Chrome Cast, Apple TV and wireless isolation
954 views
Skip to first unread message
Matt Strickland
Oct 16, 2016, 4:32:16 PM10/16/16
to Techies for schools
Hi all,
Just a quick question regarding configuration options for Chromecast / AppleTV and using BYOD devices to cast via the network.
We run a common practice wireless network; 802.1x, client isolation enabled (ruckus), vlan'd and firewall (rules) access to LAN (via sonicwall).
The client isolation doesn't help, likewise with differing networks.
Is there a better setup method? (AppleTV can use LAN so firewall rules would apply, Chrome cast?)
Do you setup another network for trusted casting devices?, allow vlan routing / firewall / gateway but firewall out stuff it doesn't need access to?
Matt
Alistair Baird
Oct 16, 2016, 4:47:29 PM10/16/16
to techies-f...@googlegroups.com
Am also looking into this - I will have to pin down our AppleTV's to static IPaddresses first
--
You received this message because you are subscribed to the Google Groups "Techies for schools" group.
To unsubscribe from this group and stop receiving emails from it, send an email to techies-for-schools+unsub...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Matt Strickland
Oct 16, 2016, 5:16:42 PM10/16/16
to Techies for schools
Its really the broadcast / discovery issue when using different vlans, I think the apple TV will be ok if it can use Bluetooth, the chromecast may have to rely on Multicast DNS for clients to discover it.
Pretty sure someone on here will have tested most options so have a few solutions.
Matt
Kevin Whelan
Oct 16, 2016, 9:14:28 PM10/16/16
to Techies for schools
pretty sure ruckus have a bonjour gateway, Aerohive does and it works ok once you filter out the correct services which apple seem to keep changing each os version from the other apple noise because if you leave everything open it tends to flood and overload. But sonicwall should have multicast dns as well which would be less hassle because you know the ports and routes will be open and not just the discovery
failing that there are software gateways but you would need to multihome a pc with xnumber network cards in each of the vlans needed
failing that there are software gateways but you would need to multihome a pc with xnumber network cards in each of the vlans needed
Matt Strickland
Oct 16, 2016, 10:49:02 PM10/16/16
to Techies for schools
Thanks Kevin,
It looks like Ruckus's Bonjour Gateway (mDNS) can speak both apple and chromecast.
I think tho I will have to let Ruckus sort the discovery and sonicwall will pass the ports/data required as the sonicwall isn't handling isolation within the same vlan (or at least the same AP for the same SSID/vlan/account). Sonicwall can however handle all the stuff outside broadcast.
Some testing to involve, only to break on OS updates you think? Great.
Matt
Kevin Whelan
Oct 17, 2016, 3:40:11 PM10/17/16
to Techies for schools
AirPlay
| *._airplay._tcp. | LindisfarneSource | LindisfarneDestination | 1 | Lindisfarne Ground Floor_lindisfarne.school.nz | ||||
| APPLE TV Services | *._appletv*._tcp. | LindisfarneSource | LindisfarneDestination | 1 | ||||
| HTTP | *._http._tcp. | LindisfarneSource | LindisfarneDestination | 1 | ||||
| iTunes | *._daap._tcp. | LindisfarneSource | LindisfarneDestination | 1 | ||||
| Remote Audio Output Services | *._raop._tcp. | LindisfarneSource | LindisfarneDestination | 1 | ||||
| Touchable | *._touch_able._tcp. | LindisfarneSource | LindisfarneDestination | 1 | ||||
| Rcontrol | *._dacp._tcp. | LindisfarneSource | LindisfarneDestination | 1 | ||||
| AFP | *._afpovertcp._tcp. | LindisfarneSource | LindisfarneDestination | 1 | ||||
| Samba | *._smb._tcp. | LindisfarneServers | LindisfarneDestination | 1 | ||||
| ServerManager | *._servermgr._tcp. | LindisfarneSource | LindisfarneServers | 1 | ||||
| OpenDir Master | *._od-master._tcp. |
Kevin Whelan
Oct 17, 2016, 4:02:01 PM10/17/16
to Techies for schools
this is what I use but I did allow some extras network protocols on the bottom because we have a mac server and clients , I know they can smb but its helpful if the afp is working and it does seem to making browsing and communication easier on the macs
On Tuesday, October 18, 2016 at 8:40:11 AM UTC+13, Kevin Whelan wrote:
On Tuesday, October 18, 2016 at 8:40:11 AM UTC+13, Kevin Whelan wrote:
AirPlay
*._airplay._tcp.
