well there ya go. Either do the upnp limited to only the xbox as I did, or combine that with your own vlan for your xbox, or if you are crazy about securing this further, get another network interface and hook up the xbox (or any number of xboxes with a switch) to an entirely different subnet and set rules in pfsense to allow internet only, not the rest of your network. essentially, you are doing that with the vlan already :)

hmm.  I watch the firewall, it shows the blocked connection, but it is the same as what I have for forwarding.

what do i do if my counter works slow?

There are many bandwidth testing tools, though really to get a really representative test you need 300 test clients that behave the same as your real clients. This wikipedia page contains a useful starting list.

That said, have you read the hardware sizing guide? The bandwidth you have available, the services you're running and the typical usage by these 300 clients matters more than the raw number of clients. For instance, 300 people using IRC and P2P programs and heavy web browsing will have a very different impact than 300 people who check their email a few times a day.

The Realtek and 3com should be supported under ALTQ.

@TS:  Can you verify that the default allow any LAN NAT rule is in place?

Just follow the XBox tutorial, same instructions.  Personally I use the UPnP method for the 2 XBoxes and 2 PS3s running in my home.

http://forum.pfsense.org/index.php/topic,13887.0.html

@JaY_III:

I have no issues with steam at all and i did not have to open any ports for it.

Are you sure you even needed any ports opened once you reset your firewall.

Under LAN steam works without any ports opened/forwarded, it's not the same for LAN2 everything is locked down.

Allow all outgoing connections, log it, fire up SC2, and then view the log and see what ports are being used. I'm going to assume it's a dynamic range and you're in for a full, full log file. (For any updates through the blizzard downloader)

@mastablastaz:

@Jahntassa:

@mastablastaz:

Any ideas guys?

Personally i'd be less restrictive with pfSense and utilize a software firewall like Comodo to block unwanted outgoing stuff. Blizzard likes using Bittorrent and other such fun things for doing updates, and aren't always forthcoming with all the ports / connections they use. Generally they assume (which I would as well) that most setups are fairly unrestricted outbound, or using software firewalls with program-based rulesets.

Well, I just open everything outbound when playing games (still have kaspersky internet security on) and close everything up againg when Im not on my computer.

Thanks for your input.

I just viewed it.

I did try those settings, but they only work for 1 xbox.

Im talking about multiple xbox's. Ive tried adding port forwards for the 2nd and on xbox and nothing works.

The one who's ip is entered manually into the UPNP works perfect all the time, but in this case, mine works great but my brothers doesnt get open.

So how do we conquer multiple xbox's?

@ImageJPEG:

Sorry for the third post. I'm posting this from my PS3. So I found out it's not my pfSense box. I connected my PS3 straight to my firewall and it says UPnP is avalable AND I have a Type 2 NAT. Now I just have to figure out what's going on with this Belkin AP…grr. By the way, I've been doing some trial and error things with this which may explain why I've posted three times (four if you include my first topic starter). Hope this helps with helping me.

Try the config per my post in the sticky thread.  Just be sure to disable UPnP.

@vronp:

I've found about 5 different threads that post a "method that works" yet none of them work for me on 1.2.3.

Try the config per my post in the sticky thread.  Just be sure to disable UPnP.

heh, I think I got it… in the properties tab, the virtual nic had eset nod32's firewall checked and I think that was causing the problem. I reinstalled vmware while I was at it, so I can't confirm whether eset was the culprit, but I'm just glad to know that pfsense was always rock solid and this was a pebkac ;) thanks everyone, problems solved

I only noticed that eset was enabled on the virtual nic's when I was reconfiguring the vmware virtual network editor, and I noticed it said eset was enabled right next to the name of the nic. I didn't think that installing eset would of caused this. It's probably because I modified the regular eset installer so that it'd think it was a enterprise edition so I could get it to install on 2k8r2 properly.

Old thread I know, but wanted to clear a few things up (for future references).

Steam uses certain ports for their master list.
TCP:  27014-27050
UDP: 4380, 27000-27030

I ran into this problem a long time ago when hosting a server from my house, but now that I don't really block many ports, I kind of forgot about it.
So this may or may not fix your problem.

Make sure UPnP is turned off on both ends. I've never been able to get an AOE II game to work correctly when having it enabled.