UPnP through IGMP Proxy



  • Need some help getting UPnP through a Layer 3 nortel 5510-48t switch to my pfSense edge router. I've posted my switch's config below and I've linked to a screenshot of my IGMP proxy config in pfSense. I posted on a nortel forum but got 90 views and not one reply. So I don't know if I'm going at this the right way or what but if someone can tell me the basics of getting UPnP to forward ports to work I would appreciate it.

    EDIT: It might be worth noting that the port between my switch and edge router is configured as an access and not a trunk port.

    http://i.imgur.com/PcRnuDA.png

    ! Embedded ASCII Configuration Generator Script
    ! Model = Ethernet Routing Switch 5510-48T
    ! Software version = v6.3.3.041
    !
    ! Displaying only parameters different to default
    !================================================
    enable
    configure terminal
    !
    ! *** CORE ***
    !
    sntp server primary address 50.241.66.170
    sntp server secondary address 108.166.189.70
    sntp enable
    sntp sync-interval 168

    telnet-access inactive-timeout 10
    cli password serial local
    cli password telnet local
    ! username "user" "" ro
    ! username "admin" "
    " rw
    tftp-server 172.16.0.10
    !
    ! *** SNMP ***
    !
    !
    ! *** IP  ***
    !
    ip default-gateway 192.168.0.254
    ip address stack 0.0.0.0
    ip address switch 192.168.0.1
    ip address source configured-address
    ip name-server 192.168.1.100
    ip name-server 192.168.1.32
    !
    ! *** IP Manager ***
    !
    !
    ! *** ASSET ID ***
    !
    !
    ! *** IPFIX ***
    !
    !
    ! *** System Logging ***
    !
    !
    ! *** STACK ***
    !
    !
    ! *** Default Command Interface ***
    !
    !
    ! *** Custom Banner ***
    !
    banner custom
    banner 1 "WARNING: This computer system and network is PRIVATE and PROPRIETARY
    and may"
    banner 2 "only be accessed by authorized users. Unauthorized use of this comput
    er system"
    banner 3 "or network is strictly prohibited and may be subject to criminal pros
    ecution,"
    banner 4 "employee discipline up to and including discharge, or the termination
    of the"
    banner 5 "vendor/service contracts. The owner, or its agents, may monitor any a
    ctivity"
    banner 6 "or communication on the computer system or network."
    !
    ! *** SSH ***
    !
    ssh
    !
    ! *** SSL ***
    !
    ssl
    !
    ! *** SSHC ***
    !
    !
    ! *** STP (Phase 1) ***
    !
    spanning-tree port-mode auto
    !
    ! *** VLAN ***
    !
    vlan create 99-101 type port 1
    vlan name 99 "Native VLAN"
    vlan name 100 "My LAN Devices"
    vlan name 101 "Wireless Devices"
    vlan configcontrol flexible
    vlan members 1 1
    vlan members 99 2-23,25-45,47-48
    vlan members 100 46
    vlan members 101 24
    vlan ports 2-23 pvid 99
    vlan ports 24 pvid 101
    vlan ports 25-45 pvid 99
    vlan ports 46 pvid 100
    vlan ports 47-48 pvid 99
    no auto-pvid
    !
    ! *** EAP ***
    !
    !
    ! *** EAP Guest VLAN ***
    !
    !
    ! *** EAP Fail Open VLAN ***
    !
    !
    ! *** EAP Voip VLAN ***
    !
    !
    ! *** 802.1ab ***
    !

