Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Chromecast audio/video between VLANs

    General pfSense Questions
    6
    8
    3442
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      tcsac last edited by tcsac

      ***Quick update - as mentioned below you now also need 8443, Google added that at some point and has basically nuked all documentation on the internet about port usage.

      I've seen a few posts on this, but nobody covers it all - and most just tell you to put in blanket "allow everything" rules as a copout.

      Step 1 - turn on Avahi. This is greatly simplified on the latest builds of PFsense - once installed you should just need:
      Check the enable box
      Select the interfaces you WANT broadcast traffic enabled on (on older versions you selected the excluded interfaces)
      Check the box for "enable reflection"

      that should be it for Avahi.

      Step 2 - if you're like me and you've got a lot of devices, I STRONGLY suggest creating an alias for them:
      Firewall >> Aliases
      Name: whatever you want
      Description: whatever you want
      Type: hosts

      Next put in the IP addresses of all your chromecast devices - if you haven't already you REALLY need to do static DHCP for all of them or it will be a nightmare.

      Step 3:
      Once this is done it's time for the firewall rules.
      Go to the VLAN where you source hosts will be (not the VLAN where the chromecasts will be).
      You'll need at least 5 rules.

      Rule 1:
      Action: Pass
      Interface: Host VLAN
      Address Family: IPv6
      Protocol: UDP
      Source: Any
      Destination: single host or alias | ff02::fb | port 5353

      Rule 2:
      Action: Pass
      Interface: Host VLAN
      Address Family: IPv6
      Protocol: UDP
      Source: Any
      Destination: single host or alias | ff02::fb | port 1900

      Rule 3:
      Action: Pass
      Interface: Host VLAN
      Address Family: IPv4
      Protocol: UDP
      Source: Any
      Destination: single host or alias | 224.0.0.251 | port 5353

      Rule 4:
      Action: Pass
      Interface: Host VLAN
      Address Family: IPv4
      Protocol: UDP
      Source: Any
      Destination: single host or alias | 224.0.0.251 | port 1900

      Rule 5:
      Action: Pass
      Interface: Host VLAN
      Address Family: IPv4
      Protocol: TCP
      Source: Any
      Destination: single host or Alias | Chromecast Alias you created earlier | Port 8008-8009, 8443

      Now, depending on how strict you want to be, you can set up Rule 5 to be restricted to only certain IPs on your Host VLAN vs. "any".

      That should be it - you should be good to g.

      This was directly from google as far as what ports chromecast uses:

      Which ports does Chromecast use when connecting to external services?

      HTTP:  TCP/80
      HTTPS:  TCP/443
      DNS:  UDP/53
      SNTP:  UDP/123
      

      Which ports are used by Chromecast to communicate with computer/phone/tablet in the same network?

      SSDP:  UDP/1900/multicast
      mDNS:  UDP/5353/multicast
      TCP/8008
      TCP/8009
      B 1 Reply Last reply Reply Quote 3
      • T
        Toube last edited by

        Thanks for this.
        I just got my Vlans for the iot network up and running.. for me it was enough to install avahi and enable it on the selected interfaces.

        Now I can simply be logged on the LAN wifi and still be able to cast my 2 chromecast even if they are on different vlan / ip-space.

        1 Reply Last reply Reply Quote 0
        • B
          burntoc @tcsac last edited by

          @tcsac @Toube Do Google Home groups get populated across VLANS for you this way? I am able to cast to specific devices, but I can't see speaker groups unless I join the VLAN they're on.

          1 Reply Last reply Reply Quote 2
          • B
            burntoc last edited by

            FYI to anyone still coming across this topic. I was able to solve my issue. Some of the details are found in feature request I opened once I realized the package fixed my issues:

            https://redmine.pfsense.org/issues/10818

            T 1 Reply Last reply Reply Quote 0
            • T
              tman222 @burntoc last edited by tman222

              @burntoc said in Chromecast audio/video between VLANs:

              FYI to anyone still coming across this topic. I was able to solve my issue. Some of the details are found in feature request I opened once I realized the package fixed my issues:

              https://redmine.pfsense.org/issues/10818

              Hi @burntoc - I think adding a package is a great idea. Do you mind sharing some more details on how you are currently running UDP broadcast relaying manually? I'm interested in experimenting with this as well. Thanks in advance.

              EDIT: I found your other thread here and followed instructions there - works great!

              https://forum.netgate.com/topic/155698/how-can-i-get-this-udp-relay-package-for-casting-across-vlans

              1 Reply Last reply Reply Quote 1
              • N
                nedyah700 last edited by

                This was very helpful! I had to add Port 8443 to Rule 5. Using a new Nest Hub and that port was preventing communication.

                1 Reply Last reply Reply Quote 0
                • I
                  incognito last edited by

                  I can not get this working with a chromecast gen. 2

                  I have chromecast on a IOT VLAN.
                  In Avahi I have picked "allow" mode and picked the IoT VLAN and the regular LAN where my source phone is at.
                  Then clicked the repeat tickbox and set up my pfsense domain and hostname settings.

                  Then I have followed the rest of the instructions for firewall rules.

                  I still can not find the chromecast when trying to cast from my phone.. Any advice or anything?

                  I 1 Reply Last reply Reply Quote 0
                  • I
                    incognito @incognito last edited by

                    @incognito said in Chromecast audio/video between VLANs:

                    I can not get this working with a chromecast gen. 2

                    I have chromecast on a IOT VLAN.
                    In Avahi I have picked "allow" mode and picked the IoT VLAN and the regular LAN where my source phone is at.
                    Then clicked the repeat tickbox and set up my pfsense domain and hostname settings.

                    Then I have followed the rest of the instructions for firewall rules.

                    I still can not find the chromecast when trying to cast from my phone.. Any advice or anything?

                    EDIT:
                    Actually it did work.. Seems like it took some time to get working. Maybe was a cache thing..

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post

                    Products

                    • Platform Overview
                    • TNSR
                    • pfSense Plus
                    • Appliances

                    Services

                    • Training
                    • Professional Services

                    Support

                    • Subscription Plans
                    • Contact Support
                    • Product Lifecycle
                    • Documentation

                    News

                    • Media Coverage
                    • Press
                    • Events

                    Resources

                    • Blog
                    • FAQ
                    • Find a Partner
                    • Resource Library
                    • Security Information

                    Company

                    • About Us
                    • Careers
                    • Partners
                    • Contact Us
                    • Legal
                    Our Mission

                    We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

                    Subscribe to our Newsletter

                    Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

                    © 2021 Rubicon Communications, LLC | Privacy Policy