Arnold Santos
Oct 17, 2016, 4:12:52 PM10/17/16
to techies-f...@googlegroups.com
Hi Matt,
In our setup under Ruckus, we enable Bonjour Gateway under AP site with a defined policy for VLAN routing.
See attached image. Hope this helps.
Regards,
Arnold
--
You received this message because you are subscribed to the Google Groups "Techies for schools" group.
To unsubscribe from this group and stop receiving emails from it, send an email to techies-for-schools+unsub...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Arnold B. Santos
ICT Systems Administrator
Queenstown Primary School
________________________
ICT Systems Administrator
Queenstown Primary School
________________________
Apple Certified Support Professional 10.11
Apple Certified Technical Coordinator 10.8e-mail : arn...@queenstown.school.nz
web : www.queenstown.school.nz
Richard Symon
Oct 17, 2016, 4:37:34 PM10/17/16
to Techies for schools
Hi Matt
We use Airtame units, these are more expensive than appletv and chromecast (about $300 per unit) size of a chromecast, but plug into any hdmi port and use 2.4 and 5 to connect to, one band can connect to the network while the other can then connect to a client if need, so the student / teacher can just connect to this device and present on a tv / dp.. or can also find it via broadcasting on the network or direct ip address... has buffer settings as well for movies and youtube videos to play in sync.. also client is on windows / macs and has an app for iphone and ipad and android but does not duplicate screens from the app currently.
I know its not about chromecast or appletv, just putting it out there as another solution to for a byod to cast via the network or direct to the device.
Cheers
Pete Mundy
Oct 17, 2016, 4:58:36 PM10/17/16
to techies-f...@googlegroups.com
Hey Richard, thanks for mentioning the Airtame! I hadn't heard of it, and it's great to know of other products out there that can do a similar job.
For my schools, the one thing that would stop adoption of this device is the lack of full-screen sharing across to the TV along with full system audio (what Apple call 'Mirrored Desktop' or 'Extended Desktop'). If/when they get that feature operational it will make these devices a definite alternative! So it's one I will keep an eye on.
Cheers for sharing the info with the list :)
Pete
On 18/10/2016, at 9:37 am, Richard Symon <rsy...@nghs.school.nz> wrote:<snip>
does not duplicate screens from the app currently.
<snip>
Richard Symon
Oct 17, 2016, 5:22:35 PM10/17/16
to Techies for schools
Hi Pete
No problem! :) always good to see what others use in their school environment!
I have played with screenbeam widi stuff, but thats for windows intel stuff only :(, so wasn't very helpful here
Yea sorry I dont know if i made the app part clear as just re-reading what i posted :-/ seems a bit confusing when i read over it again.
The app for phone and ipad and android does not mirror or extend the screen (only displays documents and pictures)
The windows and apple client does mirror/duplicate and extend the screen onto the tv/dp.
we have 7 currently here, and looking at 2more
but for BYOD it is good if you want a student to connect to the TV and display their screen, as you can connect straight to the device, instead of having to find it via network or trying to get around vlans
one thing i have found out thou, as the airtame unit is also connected (if setup like this) to the network as well, then that student also can go on the internet via the airtame unit/connection.. good or bad depends on how its connected and what SSID/VLAN/Profile that is connected to
cheers
Richard
--
You received this message because you are subscribed to a topic in the Google Groups "Techies for schools" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/techies-for-schools/y2bF49PilK0/unsubscribe.
