Firewall Rule for Guest WLAN and Chromecast

This is my dhcp and firewall config

https://pastebin.com/sfT8QJZP /etc/config/dhcp
https://pastebin.com/p55pLhJc /etc/config/firewall

and this my network and wireless config

https://pastebin.com/FRacyrE4 /etc/config/network
https://pastebin.com/r79X0Zb5 /etc/config/wireless

Then I have to connect to the guest wlan as well. It's no a good solution.

HI, have you found a solution?
I was thinking of nating chromecast to an IP on the guest network from your main one.
ex. you assign a static lease to your chromecast on your main network, say 192.168.0.100, and then nat it to, say 192.168.100.100 (must be out of the dhcp range but in the same subnet), on your guest network. This way it is reachable from both the networks.

I have the same problem and I'm struggling to find a working solution.

@artioni81 did you succeed with your proposed solution?
If so could' you share it?

If this is the case, it's only a limitation of the device's software.

  • To confirm, that is an IPv4-Any rule to 192.168.0.207, correct?
  • If not an Any rule, have you tested an ICMP Echo-Request rule to a device in 192.168.0.x?
  • If not an Any rule, have you opened forwarding to all ports needed?
  • Can you ping the Chromecast on the secure LAN from the Guest LAN?

I googled a bit :>

chromecast uses the following ports
udp 32768:61000
tcp 8008:8009

dlna broadcast
udp 1900 239.255.255.250

the dlna broadcasts needs to be routed between the networks,
i use smcroute for this.
The ttl of the broadcasts also must be increased by +1.

How do I put this data in OpenWRT?

  • What data?
  • Did you install smcroute if you're attempting to relay multicast?

(BTW, you have a similar post here.)

I have two subnets ("lan" and "guest") and I want the guests to be able to send content to the Chromecast that is connected to the "lan" network.

A user directed me to this topic.

I know I did, for one. And I also:

  • Asked did you install smcroute first?
  • I also reminded you that you had your original topic open. Simply pick one.

I did not realize it was you. I already installed the package. Now what do I do?

:confused:

You configure it.

https://manpages.debian.org/jessie/smcroute/smcroute.8.en.html

Could you give me some example command to be able to adapt to my network?

Honestly, I cannot. This is why I linked you this thread and provided the instructions. Perhaps @shm0 can elaborate, as he is the one who suggested this software:

Then I see how I configure it, without first having read the website.

Might you help me?

There are some threads already about how do this.
You need to create firewall rules to allow:

  • udp 32768:61000
  • tcp 8008:8009
  • udp 239.255.255.250:1900

And one rule to increase the ttl of the ssdp 239.255.255.250 broadcast

I found this info about chromecast ports online, i don't know how accurate this info is.
Maybe you have to enable the firewall log and watch for dropped packets and adjust the rules accordingly.

Then configure smcroute to enable routing of the mulicast traffic (239.255.255.250)
Something like:

mroute from br-lan group 239.255.255.250 to br-othernetwork
mroute from br-othetnetwork group 239.255.255.250 to br-lan

Change the network device names (br-lan br-othetnetwork) accordingly.

How do I put those ports in OpenWRT?