Roku Player Not Playing Nice With PFsense 2.0.2



  • All the computers on my network are working fine including the laptops connecting to the same AP as the Roku. My issue is that after about a day of usage the Roku cannot connect anymore to the wireless or it will show connected to the wireless but wont connect to the internet to access a service such as Netflix. If i switch back to my old router which turned into the existing AP meaning i disconnect the PFSense firewall, re-enable DHCP on the AP and use it everything works just fine. The only way i can get the Roku to work again is to power cycle. Any ideas? ???



  • Have you tried just re-booting the AP?



  • AP and PFSense, the one thing that fails is the connect to local area network, but i can ping one PC from another



  • Is this related at all to the other AP thread you have?  Could it be that the Roku is also Linux-based and may be a driver issue or OS issue with the AP?



  • Does the problem persist with a wired Roku connection?  Or is it only when wireless?

    When this occurs is the Roku ping-able from the LAN/WLAN computers?

    Is the Roku software up to date?


  • Netgate Administrator

    @tim.mcmanus:

    Could it be that the Roku is also Linux-based….

    This was my first thought also. If the Roku box is running a Linux DHCP client this could be related to you other thread, perhaps it's failing to renew the lease correctly. You should be able to see this by looking at the lease times and the dhcp log, does the Roku box loose connectivity at the lease renewal time?

    Steve



  • @stephenw10:

    @tim.mcmanus:

    Could it be that the Roku is also Linux-based….

    This was my first thought also. If the Roku box is running a Linux DHCP client this could be related to you other thread, perhaps it's failing to renew the lease correctly. You should be able to see this by looking at the lease times and the dhcp log, does the Roku box loose connectivity at the lease renewal time?

    Steve

    I can say its not the usage anymore, in exactly 24hrs from the last reboot it looses connection, then i have to reboot it, when checking the connection it says connected, but cannot access any services, it only happens on wifi, wired seems to be fine, what it does do is sleep when im not using it, cant give it a static IP, no option on the Roku, since the other AP is a 172.xx.xx.xx address the Roku wont connect at all, in their forums it lists that it only likes the 192.168.xx.xx address range, on another note sometimes when i reboot the AP when this happens it sometimes will fix the issue, i keep forgetting to write down the error i get when i try to connect, im very curious what it does or tests when it goes to connect to LAN, it has three steps during the connection process, connect to wireless which goes green, connect to LAN which goes RED, then connect to internet which i cant tell which color it goes since it gives an error, but sometimes if i check a service after i get the error it works. I havent tried pinging the Roku when it stops working, i did read somewhere that enabling ICMP on the firewall/router fixed the LAN connect step, but i can ping from my laptop, my web server so im not sure if ICMP is being blocked at all. As i mentioned im curious since i have no idea and cannot find any info on what the Roku does during step 2, connecting to local area network. As for my other thread the issue is not with it getting an address, while in the linux OS it takes about 3x longer to grab one then the windows OS, same laptop, dual boot so i can say its not the hardware and more the OS, but i do agree it is a strange cowinkydink.

    EDIT: i do have an android phone that works without issue on the same AP connected to the PFSense firewall, the Roku firmware is up to date although there is a new update coming out shortly.


  • Netgate Administrator

    So it only happens going through wifi and it looses connectivity in exactly 24Hrs. Hmm.
    I think I would start to look at the wifi encryption re-keying intervals or anything else that can be set. It is usually something small like a few minutes but can be much higher if required. It may be set so high that the roku box is having a hard time handling it.

    Steve



  • I have the same config (pfsense and wireless access point) with multiple Roku boxes and no issue… The Roku boxes rarely ever lock up or disconnect.  I have the DHCP server configured to assign specific IP addresses for each of the Roku boxes. I also have rules that exclude the Roku boxes (by an IP address range) from being redirected to squid/dansguardian.


  • Netgate Administrator

    This all points to a wifi problem. Everything except that the box you are using as an access point now was previously functining just fine when it was handling routing duties as well.  :-
    Is it possible you changed the wifi settings when you disabled dhcp in the AP? Is it filtering the dhcp requests somehow?

    Steve



  • @stephenw10:

    This all points to a wifi problem. Everything except that the box you are using as an access point now was previously functining just fine when it was handling routing duties as well.  :-
    Is it possible you changed the wifi settings when you disabled dhcp in the AP? Is it filtering the dhcp requests somehow?

    Steve

    i dont think i did, its running buffalo's version of DD-WRT, i just left everything as is and on the main setup page i turned DHCP off, surprisingly it did not disconnect last night and sometimes if i get the error it still will work



  • @rjcrowder:

    I have the same config (pfsense and wireless access point) with multiple Roku boxes and no issue… The Roku boxes rarely ever lock up or disconnect.  I have the DHCP server configured to assign specific IP addresses for each of the Roku boxes. I also have rules that exclude the Roku boxes (by an IP address range) from being redirected to squid/dansguardian.

    During the 3 step connection process do your ROKU's fail on step 2? connect to local area network, if not, what did you setup/change in PFSense?



  • just so you guys know my setup, Steve is pretty familular with my setup since he helped create it

    stock PFSense
    Rules to allow outgoing traffic on LAN2 and LAN3
    Rules to allow TCP and UDP within the LAN2 network
    Rules to allow my webserver/mail server to be seen externally

    thats pretty much it, im on nanoBSD so i cant really install any extra packages unless someone knows how!?!


  • Netgate Administrator

    @ghostshell:

    i just left everything as is and on the main setup page i turned DHCP off

    You must have also reconnected it differently in some way. Is it now connected via one of its 'lan' ports? Is that bridged to the wifi?
    It would be easy to overlook something in the dd-wrt config that is filtering stuff.

    Steve



  • @stephenw10:

    @ghostshell:

    i just left everything as is and on the main setup page i turned DHCP off

    You must have also reconnected it differently in some way. Is it now connected via one of its 'lan' ports? Is that bridged to the wifi?
    It would be easy to overlook something in the dd-wrt config that is filtering stuff.

    Steve

    i decided last night to create a rule to allow all ICMP traffic within my LAN2 network, went to try and connect to my wireless network and all three connection steps went green! I plan on narrowing down which ICMP rule i need to let step 2 be successful and not just leave it set to any ICMP. Before that it didnt disconnect for over a day, looks like step 2 is sending a PING request somewhere, i have that traffic being logged so im gonna look and see what its doing during step 2. So far it seems like everything is OK now, will post if anything changes, thank you all for your help! Especially Steve, Steve to answer your question i have the LAN2 port connected to one of the switch ports on the buffalo router. i would like to use the WAN port so i can use my Barracuda device again, i think there is an option within DD-WRT, maybe not with the Buffalo branded one, to map the WAN port as a LAN port. Im kinda using it as a switch that has a wireless AP built in.

    I may have to create a new thread, but anyone know how to install any package on NanoBSD running off a CF card, i was told i could not install most packages.



  • Not sure on the Buffalo dd-wrt version, but the standard dd-wrt definitely lets you map WAN to LAN.



  • @rjcrowder:

    Not sure on the Buffalo dd-wrt version, but the standard dd-wrt definitely lets you map WAN to LAN.

    fingers crossed!


Log in to reply