11-11-2019 05:39 PM
We are trying to add devices, a doorbird (video doorbell) and a cisco phone to the network but seem to be running into some trouble when trying to find these things over wifi via their apps or other. The devices can be pinged and IPs found but using their in-app discovery tools, they are not found.
The vendors keep crying it is a network fail and we have nothing blocked so I want to make sure I can say that I have done all I can. The question is: have I done all I can? I understand the trouble of leaving it all on but to at least get this started I am hoping to eliminate some points of possible failure.
How can I be sure all mDns traffic is allowed on an SSID that is on the same vlan as a device? I have turned on SNMP in case that has anything to do with it. Inter-static traffic (sp?) is on and mDns drop is off.
What else can I do?
Thanks in advance.
Solved! Go to Solution.
11-11-2019 11:13 PM
Hey Tom,
As you've hinted to mDNS is a L2 type of traffic, so if these devices need to be visible across VLANs then you'll want to take advantage of our mDNS gateway that we refer to as a bonjour gateway. Assuming all devices are in the same VLAN then there are a few additional setting that might be blocking mDNS traffic on your SSID. First make sure you don't have any firewall policies enabled in your User Profiles...
Under "Additional Settings" select the "Customize" button to the right of "Optional Settings" and scroll down the page a bit until you see "Broadcast and Multicast Handling" on the right. In the image below an unchecked box means that the traffic will be dropped, so you could check all boxes to ensure mDNS traffic is NOT being blocked on this SSID...don't forget to push an update to your AP before testing!
Also, from the CLI you can run a few commends (#show mdns ?) to see what mDNS traffic the AP is seeing...
AP250.Omega.Portal#show mdns counter /*to see if any mDNS traffic is passing through the AP and/or being filtered
VLAN 1
In : local=36, remote=0, relayed=0, filtered query=0, filtered response=0
Out: relayed query=0, relayed response=0, relayed car drop=0, send by myself=11
VLAN 201
In : local=9238, remote=0, relayed=0, filtered query=0, filtered response=0
Out: relayed query=0, relayed response=0, relayed car drop=0, send by myself=0
Uptime:99201 seconds, Total: in=9274, out=0, relayed car drop=0, sent by myself=11
11-18-2019 02:03 AM
Thanks for the reply. So to allow Mdns traffic, I should check all of those boxes? I saw drop and missed the exclude part so I have not been using that piece. I will give it a shot. Thanks!
11-11-2019 11:13 PM
Hey Tom,
As you've hinted to mDNS is a L2 type of traffic, so if these devices need to be visible across VLANs then you'll want to take advantage of our mDNS gateway that we refer to as a bonjour gateway. Assuming all devices are in the same VLAN then there are a few additional setting that might be blocking mDNS traffic on your SSID. First make sure you don't have any firewall policies enabled in your User Profiles...
Under "Additional Settings" select the "Customize" button to the right of "Optional Settings" and scroll down the page a bit until you see "Broadcast and Multicast Handling" on the right. In the image below an unchecked box means that the traffic will be dropped, so you could check all boxes to ensure mDNS traffic is NOT being blocked on this SSID...don't forget to push an update to your AP before testing!
Also, from the CLI you can run a few commends (#show mdns ?) to see what mDNS traffic the AP is seeing...
AP250.Omega.Portal#show mdns counter /*to see if any mDNS traffic is passing through the AP and/or being filtered
VLAN 1
In : local=36, remote=0, relayed=0, filtered query=0, filtered response=0
Out: relayed query=0, relayed response=0, relayed car drop=0, send by myself=11
VLAN 201
In : local=9238, remote=0, relayed=0, filtered query=0, filtered response=0
Out: relayed query=0, relayed response=0, relayed car drop=0, send by myself=0
Uptime:99201 seconds, Total: in=9274, out=0, relayed car drop=0, sent by myself=11