Content translations are temporarily unavailable due to site maintenance. We apologize for any inconvenience. Visit our blog to learn more.
09-13-2016 10:39 PM - edited 09-13-2016 10:41 PM
Hi,
this is the scenario:
- a PA with two physical L3 interfaces (1 zone per interface, 1 subnet per interface, we call them A and B).
- I have a device in Subnet A which is an Airport thing with a printer attached. Devices in Subnet A they can discover the printer via the Apple Bonjour service
- Devices in Subnet B cannot discover the printer in subnet A
- Traffic from/to these two subnets is completely allowed, no restrictions whatsover, and no NAT.
- Both subnets and devices have the PA interface as default gateway
- i am running 7.1
What i did:
- in network-router, i edited the existing virtual router, went to "Multicast" and enabled Multicast. -
- RP Static, RP Interface is the Subnet A interface, RP Address the Subnet A interface address
- Group list: 224.0.0.0/4
- Remote Rendevous point: empty
Interfaces: Subnet A interface, Subnet B Interface IGMP/PIM enabled
- added policy from Subnet A zone and Subnet B zone to "Multicast" zone all allowed
- and committed
Still from Subnet B i cannot see the airport via the multicast Bonjour service. Ideas?
thanks heaps
01-08-2021 03:09 AM
Yes,
You have to add valid access list, and remember to do it in both ways because many of this traffic is generated from both sides.
Put application any and port any if You can for a start and then add discovered apps - it depends on what devices You have.
If Home kit is purpose of Your setup You can leave only app center like Apple TV on lan side in accls.
Regards,
Jerzy Kołysz
01-08-2021 03:15 AM
Hi
I've allowed CLIENTS to APPLETV and APPLETV to CLIENTS Security Zone for ANY / ANY
but still no luck, what about the DNS setting that you've mentioned?
Thanks
Alex
01-08-2021 03:28 AM
Lets speak abut this scenario https://lucid.app/lucidchart/invitations/accept/6024dbd9-e4e4-4a9c-bb96-f95bec16352a
I suggest put IOT devices to IOT network and Apple TV to general network ( LAN )
then turn on Bonjur reflector, after that make ACL from lan zone to iot zone, and one more in opposite directions.
if You will make two ACL instead of one You can add in destination Lan Your Apple TV. and in src Lan in second ACL.
I have setup like that and it works.
I suggest to put Apple tv to LAN because it usually needs Internet connection.
08-25-2022 06:55 AM
Hi. I also need some instructions, because communications between subnets is not possible, however bonjour reflector is enable in interface.. I use only one lan interface (bonjour active). Thks colleages.
08-25-2022 08:57 AM
You need to enable reflector on both IOT and lan interface, and create appropriate security rules.
08-25-2022 09:01 AM
Best way to debug it is iOS/macOS app Discovery https://apps.apple.com/pl/app/discovery-dns-sd-browser/id305441017?l=pl
I assume there are similar apps for windows.
03-24-2023 12:36 AM
Unfortunately this won't work for my deployment the pa440 has ports bridged with intervlan routing (vlan interfaces aka svi) and
mDNS (Apple Bounjour) is not available for l3 vlan interfaces only physical and subinterfaces 😞
10-01-2023 01:31 PM
@nevolex : I'm on the same boat with Alan interfaces.
Did you find any solution to enable Apple Bonjour in your configuration?
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
