Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 18 replies
  • Subscribers 3 subscribers
  • Views 19040 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

UTM (bonjour) and Airport Express issue

wingman
Hi All

I just bought an airport express in order to use the airplay feature. I have connected via the ethernet port to my switch and set it up in bridge mode whilst turning wireless off. However, even though it gets DHCP address via UTM (same subnet as wifi internal clients and therefore no Multicast Routing (PIM-SM) needed )  I am not able to "detect" it via internal hosts

They are on the same subnet and therefore bonjour service should not be blocked.However, it doesn't work (even though I can ping the AE host from the wifi hosts)

Anyone had any experience with UTM and Bonjour services (Airport express)?

It seems that airport express is trying to contact UTM on port 1900 and 5351 (UPnP and NAT).Is this requirement for Bonjour service? I would expect to see UDP 5353 (multicast DNS) as destination and not source!

id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1.10" srcmac="88:1f:a1:3d:ee:94" dstmac="0:1a:8c:12:ea:e1" srcip="Airport Express" dstip="UTM" proto="17" length="30" tos="0x00" prec="0x00" ttl="255" srcport="5353" dstport="5351"
id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1.10" mark="0x31d7" app="471" srcmac="88:1f:a1:3d:ee:94" dstmac="0:1a:8c:12:ea:e1" srcip="Airport Express" dstip="UTM" proto="17" length="156" tos="0x00" prec="0x00" ttl="255" srcport="53288" dstport="1900"
id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1.10" srcmac="88:1f:a1:3d:ee:94" dstmac="0:1a:8c:12:ea:e1" srcip="Airport Express" dstip="UTM" proto="17" length="30" tos="0x00" prec="0x00" ttl="255" srcport="5353" dstport="5351"
id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1.10" mark="0x31d7" app="471" srcmac="88:1f:a1:3d:ee:94" dstmac="0:1a:8c:12:ea:e1" srcip="Airport Express" dstip="UTM" proto="17" length="156" tos="0x00" prec="0x00" ttl="255" srcport="64606" dstport="1900"
id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1.10" srcmac="88:1f:a1:3d:ee:94" dstmac="0:1a:8c:12:ea:e1" srcip="Airport Express" dstip="UTM" proto="17" length="30" tos="0x00" prec="0x00" ttl="255" srcport="5353" dstport="5351"
id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1.10" mark="0x31d7" app="471" srcmac="88:1f:a1:3d:ee:94" dstmac="0:1a:8c:12:ea:e1" srcip="Airport Express" dstip="UTM" proto="17" length="157" tos="0x00" prec="0x00" ttl="255" srcport="64606" dstport="1900"
id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1.10" srcmac="88:1f:a1:3d:ee:94" dstmac="0:1a:8c:12:ea:e1" srcip="Airport Express" dstip="UTM" proto="17" length="30" tos="0x00" prec="0x00" ttl="255" srcport="5353" dstport="5351"
id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1.10" mark="0x31d7" app="471" srcmac="88:1f:a1:3d:ee:94" dstmac="0:1a:8c:12:ea:e1" srcip="Airport Express" dstip="UTM" proto="17" length="156" tos="0x00" prec="0x00" ttl="255" srcport="64606" dstport="1900"
id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1.10" srcmac="88:1f:a1:3d:ee:94" dstmac="0:1a:8c:12:ea:e1" srcip="Airport Express" dstip="UTM" proto="17" length="30" tos="0x00" prec="0x00" ttl="255" srcport="5353" dstport="5351"
id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1.10" mark="0x31d7" app="471" srcmac="88:1f:a1:3d:ee:94" dstmac="0:1a:8c:12:ea:e1" srcip="Airport Express" dstip="UTM" proto="17" length="157" tos="0x00" prec="0x00" ttl="255" srcport="64606" dstport="1900"
id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1.10" srcmac="88:1f:a1:3d:ee:94" dstmac="0:1a:8c:12:ea:e1" srcip="Airport Express" dstip="UTM" proto="17" length="30" tos="0x00" prec="0x00" ttl="255" srcport="5353" dstport="5351"
id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1.10" mark="0x31d7" app="471" srcmac="88:1f:a1:3d:ee:94" dstmac="0:1a:8c:12:ea:e1" srcip="Airport Express" dstip="UTM" proto="17" length="156" tos="0x00" prec="0x00" ttl="255" srcport="64606" dstport="1900"
id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1.10" srcmac="88:1f:a1:3d:ee:94" dstmac="0:1a:8c:12:ea:e1" srcip="Airport Express" dstip="UTM" proto="17" length="30" tos="0x00" prec="0x00" ttl="255" srcport="5353" dstport="5351"
id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1.10" mark="0x31d7" app="471" srcmac="88:1f:a1:3d:ee:94" dstmac="0:1a:8c:12:ea:e1" srcip="Airport Express" dstip="UTM" proto="17" length="157" tos="0x00" prec="0x00" ttl="255" srcport="64606" dstport="1900"


Also port 192 (UDP) is been blocked by UTM. This port is related to airport extreme discovery (http://support.apple.com/kb/TS1629)
2013:10:27-00:57:03 stuffman ulogd[4568]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1.10" srcmac="70:56:81:c2:3a:19" dstmac="0:1a:8c:12:ea:e1" srcip="" dstip="UTM" proto="17" length="32" tos="0x00" prec="0x00" ttl="64" srcport="65009" dstport="192" 


Thanks


This thread was automatically locked due to age.
Parents
  • 0


    Hi William

    AE was routed to UTM via a switch but it didn't seem to work.Maybe it was a switch issue. I have it connected via wireless and it works fine apart from some lag.

    Thanks


    Bonjour doesn't work with vlans iirc...if that switch us doing vlans that's the issue...utm can't block something that doesn't pass through it
Reply
  • 0


    Hi William

    AE was routed to UTM via a switch but it didn't seem to work.Maybe it was a switch issue. I have it connected via wireless and it works fine apart from some lag.

    Thanks


    Bonjour doesn't work with vlans iirc...if that switch us doing vlans that's the issue...utm can't block something that doesn't pass through it
Children
  • 0 in reply to William Warren
      Bonjour doesn't work with vlans iirc...if that switch us doing vlans that's the issue...utm can't block something that doesn't pass through it


    But both ports are on the same vlan and therefore one broadcast domain. I am not routing between two different vlans