Need assistance willing to pay up
-
Right. THEY know what is required. If they don't want to tell you then you have to find out. If I wanted to dissect that I would put a switch in between two devices on the same network and see what discovery method they use. You could also do it by seeing what the app is sending without a Roku device to talk to. There might be multiple discovery methods attempted that you wouldn't see if the first one succeeds for instance.
Once that is determined, you just make pfSense do that if possible.
Bzzzt. RFC1918 address space ends at 172.31.255.255, not 172.32.255.255.
-
Connect to your Roku device manually.
At the bottom of the discovery screen, tap Connect Manually and enter the IP address of your Roku device. You can find the IP address by visiting Settings > Network > About on your Roku device.Does this work?
-
I did try this and I saw a lot of mdns ssdp, I'll keep looking but it's driving me nuts in my time is limited. I wonder if snort is getting in the way. I'll check that too, I'll let you all know thank you.
-
Then avahi should work unless they deliberately make it not work. Definitely check the snort block list if blocking is turned on.
-
Will do thank you @Derelict I would definitely consider paying 4 a support contract if we're less expensive, I'm still learning the network side of things and have a lot to learn. this is the best way but sometimes I get stuck. Maybe a support contract with a limited amount of tickets? Is there a limit now for the standard professional? If anyone knows..
-
No limit but no discount for N tickets either. And we don't know what is required by Roku since we're not Roku. It wouldn't be Roku support.
-
What exactly are you trying to do... I run roku app on my phone and I can control my roku... I just connect to the wifi network the rokus are on...
Why do you not just connect to the wifi network your devices are on so that your on the same L2?
Once your setup you don't have to be on the same network... So my roku vlan is 192.168.7/24, my other wifi network that my phone is on which is eap-tls secured... is 192.168.2/24 So there is NO freaking way the roku is on that... My TV which is roku is currently wired and just checked its on 192.168.7.102
Just validated I can control it with my phone
So what exactly are you trying to do.. I have 2 roku sticks, roku tv multiple vlans be happy to help you figure out how to get your APP working. But I have IOS devices not android.. And I just gave my mother in law my old roku 4, which replaced with a tcl roku tv... So a bit of experience using roku ;)
-
@johnpoz Thank you, hopefully this helps a bit. I can get most of this working and it is all setup, but I cannot use the Roku Remote App on my Android VLAN1 to discover and control the Roku on VLAN20
https://drive.google.com/file/d/1xgoRjQRaryMyL2-2goeZ-DvbA8dJKJ4R/view?usp=sharing
Thanks!
-
put your phone on vlan20 until it discovers the roku, then you can move it back to vlan1
-
I do not want to dismiss your solution, I know you are very active and knowledgeable in this community, however I am not certain that is a long-term solution. You see we have more than one Roku I only drew one in for demonstration purposes. every time you switch between roku's with the Roku remote app it wants to do a rediscovery and having my kids on VLAN 10 and myself in my wife on VLAN 1 I will be moving devices on and off of VLAN 20 all the time.
-
Reviewing this it's unclear of you have tried manually entering the IP address of the Roku in the application and whether or not that works. That's the first thing I would try.
Steve
-
@stephenw10 said in Need assistance willing to pay up:
Reviewing this it's unclear of you have tried manually entering the IP address of the Roku in the application and whether or not that works. That's the first thing I would try.
Steve
And remembering before you complain too much here.. This is not a Roku forum. You need to complain to them about their policies and the way they design their products.
-
Again I have MULTIPLE roku's You only have to discover them once - then you can switch to them in the APP... You do not need to be on their network to control them.
I just sent into the guest bedroom, fired up that roku and controlled it with my phone.
Also - if you want to control your rokus, just connect your phone to vlan 20... I mean how freaking hard is that?
All of my rokus are on a roku vlan, along with my directv box.... And my harmony remote.. If I use my phone I Just pick the device
-
@johnpoz I will attempt your method, but with due respect, please hold the condescension, It is apparently hard enough where i am offering to pay for help and there are many others on the internet with the same issue.
-
There is a strong chance what you are wanting to do is not possible....not because of pfSense, rather the Roku software won't allow it. We cannot fix that limitation.
-
If that is true than so be it. I do not know enough about networking to know how the different discovery protocols work and broadcast. Again, I will try what @Derelict suggested and see what i come up with, Thanks all!
-
@johnpoz As an FYI, this did work as you described, Thank you, I just am at the mercy of always being told by a family member that somethings isn't working, so I fear, they update the Roku Remote app etc, then it stops being able to connect. It would be easier if it could discover across VLANS as I use SSID whitelisting and getting a new device becomes a process, but not a very heavy lift.
However, Thank you for the resolution.
-
Why these companies rely on multicast or broadcast discovery is beyond me.. You should be able to just hard code the IP of the device..
So the port used per their SDK for controlling them is 8060..
A quick sniff validates that.
So as long as you don't block port 8060 from your vlan 1 to your vlan 20 you should have no issue.
To be honest allowing multicast from 1 vlan into another vlan defeats the whole purpose of vlan isolation. If your going to allow that you almost might as well just run everything on the 1 vlan.
I would hope your users smart enough to connect to different vlans... if they have issues talking to a roku, just have them switch over to the vlan 20 ssid.
Here is some fun on this link too on how to send out your own ssdp query
https://sdkdocs.roku.com/display/sdkdoc/External+Control+APIBut to be honest the roku app atleast on the ios even mentions that you should be on the same wireless, and lists the wireless your on.. Or click little button to put in the IP of your roku.. This is where IP reservations come in handy so your roku's always have the same IP... Still need to do that for my TV.. it was xmas gift to myself and havn't gotten around to it yet... Doing that now ;) hehehe
-
I did see this as well with a capture however this was before putting my phone on VLAN20, there wasn't much I could do as I could not see the Roku from my app. I had an any any rule in place between the segments for the Roku IP and still nothing.
After moving my phone to VLAN20 I was able to see a connection to 8060,
I appreciate the assistance I mean I've tried everything I created anilao rule for the multicast addresses that I saw for ssdp and mdns I was just at a loss.
So it seems the upshot is allow 8060 but I'll have to move the device to the VLAN temporarily and then back. I appreciate you taking the time to take the capture and working with me on this.
-
Good excuse to do my own research ;) I had never bothered to look at their SDK before... Seems you could do some pretty neat shit if you wanted too...
Doesn't look too secure heheeh - might have some fun over at buddies house and their roku's hehehe
I am not really a fan of multicast anything to be honest... I block it from a few things on my network.. Damn plex server can not get it to stop sending out discovery every freaking 10 seconds... So I just put in an ACL at the switch port.. F U I say plex... My query on their forums on how to make it stop got nothing in response..
My wife prints some stuff every now and then via airprint from her phone or ipad. I told her if not working make sure your on this SSID.. If she can figure that out.. pretty sure your family can be trained as well... hehehehe
