Hello Ever since installing ESS 4.2 on my Windows 7 laptop I can no longer stream music via UPnP I have enabled UPnP in the IDS section (as discribed here http://kb.eset.com/esetkb/index?pag...arch&viewlocale=en_US&searchid=1280847951202), but still no joy I installed ESS 4.2 with the default settings This issue is really annoying and if I can't resolve it, I will be forced to look for another product Thanks Ben
try disabling HTTP, HTTPS protection (at your own risk) When you're done streaming make sure you turn it back on.
I have set the firewall to learning move, and while it add rules for foobar2000.exe, the uPnP element still does not work
My media server shows up under "Network" http://imgur.com/XBY8n.png But not in my media app http://imgur.com/IdgyX.png I just can't work out what is going on, this is a show stopper for me Ben
Setting the firewall on interactive, running foobar2000 and creating a custom rule for foobar2000.exe (allowing every port and address) works I can then set the firewall to Automatic mode with exceptions still works Can anyone tell me why Automatic mode does not work?
Automatic mode allows all outbound communication and blocks any uninitiated incoming communication. In case the communication of a certain application is blocked, enable logging blocked connections in the IDS setup, reproduce the problem and then check the firewall log for details about the blocked communication. This will give you a clue as to which rule needs to be modified in order to allow the communication.
Here's my log file It is quite clearly blocking foobar2000.exe's UPnP requests, which I don't understand as UPnP is enabled for the trusted zone Code: 03/08/2010 20:49:48 Communication denied by rule 192.168.0.105:55699 255.255.255.255:1900 UDP Block outgoing SSDP (UPNP) requests C:\Program Files\foobar2000\foobar2000.exe Ben-Laptop\Ben 03/08/2010 20:49:48 Communication denied by rule 192.168.0.105:55699 255.255.255.255:1900 UDP Block outgoing SSDP (UPNP) requests C:\Program Files\foobar2000\foobar2000.exe Ben-Laptop\Ben 03/08/2010 20:49:48 Communication denied by rule 127.0.0.1:11607 239.255.255.250:1900 UDP Block outgoing SSDP (UPNP) requests C:\Program Files\foobar2000\foobar2000.exe Ben-Laptop\Ben 03/08/2010 20:49:48 Communication denied by rule 127.0.0.1:11607 239.255.255.250:1900 UDP Block outgoing SSDP (UPNP) requests C:\Program Files\foobar2000\foobar2000.exe Ben-Laptop\Ben 03/08/2010 20:49:48 Communication denied by rule 192.168.0.105:55698 239.255.255.250:1900 UDP Block outgoing SSDP (UPNP) requests C:\Program Files\foobar2000\foobar2000.exe Ben-Laptop\Ben 03/08/2010 20:49:48 Communication denied by rule 192.168.0.105:55698 239.255.255.250:1900 UDP Block outgoing SSDP (UPNP) requests C:\Program Files\foobar2000\foobar2000.exe Ben-Laptop\Ben 03/08/2010 20:49:48 Communication denied by rule 192.168.0.105:2789 239.255.255.250:1900 UDP Block outgoing SSDP (UPNP) requests C:\Program Files\foobar2000\foobar2000.exe Ben-Laptop\Ben 03/08/2010 20:49:48 Communication denied by rule 192.168.0.105:2789 239.255.255.250:1900 UDP Block outgoing SSDP (UPNP) requests C:\Program Files\foobar2000\foobar2000.exe Ben-Laptop\Ben Ben
I want to leave my firewall in automatic mode, can this be fixed? I have enabled UPnP for the trusted zone but it clearly does not work
Allow UPNP in the Trusted zone Enables UpnP (Universal Plug and Play), which allows for automatic configuration of network devices I can only assume that this is broken, I have enabled it, but UPnP does not work for me, my laptop is in the trusted zone but I cannot see my UPnP media server
I assume the firewall is just doing its job. If UPnP is blocked in the TZ in spite of having it allowed in the IDS setup, continue as follows and provide the necessary stuff for perusal: 1, leave logging blocked connections enabled in the IDS setup 2, configure the firewall to create pcap logs with blocked packets captured per the instrucions here 3, reproduce the problem Compress the following stuff to an archive, upload it somewhere and PM me a link to it: - pcap log - Eset firewall log - configuration of your ESS exported to an xml file (Setup -> Export/import settings)
Thanks Marcos I am at work at the moment, I'll try this later when I am home and I'll be in touch Ben
Port 1900 is a standard UPnP port http://www.grc.com/port_1900.htm So why is ESS blocking it in Automatic mode? I can only assume the FW is broken, what else is it blocking? I now have no faith in ESS
It'd be a security gap if every application was allowed to communicate via UPnP by default. See this.
Why does enabling UPnP under IDS still not work then? Why should I have to create a rule to allow foobar2000.exe through? I would not expect ESS to block UPnP traffic on my home network!
For security reasons, UPnP is enabled within TZ for system services. To allow UPnP for other applications, an appropriate rule needs to be created for the application. The developers will have a look at this though.
Thanks, can you let me know their response I feel ESS needs another mode, Automatic blocks things I need, Interactive mode is overkill, I don't want to have to review everything trying to get out, we need a new Automatic mode that asks us to review anything not taken care of automatically Thanks
This will be improved in future versions. In interactive mode, you'll be offered an option to create a rule for other applications and then switch back to automatic rule with exceptions. Outgoing UPnP communications within TZ will be enabled for all applications. Maybe a new option to allow UPnP communication for all applications within TZ will be added in the IDS setup.