mDNS for communications over VLAN

I've submitted an enhancement case online already for this, but would like to post here as well to see if others are interested in the feature request.

I'd love for WatchGuard to implement an mDNS service that can broadcast across VLAN's. This makes it possible to manage/control IOT devices across segregated VLANS instead of having to constantly rely on the service being cloud based and use HTTPS, or having to hop on a different wifi/vlan to manage/monitor the device.

As a use case, if a client segregates their Google Home devices from their corporate trusted network, the mobile device access to the IOT VLAN is limited on what it can do because it's not on the same network. Things like configuring the Google Home speaker / display unit or making any modifications to existing settings are next to impossible without jumping onto the VLAN of said device.

With mDNS, the broadcast traffic would be able to pass through to other VLAN's via firewall policies or global setting.

Comments

  • edited August 2019

    This would be an amazing method to provide support for Apple devices, specifically printing. Yes the proper way to do it is in DNS-SD but for customers stuck with .local AD domains Apple falls back to hardcoded behavior and you can't provide any support for AirPrint / AirPlay unless you can convince them to spend the hours and downtime risk on moving to a new AD domain or attempting a rename.

    Worth noting: if this is a viable workaround for you Google Homes support ethernet via the chromecast and Amazon Echo ethernet adapters. Others too but those are the only tested ones. You can also combine the Amazon one with a PoE splitter to craft a PoE Google Home.

  • Commenting as an up vote, and to say a MDNS reflector on WatchGuard devices, that is then controlled via policies to say which VLANS could see MDNS traffic from other VLANS would be great. This would be very useful for segmented networks where Chromecast and AirPlan devices are appropriately on a different VLAN from user endpoints.

  • Please implement this. Soon. Thanks!

  • I agree on this one .. no new status?

  • james.carsonjames.carson Moderator, WatchGuard Representative

    Hi @TravK @lehcim
    If you're looking for status updates on this feature request, you'll want to create a support case. You'll want to mention FBX-10140. The tech that is assigned your case will be able to set the case up for notifications on that feature.

    -James Carson
    WatchGuard Customer Support

  • Thx for your reply! @James_Carson
  • I don't know if my resolution will help anyone who needs iPhone printing across VLANs because my client's network setup is a T35 running 12.5.7 U2, Ubiquiti UniFi wireless access points, and a Xerox C8135 printer, as outlined here https://community.spiceworks.com/topic/2317014-airprint-through-unifi-and-watchguard

    The gist is that Android phones can print using their native app or the Mopria Print Service app suggested by Xerox by pointing to the printer's IP address to install the printer.

    Users with iPhones HAD TO install the Xerox Workplace Mobile App and point to the printer's IP address to install the printer. AirPrint could not find it.

    For iPhones, see if your printer manufacturer has an app for it.

    Gregg Hill

Sign In to comment.