This is a pretty common scenario:
You have a media server (think windows media server or XBMC server) that is connected to your wired network. You also have a variety of wireless clients (think netbooks or laptops) that you would like to setup in order to use the media server via streaming or UPnP. In my particular case I had a wireless ubuntu laptop hosting uShare which I wanted to connect to my wired Xbox 360 to play content on the TV. (to read more about setting up uShare on ubuntu follow the blogpost here: http://nexus172.wordpress.com/2009/04/26/how-to-stream-video-to-your-xbox360-using-ubuntu-ushare/)
Only problem is, good security practices state that you should segregate the wireless and wired networks into different subnets, which is what I had done. My sonicwall firewall separated the two subnets and filtered traffic passing between them. Now in my support days SonicWALL’s official stance used to be that they do not support Xbox since UPnP is inherently not very secure (which is true) and it opens different ports to make things a bit more interesting. Nevertheless with some multicasting knowledge I managed to get this working using the following method:
1. Setup the uShare server as described in the link. (pity uShare is not under active development anymore… if this bothers you, you may want to consider installing and setting up XBMC as a UPnP server)
2. Took a packet capture on the sonicwall and reproduced the issue. I saw something similar to the following (in this screenshot traffic is passing, though at this stage you probably will see the traffic being dropped)
Note how the destination IP is a multicast IP address : 184.108.40.206.
3. I enabled multicast on both the LAN (wired) and WLAN interfaces from the network > interfaces section:
4. At this point, I also enabled multicast via firewall > multicast. I thought it was a done deal at this point but the packet capture still showed the packets being dropped. The drop code showed an error code of 206. Looking this up on the sonicwall KB page here:
We see that 206 stands for: 206 No IGMP interface entry found
5. So under Firewall > Multicast > Multicast policies I disabled the option “Require IGMP membership reports for multicast data…” and chose the option “enable reception for the following multicast addresses: xbox”, where “xbox” is a network object containing a multicast address type IP of 220.127.116.11
6. In the WLAN > LAN and LAN > WLAN firewall rules I defined a rule to allow all UDP communication between the server and XBOX. For further security, you could run a packet capture to see which ports are being used by the XBOX, but these change so it’s a bit of a gamble.
Note that multicast only is used in the initial discovery phase, once that is done (i.e. xbox finds the UPnP server) the traffic is UDP unicast between the two nodes.
One last tip : this should be done automatically but just in case make sure appropriate allow rules exist in the LAN > MULTICAST and WLAN > MULTICAST firewall rules
That’s it! The packet capture was now showing packets being forwarded (as shown in my first screenshot)
4 thoughts on “UPnP Media Server to XBOX 360 streaming across SonicWALL”
Hi! Thanks for the information. The one thing I’m having difficulty with (being a linux noob) is figuring out what I need to set ?USHARE_IFACE=eth0″ to. I am using a computer that is connected through a switch, then a router. eth0/eth1 aren’t working. Any ideas?
The USHARE_IFACE variable tells ushare which interface to “listen” on, that is, which IP address it will use. Most PCs have a single interface connected with a valid IP. To check which interface you should use, from a commanld line, run the command ifconfig, that should give you a list of currently active network cards. Look at the output and try to find the IP address that you normally use for your PC, and use the corresponding network card.
After you’ve set this up, if it still doesn’t work your best bet would be to run a packet capture wherever you can, ideally both on the server and your router. See what is happening to the packets, for example, are the packets being seen by uShare, or are there no packets at all? (that would indicate a problem with the router rather than the uShare server)
Hope that helps point you in the right direction
Thanks, this also helps accessing DLNA Servers from WLAN (SonicPoint) to LAN.
This was very help in getting my SW UDP server visible to my remote clients. Thanks