Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Captive portal causing Sendto permission denied errors with udpbroadcastrelay

    Scheduled Pinned Locked Moved
    Captive Portal
    2
    3
    621
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • bitrotB
      bitrot
      last edited by

      I've been trying to get my Sonos system to work properly across an IoT VLAN using udpbroadcastrelay as described in this thread: https://forum.netgate.com/topic/155698/how-can-i-get-this-udp-relay-package-for-casting-across-vlans

      @jimp I couldn't get discovery to work correctly and found your response in another thread (https://forum.netgate.com/post/888663) while troubleshooting because I was getting "Sendto permission denied" errors when running the udpbroadcastrelay command. When I turn off captive portal, these errors go away and Sonos discovery works correctly. But I have no idea what about captive portal is causing this.

      Below is my captive portal configuration:

      a1afe507-9188-43d6-b9dd-e77836ca9150-image.png

      fd711216-a952-4a98-b375-63bdc5a3ec0f-image.png

      978896e2-dfca-42cd-ae8c-04a414e634cd-image.png

      2d214d6c-d1cc-426f-8ed4-602836081652-image.png

      Known devices are configured on the MAC's tab

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        Captive portal by design blocks L2 communication and up, which is also blocking multicast. It only allows a small number of things in L2 by default (ARP, PPPoE, and a couple other similar things).

        In addition to the known devices you'll also have to add bypasses for whatever multicast destinations you want to allow, though I haven't tested that. It may work, but I wouldn't expect much from trying to allow all that on a segment with captive portal. Might be best to put that on a separate VLAN that doesn't have that in place.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        bitrotB 1 Reply Last reply Reply Quote 0
        • bitrotB
          bitrot @jimp
          last edited by

          Thanks @jimp

          Adding an "Allowed IP Address" of 239.255.255.250 for SSDP (Roku Discovery, DLNA Media, Sonos, UPnP + More) to the captive portal did the trick. Thanks a bunch

          I've also added 224.0.0.251 for mDNS / Multicast DNS (Chromecast Discovery + Bonjour + More)

          Works like a charm now :)

          1 Reply Last reply Reply Quote 1
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.