Revamp of an old closed question regarding uPnP proxy.



  • This is to revamp an old question regarding "uPnP proxy" that was answered by jimp but was only partly true.
    https://forum.pfsense.org/index.php?topic=58956.msg316481#msg316481

    The IGMP Proxy that is included in the pfSense is good with handling local LANs physically tied to a defined NIC.
    However, it does not work well in an IPSec Site2Site routed environment and also not good in an OpenVPN Peer2Peer Site2Site routed environment.

    • For IPSec, you don't get any NIC to tie in as Downstream. (AFAIK)

    • For OpenVPN in Peer2Peer SharedKey, you will have both the routed net (routing table) and also the transport /30 net.
        If you connect an interface to the ovpnsX network port, it will only place the packets from the upstream on the
        traffic net and not on the LAN in the destination side. (AFAI have seen when doing tests)

    The only thing that works is when you Setup a OpenVPN Server (and create an interface tied to this ovpns) and connect with
    a normal client where the client is getting it's real IP on the same net as the pfSense OpenVPN adapter. 
    (eg. pfSense on 192.168.123.1 and PC client connected with OpenVPN client get 192.168.123.2)
    This I have tried working, but could not get the site2site version working. 
    The SSDP packets doesn't go all the way to the destination LAN but gets stuck halfway.

    The uPnP Proxy works in another way where it sets up a "Layer 3" routeable connection between 2 or more locations
    and let the system take care of the transport between the entities. Then the proxy extract the encapsulated SSDP
    and drop it out on the local LAN. (similar to what IGMP proxy does)

    I would really like the uPnp Proxy compiled as a package, but don't know if I have the skills to make the existing
    into a working package. !?

    Best regards
    Dan Lundqvist
    Stockholm, Sweden


Log in to reply