Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Revamp of an old closed question regarding uPnP proxy.

    pfSense Packages
    1
    1
    460
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      mrzaz last edited by

      This is to revamp an old question regarding "uPnP proxy" that was answered by jimp but was only partly true.
      https://forum.pfsense.org/index.php?topic=58956.msg316481#msg316481

      The IGMP Proxy that is included in the pfSense is good with handling local LANs physically tied to a defined NIC.
      However, it does not work well in an IPSec Site2Site routed environment and also not good in an OpenVPN Peer2Peer Site2Site routed environment.

      • For IPSec, you don't get any NIC to tie in as Downstream. (AFAIK)

      • For OpenVPN in Peer2Peer SharedKey, you will have both the routed net (routing table) and also the transport /30 net.
          If you connect an interface to the ovpnsX network port, it will only place the packets from the upstream on the
          traffic net and not on the LAN in the destination side. (AFAI have seen when doing tests)

      The only thing that works is when you Setup a OpenVPN Server (and create an interface tied to this ovpns) and connect with
      a normal client where the client is getting it's real IP on the same net as the pfSense OpenVPN adapter. 
      (eg. pfSense on 192.168.123.1 and PC client connected with OpenVPN client get 192.168.123.2)
      This I have tried working, but could not get the site2site version working. 
      The SSDP packets doesn't go all the way to the destination LAN but gets stuck halfway.

      The uPnP Proxy works in another way where it sets up a "Layer 3" routeable connection between 2 or more locations
      and let the system take care of the transport between the entities. Then the proxy extract the encapsulated SSDP
      and drop it out on the local LAN. (similar to what IGMP proxy does)

      I would really like the uPnp Proxy compiled as a package, but don't know if I have the skills to make the existing
      into a working package. !?

      Best regards
      Dan Lundqvist
      Stockholm, Sweden

      1 Reply Last reply Reply Quote 0
      • First post
        Last post