To unsubscribe from this group and all its topics, send an email to techies-for-schools+unsub...@googlegroups.com.
WHS Ict Technician
Oct 17, 2016, 5:52:43 PM10/17/16
to Techies for schools
you need a bonjour gateway, to enable multicasting across the vlans.
bonjour (dns-sd) for the discovery, unicast UDP for the streaming
we use the one built into our meraki MX100, but you can build your own using Avahi.
A good discussion is here
(http://networkengineering.stackexchange.com/questions/5954/what-exactly-is-required-to-make-airplay-work-across-vlans)
you can manage this on the switch as well, if you are handy with CLI. rough guide here, tons more in cisco's forums. http://blogs.cisco.com/getyourbuildon/network-wide-bonjour-how-would-you-support-bonjour-across-multiple-vlans
you don't need static IP addresses, since you can create the rules for the multicast addresses (destination 224.0.0.251)
the raspbery pi / avahi solution looks the best if you don't have an MX or ruckus or Unifi: https://www.packetmischief.ca/2012/09/20/airplay-vlans-and-an-open-source-solution/
bonjour (dns-sd) for the discovery, unicast UDP for the streaming
we use the one built into our meraki MX100, but you can build your own using Avahi.
A good discussion is here
(http://networkengineering.stackexchange.com/questions/5954/what-exactly-is-required-to-make-airplay-work-across-vlans)
you can manage this on the switch as well, if you are handy with CLI. rough guide here, tons more in cisco's forums. http://blogs.cisco.com/getyourbuildon/network-wide-bonjour-how-would-you-support-bonjour-across-multiple-vlans
you don't need static IP addresses, since you can create the rules for the multicast addresses (destination 224.0.0.251)
the raspbery pi / avahi solution looks the best if you don't have an MX or ruckus or Unifi: https://www.packetmischief.ca/2012/09/20/airplay-vlans-and-an-open-source-solution/
WHS Ict Technician
Oct 17, 2016, 5:53:45 PM10/17/16
to Techies for schools
A quick aside. If you have an appleTV plugged in to the LAN, make sure to tell the switch to ignore BPDUs from that port. Or welcome to STP hell
Pete Mundy
Oct 17, 2016, 6:21:31 PM10/17/16
to techies-f...@googlegroups.com
On 18/10/2016, at 10:22 am, Richard Symon <rsy...@nghs.school.nz> wrote:
The app for phone and ipad and android does not mirror or extend the screen (only displays documents and pictures)The windows and apple client does mirror/duplicate and extend the screen onto the tv/dp.
Oh wow! Ok then yes I did mis-understand your original posting.
In that case (since the macOS client does support mirroring), I think I'll buy one of these devices and do some further testing in the lab :)
Is there any distributor in NZ that you recommend using?
I've gone straight to airtame.com and clicked on 'Buy Now', but am only getting a spinner an no page content. Tried a couple of different browsers on different machines on different ISPs both with the same result, so I'm guessing it's a temporary issue on their site...
Pete
Richard Symon
Oct 17, 2016, 7:15:19 PM10/17/16
to Techies for schools
Hi Pete
Sorry I dont know of any distributor in NZ for it, I used the Website to get them all, but i know Simon Lillico from Cyclone Computers was talking about getting some in, he might be the best to talk to if he has already, but i dont know about price if they are going to...
if not here is their email for a sales rep - luca @ airtame.com (added spaces :p ).
they send the units here pretty quick! :). also they can also have a network cable attached via a ethernet adapter as well if need, and powered via usb port and cable on the TV/DP or wall socket.
Richard
--
You received this message because you are subscribed to a topic in the Google Groups "Techies for schools" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/techies-for-schools/y2bF49PilK0/unsubscribe.
To unsubscribe from this group and all its topics, send an email to techies-for-schools+unsubscribe...@googlegroups.com.
Reply all
Reply to author
Forward
0 new messages