4. UPnP through IGMP Proxy

UPnP through IGMP Proxy

  • C

    Need some help getting UPnP through a Layer 3 nortel 5510-48t switch to my pfSense edge router. I've posted my switch's config below and I've linked to a screenshot of my IGMP proxy config in pfSense. I posted on a nortel forum but got 90 views and not one reply. So I don't know if I'm going at this the right way or what but if someone can tell me the basics of getting UPnP to forward ports to work I would appreciate it.

    EDIT: It might be worth noting that the port between my switch and edge router is configured as an access and not a trunk port.

    http://i.imgur.com/PcRnuDA.png

    ! Embedded ASCII Configuration Generator Script
    ! Model = Ethernet Routing Switch 5510-48T
    ! Software version = v6.3.3.041
    !
    ! Displaying only parameters different to default
    !================================================
    enable
    configure terminal
    !
    ! *** CORE ***
    !
    sntp server primary address 50.241.66.170
    sntp server secondary address 108.166.189.70
    sntp enable
    sntp sync-interval 168

    telnet-access inactive-timeout 10
    cli password serial local
    cli password telnet local
    ! username "user" "" ro
    ! username "admin" "    " rw
    tftp-server 172.16.0.10
    !
    ! *** SNMP ***
    !
    !
    ! *** IP  ***
    !
    ip default-gateway 192.168.0.254
    ip address stack 0.0.0.0
    ip address switch 192.168.0.1
    ip address source configured-address
    ip name-server 192.168.1.100
    ip name-server 192.168.1.32
    !
    ! *** IP Manager ***
    !
    !
    ! *** ASSET ID ***
    !
    !
    ! *** IPFIX ***
    !
    !
    ! *** System Logging ***
    !
    !
    ! *** STACK ***
    !
    !
    ! *** Default Command Interface ***
    !
    !
    ! *** Custom Banner ***
    !
    banner custom
    banner 1 "WARNING: This computer system and network is PRIVATE and PROPRIETARY
    and may"
    banner 2 "only be accessed by authorized users. Unauthorized use of this comput
    er system"
    banner 3 "or network is strictly prohibited and may be subject to criminal pros
    ecution,"
    banner 4 "employee discipline up to and including discharge, or the termination
    of the"
    banner 5 "vendor/service contracts. The owner, or its agents, may monitor any a
    ctivity"
    banner 6 "or communication on the computer system or network."
    !
    ! *** SSH ***
    !
    ssh
    !
    ! *** SSL ***
    !
    ssl
    !
    ! *** SSHC ***
    !
    !
    ! *** STP (Phase 1) ***
    !
    spanning-tree port-mode auto
    !
    ! *** VLAN ***
    !
    vlan create 99-101 type port 1
    vlan name 99 "Native VLAN"
    vlan name 100 "My LAN Devices"
    vlan name 101 "Wireless Devices"
    vlan configcontrol flexible
    vlan members 1 1
    vlan members 99 2-23,25-45,47-48
    vlan members 100 46
    vlan members 101 24
    vlan ports 2-23 pvid 99
    vlan ports 24 pvid 101
    vlan ports 25-45 pvid 99
    vlan ports 46 pvid 100
    vlan ports 47-48 pvid 99
    no auto-pvid
    !
    ! *** EAP ***
    !
    !
    ! *** EAP Guest VLAN ***
    !
    !
    ! *** EAP Fail Open VLAN ***
    !
    !
    ! *** EAP Voip VLAN ***
    !
    !
    ! *** 802.1ab ***
    !

