Tivo on Untangle network

KeepingUp · Jan 4, 2021

Advertisements

I recently upgraded my network router/firewall to Untangle. When I first installed the firewall, it began to block All of my Tivo boxes (Bolt, Roamio, two mini Vox, three regular minis) from their maintenance calls to the mother ship. I didn't notice this until the Tivos started acting funny.
They were getting a c117 error on the maint call but the guide call was working fine. If i turn the firewall off, the calls go through. I thought had a firewall config that would get it through, but it is not working. I have two questions:

1. Has anyone worked with Untangle and Tivo enough that you have a fix for this issue?

2. Does anyone know the URL for the three web servers that a Tivo communicates with?
I believe if I knew those site addresses, I could config Untangle to not block Tivo.

I would appreciate any assistance that anyone could offer.

Thanks
John

lhvetinari · Jan 8, 2021

KeepingUp said: ↑

I recently upgraded my network router/firewall to Untangle. When I first installed the firewall, it began to block All of my Tivo boxes (Bolt, Roamio, two mini Vox, three regular minis) from their maintenance calls to the mother ship. I didn't notice this until the Tivos started acting funny.
They were getting a c117 error on the maint call but the guide call was working fine. If i turn the firewall off, the calls go through. I thought had a firewall config that would get it through, but it is not working. I have two questions:

1. Has anyone worked with Untangle and Tivo enough that you have a fix for this issue?

2. Does anyone know the URL for the three web servers that a Tivo communicates with?
I believe if I knew those site addresses, I could config Untangle to not block Tivo.

I would appreciate any assistance that anyone could offer.

Thanks
John
Click to expand...

A quick Google search indicates people using Untangle 15.1 seem to have a problem with the Web Filter breaking TiVo Service connections. Try turning it off and seeing if that helps.

KeepingUp · Jan 8, 2021

lhvetinari said: ↑

A quick Google search indicates people using Untangle 15.1 seem to have a problem with the Web Filter breaking TiVo Service connections. Try turning it off and seeing if that helps.
Click to expand...

Thanks, that works, but I didn't want to just open up the network to intrusion. I also found a way to make the tivo boxes "open", but i would really just like to open up just for the maintenance call.

HerronScott · Jan 10, 2021

KeepingUp said: ↑

Thanks, that works, but I didn't want to just open up the network to intrusion. I also found a way to make the tivo boxes "open", but i would really just like to open up just for the maintenance call.
Click to expand...

From what I'm reading, Web Filter has nothing to do with network intrusion. It's only monitoring and blocking web site access that it deems inappropriate (content versus security).

Web Filter monitors HTTP and HTTPS traffic on your network to filter and log web activities and block inappropriate content. Web Filter also appeals to customers who require an added level of protection or are subject to regulations, for example Web Filter helps libraries comply with the Children's Internet Protection Act). Need to block Pornography or Hate Speech on your network? Web Filter is your answer.

Scott

KeepingUp · Jan 10, 2021

Advertisements

HerronScott said: ↑

From what I'm reading, Web Filter has nothing to do with network intrusion. It's only monitoring and blocking web site access that it deems inappropriate (content versus security).

Web Filter monitors HTTP and HTTPS traffic on your network to filter and log web activities and block inappropriate content. Web Filter also appeals to customers who require an added level of protection or are subject to regulations, for example Web Filter helps libraries comply with the Children's Internet Protection Act). Need to block Pornography or Hate Speech on your network? Web Filter is your answer.

Scott
Click to expand...

That is what i thought also. The web monitor uses "policies" to control access.
Since I am a new user of Untangle, I have not written any policies. I am currently running with web monitor "off". (I only have the default policy) But I have web filter running, which scans traffic for the firewall. The firewall is truly running, I have tested it. In the config for web filter, they have a parameter to pass traffic going to a particular web site, which i would like to implement. That is why i am seeking the Tivo url for the maint call.
Untangle also has a parameter for allowing particular clients to free access to the internet. I have that configured now for the Tivo clients and the maint communications are working OK on all the Tivo boxes. I just think that the parameter to only open up to a particular website is more secure than opening up for any communication by the Tivo app.

Now if i could get Tivo support to help me with the app handling the data once it has been downloaded, I would be a happy camper.

lhvetinari · Jan 11, 2021

KeepingUp said: ↑

That is what i thought also. The web monitor uses "policies" to control access.
Since I am a new user of Untangle, I have not written any policies. I am currently running with web monitor "off". (I only have the default policy) But I have web filter running, which scans traffic for the firewall. The firewall is truly running, I have tested it. In the config for web filter, they have a parameter to pass traffic going to a particular web site, which i would like to implement. That is why i am seeking the Tivo url for the maint call.
Untangle also has a parameter for allowing particular clients to free access to the internet. I have that configured now for the Tivo clients and the maint communications are working OK on all the Tivo boxes. I just think that the parameter to only open up to a particular website is more secure than opening up for any communication by the Tivo app.

Now if i could get Tivo support to help me with the app handling the data once it has been downloaded, I would be a happy camper.
Click to expand...

Try allowing *.tivo.com and *.tivoservice.com through the filter, that should (probably) sort it out.

If I had to punt, I'd say the Untangle system is doing some sort of SSL inspection that is messing with the key/cert, and the TiVo is doing what it should do and failing the update because the keys don't match.

KeepingUp · Jan 11, 2021

Thanks,

the url suggestions are good,
Your "punt" makes sense , I will test it tonight.

HerronScott · Jan 12, 2021

KeepingUp said: ↑

the url suggestions are good,
Your "punt" makes sense , I will test it tonight.
Click to expand...

If the Untangle software is blocking, I would expect there to be a log of what URL it's blocking that the TiVo's are trying to access.

Scott

Log in / Register

Forums

Tivo on Untangle network

KeepingUp New Member

lhvetinari Watching telly, drinking wine - Lily Allen TCF Club

KeepingUp New Member

HerronScott Well-Known Member

KeepingUp New Member

lhvetinari Watching telly, drinking wine - Lily Allen TCF Club

KeepingUp New Member

HerronScott Well-Known Member

Share This Page

Log in / Register

Forums

Members

Help

Useful Searches

Tivo on Untangle network

KeepingUp New Member

lhvetinari Watching telly, drinking wine - Lily Allen TCF Club

KeepingUp New Member

HerronScott Well-Known Member

KeepingUp New Member

lhvetinari Watching telly, drinking wine - Lily Allen TCF Club

KeepingUp New Member

HerronScott Well-Known Member

Share This Page