    !
    ! *** 802.1ab vendor-specific Avaya TLVs config ***
    !
    !
    ! *** 802.1AB MED Voice Network Policies ***
    !
    !
    ! *** QOS ***
    !
    !
    ! *** RMON ***
    !
    !
    ! *** Interface ***
    !
    !
    ! *** Rate-Limit ***
    !
    !
    ! *** MLT (Phase 1) ***
    !
    !
    ! *** MAC-Based Security ***
    !
    !
    ! *** LACP ***
    !
    !
    ! *** ADAC ***
    !
    !
    ! *** STP (Phase 2) ***
    !
    interface FastEthernet ALL
    spanning-tree port 2-48 learning fast
    spanning-tree bpdu-filtering port 2-23,25-48 enable
    exit
    !
    ! *** Port Mirroring ***
    !
    !
    ! *** VLAN Phase 2***
    !
    !
    ! *** MLT (Phase 2) ***
    !
    !
    ! *** PoE ***
    !
    !
    ! *** RTC ***
    !
    clock time-zone CST -6 0
    clock summer-time recurring 2 Sunday March 02:00 1 Sunday November 02:00 60
    !
    ! *** Avaya Energy Saver ***
    !
    !
    ! *** AUR ***
    !
    !
    ! *** AAUR ***
    !
    !
    ! *** L3 ***
    !
    !
    ip routing
    !
    interface vlan 99
    ip address 192.168.1.254 255.255.255.0 2
    exit
    interface vlan 100
    ip address 172.16.0.62 255.255.255.192 3
    exit
    interface vlan 101
    ip address 172.16.1.126 255.255.255.128 4
    exit

    ! –- ECMP ---

    ! No license for ECMP.
    ! Contact support@avaya.com to update Software license.
    ip route 0.0.0.0 0.0.0.0 192.168.0.254 10
    !
    ! *** Brouter Port ***
    !
    !
    ! *** IPV6 ***
    !
    !
    ! *** NSNA ***
    !
    !
    ! *** VLACP ***
    !
    !
    ! *** DHCP Relay ***
    !
    ip dhcp-relay fwd-path 172.16.0.62 192.168.1.30
    ip dhcp-relay fwd-path 172.16.0.62 192.168.1.30 mode dhcp
    ip dhcp-relay fwd-path 172.16.0.62 192.168.1.31
    ip dhcp-relay fwd-path 172.16.0.62 192.168.1.31 mode dhcp
    ip dhcp-relay fwd-path 172.16.0.62 192.168.1.100
    ip dhcp-relay fwd-path 172.16.0.62 192.168.1.100 mode dhcp
    ip dhcp-relay fwd-path 172.16.1.126 192.168.1.30
    ip dhcp-relay fwd-path 172.16.1.126 192.168.1.30 mode dhcp
    ip dhcp-relay fwd-path 172.16.1.126 192.168.1.31
    ip dhcp-relay fwd-path 172.16.1.126 192.168.1.31 mode dhcp
    ip dhcp-relay fwd-path 172.16.1.126 192.168.1.100
    ip dhcp-relay fwd-path 172.16.1.126 192.168.1.100 mode dhcp
    interface vlan 100
    ip dhcp-relay  mode dhcp
    ip dhcp-relay broadcast
    exit
    interface vlan 101
    ip dhcp-relay  mode dhcp
    ip dhcp-relay broadcast
    exit
    !
    ! *** L3 Protocols ***
    !

    ! --- IP Directed Broadcast ---

    ! --- Proxy ARP ---

    ! --- UDP Broadcast Forwarding ---

    ! --- VRRP ---

    ! --- Route Policies ---

    ! --- OSPF ---

    router ospf
    router-id 155.218.236.0
    exit

    ! --- RIP ---

    !
    ! *** DHCP SNOOPING ***
    !
    !
    ! *** ARP INSPECTION ***
    !
    !
    ! *** IP SOURCE GUARD ***
    !
    !
    ! *** IGMP ***
    !
    ip igmp op-mode non-5510
    interface vlan 1
    ip igmp snooping
    ip igmp proxy
    ip igmp send-query
    exit
    interface vlan 99
    ip igmp snooping
    exit
    interface vlan 100
    ip igmp snooping
    ip igmp send-query
    exit
    interface vlan 101
    ip igmp snooping
    exit
    no ip igmp ssm dynamic-learning
    !
    ! *** STACK MONITOR ***
    !
    !
    ! *** SMLT ***
    !
    !
    ! *** SLPP ***
    !
    !
    ! *** SLPP-guard ***
    !
    !
    ! *** PIM ***
    !
    !
    ! *** UNICAST STORM CONTROL ***
    !
    !
    ! *** SLAMON ***
    !


Log in to reply