New COD MWII Blocked By pfSense

EmJeezy

@johnpoz Good questions. Exploring your suggestions and will have a response soon. Thanks John, this has been a pain!

johnpoz

@emjeezy If your not doing anything with pfblocker or IPS, and are not running proxy. I would prob start with a packet capture, under diagnostics.

Filter it on your device that trying to login.. Set the limit to 0 so you not limited to 100 packets. Close down all other connections are your pc, don't have like 50 tabs open in your browser for example. Anything else that might be phoning home, or other apps running that make outbound connections. I would flush the local machines dns cache, ipconfig /flushdns on a windows machine. Open your browser (make sure its not using doh for dns).. Or run the application that lets you login. Launch the game..

Then try and connect.. Is any traffic actually blocked with logs? I wouldn't think so if your using the any any default rule. Let it try for a bit.. Then take a look at your packet capture. Do you see any dns that didn't get answered? Any connection attempts (syn) that didn't get back a syn,ack.

Any outbound UDP? that doesn't see to get a response.

Post up this pcap if you want others to take a look at what could be failing.

rcoleman-netgate

@johnpoz I would also start from a clean firewall slate... no special rules, no ports forwarded, check your Outbound NAT to make sure it's clean, etc.

johnpoz

@rcoleman-netgate I would concur.. should be pretty much a default install..

EmJeezy

@johnpoz

When you use vpn, do you use different dns.
not explicitly no. On my hardline connection, my sg1100 provides DNS (using google 8.8.8.8)

Are you running anything pfsense like ips, or proxy, blocking dns with lists with pfblocker.
I do have pfblocker but it has been disabled for a long time. No other proxy or ips set up

Are you filtering outbound traffic? Or are you using the default any any rule?
firewall>nat>outbound setting, i am not filtering outbound. Only using default any any rule.

I would think if there was something odd with this new game and even logging in with pfsense - then wouldn't the forum be on fire with people having issues, also on other social media. I can't believe your like the 1 user using pfsense wanting to play this new game ;) hehehe

yah for sure. At first i thought it may be a network wide problem on activision end and in relation to the NEW COD MWII,but yah, quickly found I seem to be the only one having this odd issue ;-/

Ran a packet capture on my gaming pc LAN IP, while trying to connect to COD MWII ->

pcap is attached. packetcapture(1).pcap

johnpoz

@emjeezy your pcap isn't actually attached, I can not download it.

You want to use the file upload, not image and might need to change to .pcap extension vs .cap

NTLM-wenchao.pcap

test cap

NTLM-wenchao.cap

Testing file upload of pcap or .cap they seem to be working.

Make sure you use file not image

EmJeezy

@rcoleman-netgate firewall is mostly default config, lightly configured. Will keep in mind though, ty.

johnpoz

@emjeezy that capture shows no connections at all to anything external

And looks like you are limited to 100 packets.. But there is no info in that pcap that would help.. Since your not trying to go anywhere other than 172.16.25.2 which sure isn't a internet IP.

You have some remote desktop connection in that sniff - I see the RDP 3389

EmJeezy

@johnpoz i think the pcap i need to do is WAN and not local. Problem is with the WAN pcap i cannot filter (at least not from pfsense) on the local IP.

johnpoz

@emjeezy no lan is fine.. That sniff has zero traffic going to any internet address in it.. To get to the internet you have to send it to pfsense right? But pfsense isn't seeing any traffic going to the internet in that sniff.

EmJeezy

@johnpoz

You have some remote desktop connection in that sniff - I see the RDP 3389
yes i am remoted onto my gaming pc right now

Trying the pcap again on lan..

johnpoz

@emjeezy nor did see even any dns queries in that sniff. Only thing see in there is part of remote desktop connection.

You most likely filled up your sniff before you even started anything because you didn't change the limit from 100 to 0

EmJeezy

@johnpoz said in New COD MWII Blocked By pfSense:

You most likely filled up your sniff before you even started anything because you didn't change the limit from 100 to 0

right, i forgot to change the 'count' to 0. changed it now and running another pcap while trying to connect to COD..

johnpoz

@emjeezy make sure you flushed the clients local dns cache as well - so we can see if any dns queries it asks for are not being answered.

EmJeezy

@johnpoz

copy. will do.

EmJeezy

@johnpoz So fighting the pcap size, too large to upload here. Set count to a thousand packets and ran. Hopefully it captured some useful traffic. updated pcap attached.

packetcapture(2).pcap

johnpoz

@emjeezy well can see no dns responses for stuff being asked for

EmJeezy

@johnpoz humm..yah thats my machine asking my firewall for dns..thats normal. Wonder why my firwewall would fail to answer. I have 8.8.8.8 set as primary and 9.9.9.9 as 2ndary dns server.

rcoleman-netgate

@emjeezy What is DNS Resolver set up for?
And System->General for the DNS calls?

EmJeezy

@rcoleman-netgate

mine is set to:

I will say i do have my dns resolver enabled too ->