    !
    ! *** 802.1ab vendor-specific Avaya TLVs config ***
    !
    !
    ! *** 802.1AB MED Voice Network Policies ***
    !
    !
    ! *** QOS ***
    !
    !
    ! *** RMON ***
    !
    !
    ! *** Interface ***
    !
    !
    ! *** Rate-Limit ***
    !
    !
    ! *** MLT (Phase 1) ***
    !
    !
    ! *** MAC-Based Security ***
    !
    !
    ! *** LACP ***
    !
    !
    ! *** ADAC ***
    !
    !
    ! *** STP (Phase 2) ***
    !
    interface FastEthernet ALL
    spanning-tree port 2-48 learning fast
    spanning-tree bpdu-filtering port 2-23,25-48 enable
    exit
    !
    ! *** Port Mirroring ***
    !
    !
    ! *** VLAN Phase 2***
    !
    !
    ! *** MLT (Phase 2) ***
    !
    !
    ! *** PoE ***
    !
    !
    ! *** RTC ***
    !
    clock time-zone CST -6 0
    clock summer-time recurring 2 Sunday March 02:00 1 Sunday November 02:00 60
    !
    ! *** Avaya Energy Saver ***
    !
    !
    ! *** AUR ***
    !
    !
    ! *** AAUR ***
    !
    !
    ! *** L3 ***
    !
    !
    ip routing
    !
    interface vlan 99
    ip address 192.168.1.254 255.255.255.0 2
    exit
    interface vlan 100
    ip address 172.16.0.62 255.255.255.192 3
    exit
    interface vlan 101
    ip address 172.16.1.126 255.255.255.128 4
    exit

    ! –- ECMP ---

    ! No license for ECMP.
    ! Contact support@avaya.com to update Software license.
    ip route 0.0.0.0 0.0.0.0 192.168.0.254 10
    !
    ! *** Brouter Port ***
    !
    !
    ! *** IPV6 ***
    !
    !
    ! *** NSNA ***
    !
    !
    ! *** VLACP ***
    !
    !
    ! *** DHCP Relay ***
    !
    ip dhcp-relay fwd-path 172.16.0.62 192.168.1.30
    ip dhcp-relay fwd-path 172.16.0.62 192.168.1.30 mode dhcp
    ip dhcp-relay fwd-path 172.16.0.62 192.168.1.31
    ip dhcp-relay fwd-path 172.16.0.62 192.168.1.31 mode dhcp
    ip dhcp-relay fwd-path 172.16.0.62 192.168.1.100
    ip dhcp-relay fwd-path 172.16.0.62 192.168.1.100 mode dhcp
    ip dhcp-relay fwd-path 172.16.1.126 192.168.1.30
    ip dhcp-relay fwd-path 172.16.1.126 192.168.1.30 mode dhcp
    ip dhcp-relay fwd-path 172.16.1.126 192.168.1.31
    ip dhcp-relay fwd-path 172.16.1.126 192.168.1.31 mode dhcp
    ip dhcp-relay fwd-path 172.16.1.126 192.168.1.100
    ip dhcp-relay fwd-path 172.16.1.126 192.168.1.100 mode dhcp
    interface vlan 100
    ip dhcp-relay  mode dhcp
    ip dhcp-relay broadcast
    exit
    interface vlan 101
    ip dhcp-relay  mode dhcp
    ip dhcp-relay broadcast
    exit
    !
    ! *** L3 Protocols ***
    !

    ! --- IP Directed Broadcast ---

    ! --- Proxy ARP ---

    ! --- UDP Broadcast Forwarding ---

    ! --- VRRP ---

    ! --- Route Policies ---

    ! --- OSPF ---

    router ospf
    router-id 155.218.236.0
    exit

    ! --- RIP ---

    !
    ! *** DHCP SNOOPING ***
    !
    !
    ! *** ARP INSPECTION ***
    !
    !
    ! *** IP SOURCE GUARD ***
    !
    !
    ! *** IGMP ***
    !
    ip igmp op-mode non-5510
    interface vlan 1
    ip igmp snooping
    ip igmp proxy
    ip igmp send-query
    exit
    interface vlan 99
    ip igmp snooping
    exit
    interface vlan 100
    ip igmp snooping
    ip igmp send-query
    exit
    interface vlan 101
    ip igmp snooping
    exit
    no ip igmp ssm dynamic-learning
    !
    ! *** STACK MONITOR ***
    !
    !
    ! *** SMLT ***
    !
    !
    ! *** SLPP ***
    !
    !
    ! *** SLPP-guard ***
    !
    !
    ! *** PIM ***
    !
    !
    ! *** UNICAST STORM CONTROL ***
    !
    !
    ! *** SLAMON ***
    !

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2019 Rubicon Communications, LLC | Privacy Policy