Is IGMP Proxy working in 2.4.4?



  • I have a very simple home network. I have segmented my IOT type devices on VLAN 30 (192.168.30.x). My main network (LAN) is at 192.168.1.x (no VLAN). I have a NAS at 192.168.1.250. For firewall rules, I basically have the LAN able to access everything with standard any rules. For VLAN 30, the first firewall rule is to allow access to LAN IP 192.168.1.250, then I block access to LAN, then I have the standard any rule. This is working fine and devices on VLAN 30 can reach my NAS at the one specific IP address. All other LAN access is blocked. Only issue is when I want to do DLNA access to the NAS from a device like a Roku. This is not working because the NAS and the Roku are on different subnets.

    I have tried configuring the IGMP Proxy with the one IP address of the NAS on the LAN subnet as the upstream. The entire VLAN 30 as the downstream. Then I add the pass special traffic to the first firewall rule in VLAN 30 as per the IGMP Proxy instructions but this is not working. Any ideas?



  • @jeff3820 Late post with no success either. I could be my configuration:

    • Media Server on VLAN 20 (10.2.10.200)
    • Trusted Wired Clients on VLAN 25 (10.2.25.0/24)
    • Trusted Wireless Clients on VLAN 30 (10.2.30.0/24)
    • IGMP snooping enabled on my UniFi switch for VLANs 20, 25 and 30

    IGMP Proxy enabled with

    • Upstream being the media server
    • Downstream being 10.2.25.0/24 and 10.2.30.0/24
    • Firewall rules enabled for IGMP from 10.2.25.0/24, 10.2.30.0/24 and 10.2.20.0/24 to anywhere with "Allow packets with IP options to pass" enabled under advanced options for each IGMP rule

    I have downloaded the latest IGMP proxy binary (dated April 30) from https://pkg.opnsense.org/FreeBSD:11:amd64/snapshots/latest/All/
    Interestingly, the size difference from the latest pfSense 2.4.4-RELEASE-p2 (amd64) release and the snapshot is 130K (snapshot) to 39K (release). This has worked for some but no joy for me.


Log in to reply