UPNP no routed between LAN and OPT1 interfaces.

  • Encountering a simple complex issue with pfsense. I have three servers on a subnet 172.16.11.x attached to OPT1 interface and clients on 172.16.10.x attached LAN interface. The rules on the interfaces (LAN and OPT1) are source port/IP and destination port/IP any any.

    I am trying to reach the servers in the OPT1 using UPNP. The issue is that the packets are not being passed between the LAN and the OPT1 interfaces. The firewall rules as allowing the packets to pass through without any issues. UPNP has been enabled and allow rules for is allowed from ports 400-65535 for testing purposes. One server was connected directly to OPT1 and a client on the LAN side, still no UPNP connection.

    For every search in google library I found, it is mention that the by default pfsense should route between interfaces once a firewall rules are set, which they are. Still trying to get this working. The only time I can make UPNP work with pfsense is if both server and client are on the same subnet. Same issue I am encountering passing UPNP over VPN on OPT2 interface.

    Can someone please point me in the right direction to get this working?

    Thank you in advanced for any assistance in this matter.

  • Not knowing anything about your servers and what they do.. What is the purpose that you are trying to use UPNP?

  • @chpalmer The purpose for UPNP is to configure the client automatically. The server is a media server; however, irrelevant to the server function, the UPNP should be able to routed between the interfaces. As indicated previously, I have a computer directly connected to OPT1 interface and there is no indication of the UPNP call from the client passing to the LAN interface. I know the media server is configured properly since, if both, the client and server, are placed on the same subnet, meaning both on the same OPT1 interface, the client is able to discovered the UPNP connection to the media server. What actually needs to happen, is for the packets to pass between LAN to OPT1. The only remaining control is routing between the LAN interface and OPT1 interface.

    Thank you for your time.

    Where did you get the idea that UPnP can be routed? It uses multicast

    What exactly are you wanting to do with UPnP - was the point of the question, because you might be able to get it work with either the igmp proxy or pimd. Depending the exact use case.

    But no its not going to just route across segments out of the box.

    Are you wanting your client to discover your DLNA server? If you give some specifics, we can discuss the options to get it to work.

  • @johnpoz I understand that it is multicast and only addresses the computer on the same segment.
    While investigating the issue, in the pfsense documentation, only mentioned to enble UPNP & NAT-PMP which give the impression it will make UPNP work in a crossed inter face, this feature has been enabled but still no go. On the same note, UPNP & NAT-PMP is not needed if both systems are on the same segment sine I tested the connection with UPNP & NAT-PMP disable and I was able to discover the server from the client, again, as long as the client was in the same segment. Meaning, it defeat the purpose of this feature if it does not allow multicast passthrough between interfaces. Dosen't DLNA still depends on UPNP to discover devices?

    Answering your question, the idea is to discover DLNA and pass streaming to clients in the other segment of the network. Basically, if I can get UPNP to passthrough I think I can get DLNA to communicate with the other devices.

    Thank you in advance for your assistance.

  • Anyone that can provide some assistance on this issue?
    Could be possible that this is a bug in the pfsense?
    Any advice or recommendations trying to fix this issue?

    Thank you in advance.

