Firewalla / FireTV Issues
I've posted on Reddit, but figured I would come to the community. I've just recently purchased the FWG, it is placed: Modem > UDM Pro > FWG > USW.
Most everything works well except for my FireTV(s). On FireTV, the Amazon stuff does not show up very well. For example:
- The preview images are blank for a long time on the home page (or never show)
- When I go to Prime Video - Nothing works, get a network error
- MLB.tv does not work - network error
If I remove FWG, everything goes back to normal. The FWG is set up as a Transparent Bridge with only the "default bundle" rule set up.
If I look at the FireTV device in FWG, it shows no alarms, no blocks. Under flows there is 0 blocked flows as well.
But FWG is most definitely blocking because we cannot watch any Prime Video or MLB.tv on FireTV when it is in place. Could be others as well, but we typically only use Netflix outside of those 2 and they worked just fine.
-
Re-worded everything:
- "Default Bundle" was enabled by default, I have done nothing else in the configuration. I eventually deleted this.
- When I looked at Ad-Block it was off. Unsure if I looked at this right away, but I have never disabled anything. Did deleting the default bundle disable Ad-Block? If not - it was never on.
- Nothing shows blocked on any FireTV device in the FWG interface. Amazon URLS show up, but none show being blocked.
So... while it is unlikely "default bundle" was the culprit, unless removing that piece did something else behind the scenes, that is the only possibility (since it is the only configuration change I have made at all).
hope that helps, going to be on the road for the next 2.5 hours, will try to respond when I can.
-
Do you have filtering on that windows 2019 DNS server? if you just use the same ISP or popular (1.1.1.1 or 8.8.8.8 ....) do you still have the same problem?
Usually, if you don't see firewalla side blocking in the flows, the problem can be a third party DNS server. We've seen strange things from them
-
There is no filtering. But if it were a DNS issue, then removing the Firewalla (or the default bundle as I eventually did) wouldn't have solved the problem, correct? I tested 5 times and each time I put Firewalla inline, those things didn't work. Then I removed it and they did (meaning Prime Video & MLB.TV). And before removing the default bundle they didn't work (tested it), then removed it and they worked immediately).
I understand it may not seem logical, but I don't see how it could be the DNS if that part remains constant in this scenario.
I can certainly use cloudflare or google DNS settings, but those settings are not changing with or without firewalla inline.
-
Do the services work if you turn off the DNS Booster on the Firewalla?
My understanding is that when this is on, the FWG will intercept all DNS requests, resolve them itself (if not already cached), and then send the result to the client. Maybe the FWG is having problems resolving those DNS names for some reason?
Be aware that turning off the DNS Booster will disable the blocking functionality, including ad blocking, so this probably isn't a good long-term solution. But if things work with the DNS Booster off, you could start looking at the DNS requests/responses from the Firewalla itself (SSH in and use tcpdump); that might help.
-
Sorry for the delay, I decided to do the following for now to see if it makes a difference:
- Create a 'Streaming' VLAN (Unifi) with Google/Cloudfare DNS only, not going through my DNS server
- Put the TV on this VLAN
I will see how that works for a while. Of course it has worked fine since I got rid of the default bundle. How can I put that back in place (since I deleted it) to see if it still blocks Amazon Prime Video?
Please sign in to leave a comment.
Comments
14 comments