UPnP Fix for multiple clients/consoles playing the same game
-
@rivageeza : What are your settings?
-
If it's not working for someone, first check that the patch is actually applied. This is what it should look like in the system patches package:
Next, check the ruleset and make sure the nat anchor is there:
$ grep miniupnpd /tmp/rules.debug binat-anchor "miniupnpd" nat-anchor "miniupnpd" rdr-anchor "miniupnpd" anchor "miniupnpd"If you have more than one WAN, make sure UPnP is using the same WAN the clients exit.
-
-
Not related to multiple devices/games, but I applied the patch, removed static port mappings and changed outbound mode to automatic and I can still get open NAT on XBOX.
well done to all involved.
-
@iculookn : what are your setting for this:
System > Advanced > Firewall & NAT:
NAT Reflection mode for port forwards ?
Enable NAT Reflection for 1:1 NAT ?
Enable automatic outbound NAT for Reflection? -
@whiteshadow
System > Advanced > Firewall & NAT:
NAT Reflection mode for port forwards ? DISABLEDEnable NAT Reflection for 1:1 NAT ? UNCHECKED
Enable automatic outbound NAT for Reflection? UNCHECKED
-
Thank you for posting those settings. I went ahead and applied them and rebooted pfsense, and boom it all works all is open.
Currently NAT is set to automatic and then the above settings iculookn pointed out. With those set it seems this patch fixes the issue.
thank you for the fix, and think this piece should be documented. Even though it sounds like a bug to me, when "pure NAT" enabled upnp doesnt work as expected.
"pure nat" disabled and it works perfectly.
-
@marc05 said in UPnP Fix for multiple clients/consoles playing the same game:
@donzalmrol That's certainly odd. Try rebooting the computers/pfSense and then test again. Make sure to remove any manually added Outbound NAT rules.
It seems that I have now a different issue when I upgrade to v2.6.0
https://forum.netgate.com/topic/169884/after-upgrade-inter-v-lan-communication-is-very-slow-on-hyper-v-for-others-wan-speed-is-affected/16?loggedin=trueSo I'll test the UPNP again once my main issue is resolved for Hyper-V.
-
Yea there be some oddness going on. As we switched from Cold War to Vanguard and all the upnp went away for our PC's and we are all strict again. If we switch to Cold War again we are strict.
rebooted pfsense box again and all 3 PC's and still all strict.. Really strange switching game types breas it and then after everything rebooting.. still no resolve. really odd
@DonZalmrol : What are your outboud settings like? automatic or hybrid? what is :
System > Advanced > Firewall & NAT:
NAT Reflection mode for port forwards ?
Enable NAT Reflection for 1:1 NAT ?
Enable automatic outbound NAT for Reflection?my settings:
-
Upgraded to 22.01: rebooted, reinstalled the patch and rebooted after install.
Seems to have resolved my issue.
-
@whiteshadow My settings are as follows.
-
@whiteshadow said in UPnP Fix for multiple clients/consoles playing the same game:
Thank you for posting those settings. I went ahead and applied them and rebooted pfsense, and boom it all works all is open.
Currently NAT is set to automatic and then the above settings iculookn pointed out. With those set it seems this patch fixes the issue.
thank you for the fix, and think this piece should be documented. Even though it sounds like a bug to me, when "pure NAT" enabled upnp doesnt work as expected.
"pure nat" disabled and it works perfectly.
I tried last night without success, but when i disabled "pure NAT" and rebooted firewall. It says open nat in Warzone/PC, but in PS4 it says NAT type 3 and not type 2 for some odd reason.
-
@coraze
can you post matching screenshots that I posted above covering settings -
@rivageeza
hmm so u have outbound like i did with alias with static set... Then u have 1:1 with pure NAT while i didnt...I want to try that, but I have 2 out of 3 PC's showing OPEN. Third always strict... might change to what I had before and add the 1:1 for the pure NAT..
reinstalling on 3rd pc as it was DEV channel windows 11 and couldn't get it working... waiting for small game "cold war" to download to test
-- tested and its working on 3rd pc with "Cold War"
- Haven't changed back to similar settings as @rivageeza : yet
-
Interesting the the NAT reflection options appear to make a difference. I wouldn't expect that to be a factor unless there were also port forwards or 1:1 NAT which overlap what UPnP is trying to do. Something in the reflection rules must be redirecting the traffic as it enters the LAN, while the UPnP rules would only translate traffic as it exits a WAN.
Would be nice if we can narrow down which of those options specifically is interfering and if it is related to port forwarding. If there is a potential for conflict there we can add it to whatever docs we make to cover this.
Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!
Need help fast? Netgate Global Support!
Do not Chat/PM for help!
-
This post is deleted! -
I don't think CoD is the best example to test this. CoD is capable of using multiple udp ports if 3074 is already taken.
If you do Tests with "static Port Mapping", you need Games which need specific Ports like Apex Legends or CS:S (I gues CS:GO too) -
I have multiple Playstation consoles on the same LAN subnet. I've enabled upnp, configured the ACL with the static IP's of the consoles. Whichever console boots up first will get a NAT type 2 (Ideal), the second one to boot up and perform a Test Internet Connection will get a NAT Type 3 (restricted).
I've applied the patch, rebooted the firewall, and removed the static port mapping under Firewall-->NAT-->Outbound.
No Pure NAT, No Nat Reflection etc are currently enabled. So don't think its quite ironed out yet. What logs should I collect?
-
@m0nji it's a good test for me as prior to the patch, I couldn't play on PC and PS5 at the same time.
Without modifying any other setting and applying the patch, the issue is resolved 100%.
Neither the PC or PS5 failed over to a different port, which ever device booted the game first would work and the 2nd device would fail to connect.
Pre patch we could play PS5 and Xbox Series X as the xbox used port 3075 and PS5 would use 3074.
-
@saber : try @rivageeza settings above.
It enables pure nat and reflection and 1:1 and also sets up static ports for gaming pc's/consoles in firewall outbound (easier to do with alias)
Reboot pfsense after and consoles
pc's (shutdown and power up)test
