd expect to break that way at least. But they are a bit strict with region stuff so it would not surprise me to hear they block known VPN/Proxy providers.
-
I, too, am guessing TiVo has somehow started blocking access via VPN. I've reported this on the TiVoCommunity forum:
http://www.tivocommunity.com/community/index.php?threads/tivo-bolt-thinks-port-8080-closed.551422/#post-11242891
and to TiVo (corporation), itself. But, so far, nothing. It's just odd that the sole check that's (supposedly) failing is the one for port 8080 instead of something more general.
I've worked around it by simply adding a firewall rule to have all traffic coming from my TiVo go through the WAN instead of the VPN interface. That's not really what I want to do, but it works.
-
I was forcing a tivo through an OpenVPN that egresses from AWS Oregon until about a week ago and it worked fine for geo-shifting MLB.Tv. Probably just a matter of time. (Don't have the tivo any more.)
Didn't try any other streaming services and tivo updates seemed to be fine.
Hard for me to fathom why tivo would care where you get updates from. The streaming apps all have their own enforcement methods I would think.
You could tailor the rule to only put traffic sourced from the tivo and destined for port 8080 out WAN.