This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
G_W_Albrecht
Legend
Legend
‎2022-03-25 02:20 AM

Bridged WLAN LAN Apple Multicast issue resolved

For more than a year now, i have experienced a strange limitation (see https://community.checkpoint.com/t5/SMB-Gateways-Spark/WLAN-to-LAN-internal-routing-issue/m-p/134154... for more details) concerning traffic between Apple devices on WLAN and Apple devices on LAN :

- screen sharing between two MacBooks in WLAN and LAN is not possible

- controlling iTunes on a MacBook in LAN with Remote App on iPhone (WLAN) is not possible

- printing or scanning from a MacBook in LAN on an Epson Printer in WLAN is not possible

I had studied Apple Bonjour before and knew that it uses Multicast, and i use a bridge to keep all devices in the same one network so we have no issues with network boundaries. But i realized that this was the right track when i found sk114596: Multicast traffic not forwarded over bridged interfaces on SMB appliances:

Cause

IGMP snooping is enabled "by default" on bridged interfaces. This feature is designed to prevent hosts on a local network from receiving traffic for a multicast group they have not explicitly joined. It provides switches with a mechanism to prune multicast traffic from links that do not contain a multicast listener (an IGMP client).

I had to create a file with the kernel parameter and all started to work as expected again 😀

I would suggest to either add information to sk114596 or, better, publish an own SK for this Apple Services issue !

CCSE CCTE CCSM SMB Specialist
4 Replies
Chris_Atkinson
Employee Employee
Employee
‎2022-07-14 07:25 AM

Nice find.

Was feedback submitted for the original SK?

What additional steps did you implement? 

CCSM R77/R80/ELITE
0 Kudos
G_W_Albrecht
Legend
Legend
‎2022-07-14 07:36 AM
In response to Chris_Atkinson

1. Directly communicated this to Amir Ayalon; Dafna Mozel; Oleg Umanets ; Zachi Schnieder

2. gave feedback for version:

Your feedback was:
------------------
This is not relevant for R80.20.xx SMBs ? kind regards, -- Guenther Albrecht Arrow ECS Internet Security AG A-1100 Wien, Wienerbergstrasse 11 Tel: 43 1 370 94 40 325 Fax: 43 1 370 94 40-333
------------------

This feature is not included in the product.

If you need it, please submit a Request for Enhancement.

3. No additional steps were needed - all worked as expected then.

CCSE CCTE CCSM SMB Specialist
0 Kudos
Chris_Atkinson
Employee Employee
Employee
‎2022-07-14 07:43 AM
In response to G_W_Albrecht

To clarify there was a separate kernel parameter you used that doesn't feature in the current SK?

CCSM R77/R80/ELITE
0 Kudos
G_W_Albrecht
Legend
Legend
‎2022-07-14 07:58 AM
In response to Chris_Atkinson

No, the current SK is the solution - but the sk114596 only is for version R77.20.xx and does not mention Apple Bonjour nor the symptoms:

- screen sharing between two MacBooks in WLAN and LAN is not possible

- controlling iTunes on a MacBook in LAN with Remote App on iPhone (WLAN) is not possible

- printing or scanning from a MacBook in LAN on an Epson Printer in WLAN is not possible

As a CCSP, i had 3 customers already that had such a Bonjour issue, and only one had found the SK (but not tried the solution yet).

CCSE CCTE CCSM SMB Specialist

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    Virtual

    Wed 01 May 2024 @ 02:00 PM (EDT)

    South US: HTTPS Inspection Best Practices
    Virtual

    Tue 23 Apr 2024 @ 11:00 AM (EDT)

    East US: What's New in R82
    Virtual

    Thu 25 Apr 2024 @ 11:00 AM (SGT)

    APAC: CPX 2024 Recap

    Thu 25 Apr 2024 @ 10:00 AM (CEST)

    The Anatomy of a Cloud Hack by NotSoSecure - EMEA Session

    Thu 25 Apr 2024 @ 06:00 PM (IDT)

    The Anatomy of a Cloud Hack by NotSoSecure - America Session
    Virtual

    Tue 30 Apr 2024 @ 03:00 PM (CDT)

    EMEA: CPX 2024 Recap
    Virtual

    Wed 01 May 2024 @ 02:00 PM (EDT)

    South US: HTTPS Inspection Best Practices
    Virtual

    Tue 23 Apr 2024 @ 11:00 AM (EDT)

    East US: What's New in R82
    Virtual

    Thu 25 Apr 2024 @ 11:00 AM (SGT)

    APAC: CPX 2024 Recap
    Virtual

    Tue 30 Apr 2024 @ 03:00 PM (CDT)

    EMEA: CPX 2024 Recap
    Virtual

    Thu 02 May 2024 @ 11:00 AM (SGT)

    APAC: What's new in R82
    Virtual

    Thu 02 May 2024 @ 10:00 AM (CEST)

    CheckMates Live BeLux: How Can Check Point AI Copilot Assist You?
    CheckMates Events