I recently purchased an Apple TV and am having trouble using AirPlay on my network. I have an ASA 5505 running 8.4(6) code and an Aironet 1142 access point connected. My laptop and my Apple TV are on the same wireless network, but cannot see eachother for streaming. Is the ASA blocking RTSP traffic or anything like that?
It doesn't block rtsp but it does inspect it by default in your version. If it doesn't understnd the way AirPlay is using it, it may drop the packets.
You can disable that by:
ASA(config)#policy-map global_policy ASA(config-pmap)#class inspection_default ASA(config-pmap-c)#no inspect rtsp
Thanks for your reply Marvin,
I actually already did what you suggested. I still cannot see the device for streaming. I looked up the ports used by Airplay, and 80 was one of them. I confirmed connectivity by telneting over 80. Also, when I do a packet trace in the ASDM it fails and tells me the packet was dropped by implicit deny. The computer and the Apple TV are in the same subnet. Do I really need rules? So I put an any any rule at the top of my wireless interface and no luck still...
What do you mean "If it doesn't understand the way AirPlay is using it, it may drop the packets"?
Hmm the inspect policy and rules only apply when the traffic flows through the ASA. The inspect rules examine the protocol for compliance (simplistically speaking) and if they feel it is non-compliant, they drop it.
If your devices are on the same network, they should be part of the same security zone and thus not hiot an access-list. Can you share the config or at least the result of packet-tracer (with the detail option turned on)?
My case is a little bit more complex, in the lab I could configure mDNS on my 5508 with the global multicast and igmp snooping disabled. Only I needed was Global mDNS multicast enabled (based on Cisco Guide) and it worked fine under the following scenarios:
All the services connected wireless
IPAD on subnet A and Apple TV on subnet B, no Firewall in the middle. Peer to Peer Blocking in the WLC was any DROP or DISABLED and it worked fine.
BUT, when I moved into production environment, the only way that it works is by having both Apple Devices in the same subnet with the Peer to Peer bloking DISABLED. I have a firewall in the middle so I do not know what should I check in the firewall to allow Airplay to work.
There is something really weird. in the IPAD, I can see the AIRPLAY icon at the bottom of the screen, when I click on it, I can see MIRRORING and I moved it to the right to activated it BUT nothing happens on the AppleTV connected to an screen. I mean, looks like the request for MIRRORING from the IPAD to the Apple TV device is not reaching this one. A few seconds after activating MIRRORING in the IPAD looks like the request is dropped since that the mirroring is not active.
I have an open case with TAC but any ideas are welcomed.
By the way, I am running v 7.6 in the WLC in order to implement mDNS (traffic between ssid's subnet managed by the WLC)
What does the ASA have to do with it? I will give you a hint... probably nothing. What are you filtering on wireless via your firewall?
Take a look at this link.
Thanks for the reply,
I agree, probably nothing to do with the ASA. Before your post, I started looking into multicast on my access point. I tried plugging the apple tv into the wire, and my laptop into the wire, viola! It works. So... The access point is the place to look next. I will read your link soon. Thanks!
For standalone I am seeing posts saying issue this command:
no ip igmp snooping
Sorry thought you were talking about controller based.
Not a stupid question... I did run it on the AP. There is no switch in my setup. I apologize for not outlining my topology. I have an ASA 5505 with a 1142 AP directly connected to POE port e0/7 in my home. There is not an ip igmp snooping command on the ASA. There is, however, a multicast-routing global command which I have issued. I really don't understand how multicast works so I've been poking in the dark on this issue.