Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Question about outbound NAT rule's static port range.

    General pfSense Questions
    2
    4
    488
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Y
      yunan
      last edited by

      I just come to Pfsense about two weeks ago. The official document and forum help me a lot for configuring my router.

      Here is a question about how to config the static port range for outbound NAT.

      I solved the strict NAT problem for gaming using Upnp and a outbound NAT rule including my computer with static ports *.
      Is there a smaller static port range to achieve same purpose?

      I have tried to use 49152:65535, and windows xbox network check told me the NAT type is open.
      I also notice some article on internet suggest to include some other ports, example 3074 for xbox. So how can I set these port range properly for gaming?

      Thanks.

      1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by

        What rule are actually using now?

        If it's just outbound NAT from one internal IP you can use static source ports for all ports without an issue. There's no need to restrict it to a range. It would only conflict with itself which shouldn't be possible.

        Steve

        Y 1 Reply Last reply Reply Quote 0
        • Y
          yunan @stephenw10
          last edited by yunan

          @stephenw10 Thanks for replying.

          Right now the outbound rule is:
          Source host: alia of the clients need nat type open for gaming (2pc, playstaion and a switch),
          port: tcp/udp:*
          Destination: all is *
          NAT port *, static port: yes

          Considering gaming quality, I should use * for source port. But to avoid NAT Collisions, I want to restrict these port range.
          Best way maybe dynamicly set the upnp port of the client to static nat port. Sadly there is no such option.

          1 Reply Last reply Reply Quote 0
          • stephenw10S
            stephenw10 Netgate Administrator
            last edited by

            There is a patch for 22.01/2.6 to fix the outbound NAT (masquerade) function of miniupnpd you may want to test:
            https://forum.netgate.com/topic/169837/upnp-fix-for-multiple-clients-consoles-playing-the-same-game

            It's in the recommended patches list in the System Patches package.

            Steve

            1 Reply Last reply Reply Quote 0
            • First post
              Last post