Forefront TMG with Google Chromecast (UPNP discovery) RRS feed

  • Question

  • We are a small business and so far we have been using Forefront TMG 2010 (in a simple LAN-DMZ-WAN 3-legged configuration) with great success.

    Recently we added a Google Chromecast to the TV/Monitor in our meeting room. The Chromecast device itself works great but other devices on the same LAN cannot discover it.
    It's my understanding that Chromecast uses UPNP SSDP discovery protocol which, by default, is being blocked by Forefront.
    And In fact in the log we see an endless stream of the following errors:

    Log type: Firewall service 
    Status: An ingoing packet was dropped because its destination address does not exist on the system, and no appropriate forwarding interface exists.  
    Rule: None - see Result Code 
    Source: Internal ( 
    Destination: UPNP ( 
    Protocol: Unidentified IP Traffic (UDP:1900) 

    In addition to the existing "Internal" interface (address range I created a new internal "UPNP" interface with the address range: and a "route" relationship between the "Internal" and "UPNP" interfaces.
    I also added firewall policy rules to give full access to each other.

    Unfortunately Chromecast discovery is still not working.

    Any suggestion how to resolve this issue and let Forefront allow UPNP SSDP discovery?



    Wednesday, August 26, 2015 8:50 PM