The Sophos Community will be offline for scheduled maintenance this Saturday, May 27th, at 13:00 UTC for approximately 1 hour. Apologies for any inconvenience caused.
"Wanna" ransomware outbreak. Please see this Sophos article sophos.com/kb/126733 for advice on how to protect your organization. Immediate action recommended.
We'd love to hear about it! Click here to go to the product suggestion community
Hi, I run sophos v9 at my home.
I got most services up an running. Origin. Steam is up and running except in-home streaming. World of tanks running etc.
But I cant get steam in-home streaming to work between two computers in the same subnet on my local LAN.
I looked in the firewall log and dont find anything.
I am wondering if this in-home streaming is uPnP dependant ? Since sophos dont have uPnP. uPnP is kind of an security risk anyway.
I am a longterm user of astaro v7 to now getting sophos v9 up and running.
This seems akward that I cant even have the in-home streaming working on my local LAN with sophos right of the box.
Dont laugh at me, please. Here is a info page about ports and stuff. https://support.steampowered.com/kb_article.php?ref=3629-RIAV-1617&l=swedish#networkports
as far as I understand the in-steam traffic is only send through the LAN and same subnet. No connection to the Internet is needed. So the UTM firewall should not harm this traffic. I'm not sure about IPS and ATM.
- Have you tried to turn off IPS and/or ATM?
- Are you using the proxy? Try to turn it off.
- Is in-steam running when you switch off the UTM and work only with the LAN?
- If you use Windows clients and set up a new LAN, the Windows firewall normally ask about the area (Home, Domain, Public). Maybe you forgot to choose "Home" and therefore the firewall is nox working in Public mode with all outside connections blocked?! Only an idea.
In reply to Jas Man:
Yes, the steam in-home streaming work perfectly with an old Sonicwall TZ170 firewall.
The IPS is turned of
Seems like a router is a must when streaming, or I have simply failed doing it NIC to NIC.
This is what TCPview says
Steam.exe 2300 TCP MASS-WS 27036 MASS-WS 0 LISTENING Steam.exe 2300 UDP MASS-WS 27036 * * Steam.exe 2300 UDP MASS-WS 54191 * * 37 2 820 16 1 120
The port 27036 should be the port for discovering another steam client on another computer on your local network.
ps Armagedon in this thread talking about uPnP and he solved his issue with portforwarding.
In reply to MASSSWEDE:
Typo, I mean ATP (Advanced Thread Protection) instead of ATM.
I'm not sure if I've fully understood the function of Steam. For me it looks like that the clients don't need a Internet connection for In-Steam function. If this is true, I've no idea why the UTM should block the local communication between two clients in the same subnet.
If In-Steam needs a Internet connection, then I think UTM blocks outgoing or incomming traffic. You should see this in the firewall logs...but you didn't, or you missed the relevant part. If the Steam client opens the ports with UPnP, this could be the problem. Then you have to configure port forwarding for the steam clients in the firewall of the UTM.
Can log into steam, can download games, can start games, can join multiplayer games. But the damn in-home streaming does not work. Port forwarding for internal network, how do you do that ? Must I set like the ip unique static adresses on my both machines ?
Port forwarding in the LAN is not neccesarry. I meant Port forwarding from Internet -> LAN client or there are closed ports from LAN -> Internet which are needed by the client. Normaly the Steam client should establish the connection over common ports with the servers in the Internet.
But if it uses UPnP to open non-common ports in the router, this could be your problem. Sophos UTM does no UPnP and therefore the ports remain closed.
These are only speculations. I'm not aware of the functions of steam. It's difficult to help to solve a problem with an unknown software. Maybe you should also ask the users in the Steam forum.
I would like to learn the flow of the traffic, how does the 2 computer communicate to stream? Alongside, check in the tcpdump if the specific traffic hits the UTM and catch the drops in the packetfilter.log.
In reply to sachingurung:
This issue does not have anything to do with the UTM itself I suspect. Check the firewall settings on your hosts and make sure they did not detect the new gateway as a new network and set the internal LAN as public instead of private.
In reply to darrellr:
Ok, is multicast on in sophos ? Seems the information I got is that the in-home streaming NEED multicast. I am kinda lost. Someone explain what I should do. Can I get a multicast filtering for a port like 27036 in sophos ?
Sorry guys I am a moron. I found the issue. Probably the "STORM CONTROL" or something I have enabled inside the HP Procurve 8-port Smart switch I have. I tried an 5-port dumb switch and it worked.
Don't feel like you are the only one...I have been tripped up by it on ProCurves as well. It seems to cause as many issues as it solves.