Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

TIVO Updates Being Blocked

I have 2 Tivo units on my home network: Tivo Roamio and Tivo Mini. They were working fine and receiving Tivo update traffic without problem. Now that I've connected my Sonicwall 250 SOHO to my network all regular traffic works normally but now my Tivo's cannot receive any updates; the Sonicwall is blocking it but I don't know how to see the block in the Sonicwall or how to restore the Tivo network traffic updates. Can anyone offer any assistance?

Category: Entry Level Firewalls
Reply

Best Answers

Answers

  • NevyadithaNevyaditha Moderator

    Hi @marct191 ,

    Hope you are doing good.

    You can perform packet capture on sonicwall and follow the KB below :

    Ether Type: IP 

    IP Type: TCP,UDP 

    Source IP address: Mention the IP address of the Tivo IP device that is facing issue

    Please check for the drop codes on the packet capture under the packet details and based on drop codes that will explain what service on the firewall is causing the issue.

    Thanks

    Nevyaditha P

    Technical Support Advisor, Premier Services

  • shiprasahu93shiprasahu93 Moderator

    Hello @marct191,

    I don't see any App control signatures for Tivo application specifically. It can either be a URL that is being blocked by CFS or a special port number used by Tivo for those updates that needs to be allowed.

    The packet capture will show you the drops to narrow this down.

    Thanks!

    Shipra Sahu

    Technical Support Advisor, Premier Services

  • We have had built in default service objects for Tivo in SonicOS for about a decade or more:


  • marct191marct191 Newbie ✭
    edited May 18

    Here is a copy of the packet capture I did per NEVYADITHA's recommendation. Please let me know what this is telling me.

    From what I can tell the firewall is dropping UDP packets from my Tivo's and that I don't have Multicast configured for UDP for these two units. How do I set up Multicast for these IP's 192.168.168.62 & 192.168.168.110?? You can look at the file in any text editor. Thanks.


  • shiprasahu93shiprasahu93 Moderator

    Hello @marct191,

    The packet capture that you have attached shows drops for Multicast forwarding from 192.168.168.110 and 192.168.168.62 to the Multicast address 224.0.0.251. Please use the KB below for enabling Multicast Support.

    If you do not want to create specific multicast policies, you can use the option "Enable reception of all multicast addresses" under Multicast Policies.

    Also, once you enable Multicast, it creates auto added access rules for destination Zone Multicast. Please make sure that all the LAN to Multicast access rules are set to allow.

    If the issue is still not resolved, I would suggest contacting SonicWall support so that we can help you troubleshoot this issue in real-time.

    Thanks!

    Shipra Sahu

    Technical Support Advisor, Premier Services

  • NevyadithaNevyaditha Moderator

    Hi @marct191 ,

    Please follow the above steps mentioned and also ensure the access rule for the multicast traffic from LAN to Multicast is allowed .

    Navigate to Rules | Access Rules.

    Select the "Matrix" View Style. Select the LAN to Multicast intersection.

    Edit the default LAN to Multicast Deny rule. Change the Action to Allow. Click OK.

    _If the TIVO application is still not working, then probably you can capture again and check for drop codes.

    Thank You!

    Nevyaditha P

    Technical Support Advisor, Premier Services

  • marct191marct191 Newbie ✭

    This is a copy of a dropped packet message:

    Ethernet Header

     Ether Type: IP(0x800), Src=[00:11:d9:7d:18:2f], Dst=[ff:ff:ff:ff:ff:ff]

    IP Packet Header

     IP Type: UDP(0x11), Src=[192.168.168.62], Dst=[192.168.168.255]

    UDP Packet Header

     Src=[2190], Dst=[2190], Checksum=0x4f48, Message Length=170 bytes

    Application Header

     Not Known: 

    Value:[1]

    DROPPED, Drop Code: 164(Broadcast traffic not handled.), Module Id: 25(network), (Ref.Id: _9336_jcpfngDtqcfecuvRcemgv) 1:0)


    How can I fix the 164 error??

  • shiprasahu93shiprasahu93 Moderator

    Hello @marct191,

    The broadcast traffic is intended for a specific network. You can see that the destination IP on that packet is 192.168.168.255. Since the firewall is an L3 device, it will not forward this broadcast traffic from one network to another. This is a legitimate drop.

    This should not be the reason why the Tivo updates are failing.

    Thanks!

    Shipra Sahu

    Technical Support Advisor, Premier Services

  • marct191marct191 Newbie ✭

    Tivo says port 2190 must be open TCP and UDP. How can I open this port?

  • NevyadithaNevyaditha Moderator

    Hi @marct191 ,

    Please go to Firewall access rules from LAN to WAN and check for the access rules.

    By default, all the traffic from LAN to WAN is allowed and is not blocked by the firewall.

    Thanks!

    Nevyaditha P

    Technical Support Advisor, Premier Services

  • shiprasahu93shiprasahu93 Moderator
    edited May 20

    Hi @marct191 ,

    As mentioned by John earlier, we already have the default Tivo services available on the firewall. You can find them under Manage | Objects | Services Objects | Service Groups tab.

    Although, from LAN to WAN we have the default rule Any, Any, Any set to allow. You can create an explicit rule for Tivo as below.

    Source: Any (You can also specifically select the group containing 192.168.168.110 and 192.168.168.62)

    Destination: Any

    Service: Tivo Services

    Action: Allow

    If you have customized the LAN to WAN access rules please use the arrow icon on the rule and change the priority on this rule to be 1 so that it is on the top of the list.

    Thanks!

    Shipra Sahu

    Technical Support Advisor, Premier Services

Sign In or Register to comment.