Unable to stream video over Intel Wireless Display (WiDi) with Endpoint Security Firewall

Technical Articles ID: KB94957
Last Modified: 10/5/2021

Environment

McAfee Endpoint Security (ENS) Firewall 10.x

Affected Hardware:
Intel Wireless Display (WiDi) capable computers

Related Technologies
Intel WiDi
Wi-Fi Alliance MiraCast
Wi-Fi Alliance Wi-Fi Direct

Problem

WiDi-enabled computers are unable to stream video when ENS Firewall is installed and enabled. The computer can't detect or connect to WiDi devices.

Cause

WiDi creates an ad hoc wireless network between the computer and the display device. This network uses an independent network ID that is unknown to the ENS Firewall. Without a network rule, the ENS Firewall blocks network connections, including WiDi traffic.

Solution

You must create an allow rule. One of the following prerequisites is needed to create an allow rule:

An IP subnet mask
Or
A process name

Example: Subnet 192.168.173.0/24 or process name WUDFHost.exe.

The allow rule doesn't work if you don't provide an appropriate IP subnet mask or process name when you create the rule. For example, suppose that the process name is set to SVCHOST or the IP subnet mask is set to 0.0.0.0. In this case, the allow rule doesn't work effectively because the configured process name and the IP subnet mask aren’t accurate.

To create network rules that WiDi can use when creating the ad hoc wireless network:

NOTES:

You must create these rules alongside the existing rules. Don't remove any existing rules.
If the below details don't work, review the ENS Firewall %DEFLOGDIR%\FirewallEventMonitor.log file to identify any differences related to network values or executable details that might vary.
Verify that the Log all blocked traffic option is enabled in the Firewall Options policy under Tuning Options if log review is needed.

Log on to the ePolicy Orchestrator (ePO) server.
Click Policy Catalog.
For the Product, select Endpoint Security Firewall.
For the Category, select Rules (User-Based Policy).
Identify the appropriate Firewall Rules policy to edit for the affected system with this issue and click the EDIT action for that policy.
Click Add Rule to create a rule and configure the following settings:
- Name: Allow WIDI
- Status: Enable
- Actions: Allow
- Direction: Either
- Network Protocol: IP Protocol -> IPv4 protocol
- Specify networks: Click Add (Local) and add a new local network entry:
  - Name: WIDI IP range
  - IP address: Subnet 192.168.173.0/24
    
    NOTE: If the above subnet doesn't work, try 192.168.16.0/24 or 192.168.179.0/24.
- Transport Protocol: All Protocols
- Application: Click Add and add new application/executable details:
  - Name: WUDFHost.exe
  - Executable: New
    - Name: Specify networks
    - Add Path/Filename that matches for WUDFHost.exe. You can also use File Description, MD5 hash, and Signer (if you want), but the details much match the executable correctly for the firewall rule to work properly.
Save the firewall rule changes, send the updated firewall policy to the affected client, and then retest.

Related Information

For more information about WiDi, see the Intel Support page for WiD.

Affected Products

Configuration
Endpoint Security Firewall 10.7.x
Endpoint Security Firewall 10.6.x

Glossary of Technical Terms

Highlight Glossary Terms

Please take a moment to browse our Glossary of Technical Terms.

Knowledge Center

Unable to stream video over Intel Wireless Display (WiDi) with Endpoint Security Firewall

Environment

Problem

Cause

Solution

Related Information

Affected Products

Glossary of Technical Terms

Title

Title

Knowledge Center

Unable to stream video over Intel Wireless Display (WiDi) with Endpoint Security Firewall

Environment

Problem

Cause

Solution

Related Information

Affected Products

Glossary of Technical Terms

Choose your region

Title

Title