UPnP through IGMP Proxy
-
Need some help getting UPnP through a Layer 3 nortel 5510-48t switch to my pfSense edge router. I've posted my switch's config below and I've linked to a screenshot of my IGMP proxy config in pfSense. I posted on a nortel forum but got 90 views and not one reply. So I don't know if I'm going at this the right way or what but if someone can tell me the basics of getting UPnP to forward ports to work I would appreciate it.
EDIT: It might be worth noting that the port between my switch and edge router is configured as an access and not a trunk port.
http://i.imgur.com/PcRnuDA.png
! Embedded ASCII Configuration Generator Script
! Model = Ethernet Routing Switch 5510-48T
! Software version = v6.3.3.041
!
! Displaying only parameters different to default
!================================================
enable
configure terminal
!
! *** CORE ***
!
sntp server primary address 50.241.66.170
sntp server secondary address 108.166.189.70
sntp enable
sntp sync-interval 168telnet-access inactive-timeout 10
cli password serial local
cli password telnet local
! username "user" "" ro
! username "admin" "" rw
tftp-server 172.16.0.10
!
! *** SNMP ***
!
!
! *** IP ***
!
ip default-gateway 192.168.0.254
ip address stack 0.0.0.0
ip address switch 192.168.0.1
ip address source configured-address
ip name-server 192.168.1.100
ip name-server 192.168.1.32
!
! *** IP Manager ***
!
!
! *** ASSET ID ***
!
!
! *** IPFIX ***
!
!
! *** System Logging ***
!
!
! *** STACK ***
!
!
! *** Default Command Interface ***
!
!
! *** Custom Banner ***
!
banner custom
banner 1 "WARNING: This computer system and network is PRIVATE and PROPRIETARY
and may"
banner 2 "only be accessed by authorized users. Unauthorized use of this comput
er system"
banner 3 "or network is strictly prohibited and may be subject to criminal pros
ecution,"
banner 4 "employee discipline up to and including discharge, or the termination
of the"
banner 5 "vendor/service contracts. The owner, or its agents, may monitor any a
ctivity"
banner 6 "or communication on the computer system or network."
!
! *** SSH ***
!
ssh
!
! *** SSL ***
!
ssl
!
! *** SSHC ***
!
!
! *** STP (Phase 1) ***
!
spanning-tree port-mode auto
!
! *** VLAN ***
!
vlan create 99-101 type port 1
vlan name 99 "Native VLAN"
vlan name 100 "My LAN Devices"
vlan name 101 "Wireless Devices"
vlan configcontrol flexible
vlan members 1 1
vlan members 99 2-23,25-45,47-48
vlan members 100 46
vlan members 101 24
vlan ports 2-23 pvid 99
vlan ports 24 pvid 101
vlan ports 25-45 pvid 99
vlan ports 46 pvid 100
vlan ports 47-48 pvid 99
no auto-pvid
!
! *** EAP ***
!
!
! *** EAP Guest VLAN ***
!
!
! *** EAP Fail Open VLAN ***
!
!
! *** EAP Voip VLAN ***
!
!
! *** 802.1ab ***
!!
! *** 802.1ab vendor-specific Avaya TLVs config ***
!
!
! *** 802.1AB MED Voice Network Policies ***
!
!
! *** QOS ***
!
!
! *** RMON ***
!
!
! *** Interface ***
!
!
! *** Rate-Limit ***
!
!
! *** MLT (Phase 1) ***
!
!
! *** MAC-Based Security ***
!
!
! *** LACP ***
!
!
! *** ADAC ***
!
!
! *** STP (Phase 2) ***
!
interface FastEthernet ALL
spanning-tree port 2-48 learning fast
spanning-tree bpdu-filtering port 2-23,25-48 enable
exit
!
! *** Port Mirroring ***
!
!
! *** VLAN Phase 2***
!
!
! *** MLT (Phase 2) ***
!
!
! *** PoE ***
!
!
! *** RTC ***
!
clock time-zone CST -6 0
clock summer-time recurring 2 Sunday March 02:00 1 Sunday November 02:00 60
!
! *** Avaya Energy Saver ***
!
!
! *** AUR ***
!
!
! *** AAUR ***
!
!
! *** L3 ***
!
!
ip routing
!
interface vlan 99
ip address 192.168.1.254 255.255.255.0 2
exit
interface vlan 100
ip address 172.16.0.62 255.255.255.192 3
exit
interface vlan 101
ip address 172.16.1.126 255.255.255.128 4
exit! –- ECMP ---
! No license for ECMP.
! Contact support@avaya.com to update Software license.
ip route 0.0.0.0 0.0.0.0 192.168.0.254 10
!
! *** Brouter Port ***
!
!
! *** IPV6 ***
!
!
! *** NSNA ***
!
!
! *** VLACP ***
!
!
! *** DHCP Relay ***
!
ip dhcp-relay fwd-path 172.16.0.62 192.168.1.30
ip dhcp-relay fwd-path 172.16.0.62 192.168.1.30 mode dhcp
ip dhcp-relay fwd-path 172.16.0.62 192.168.1.31
ip dhcp-relay fwd-path 172.16.0.62 192.168.1.31 mode dhcp
ip dhcp-relay fwd-path 172.16.0.62 192.168.1.100
ip dhcp-relay fwd-path 172.16.0.62 192.168.1.100 mode dhcp
ip dhcp-relay fwd-path 172.16.1.126 192.168.1.30
ip dhcp-relay fwd-path 172.16.1.126 192.168.1.30 mode dhcp
ip dhcp-relay fwd-path 172.16.1.126 192.168.1.31
ip dhcp-relay fwd-path 172.16.1.126 192.168.1.31 mode dhcp
ip dhcp-relay fwd-path 172.16.1.126 192.168.1.100
ip dhcp-relay fwd-path 172.16.1.126 192.168.1.100 mode dhcp
interface vlan 100
ip dhcp-relay mode dhcp
ip dhcp-relay broadcast
exit
interface vlan 101
ip dhcp-relay mode dhcp
ip dhcp-relay broadcast
exit
!
! *** L3 Protocols ***
!! --- IP Directed Broadcast ---
! --- Proxy ARP ---
! --- UDP Broadcast Forwarding ---
! --- VRRP ---
! --- Route Policies ---
! --- OSPF ---
router ospf
router-id 155.218.236.0
exit! --- RIP ---
!
! *** DHCP SNOOPING ***
!
!
! *** ARP INSPECTION ***
!
!
! *** IP SOURCE GUARD ***
!
!
! *** IGMP ***
!
ip igmp op-mode non-5510
interface vlan 1
ip igmp snooping
ip igmp proxy
ip igmp send-query
exit
interface vlan 99
ip igmp snooping
exit
interface vlan 100
ip igmp snooping
ip igmp send-query
exit
interface vlan 101
ip igmp snooping
exit
no ip igmp ssm dynamic-learning
!
! *** STACK MONITOR ***
!
!
! *** SMLT ***
!
!
! *** SLPP ***
!
!
! *** SLPP-guard ***
!
!
! *** PIM ***
!
!
! *** UNICAST STORM CONTROL ***
!
!
! *** SLAMON ***
!