Nintendo Switch connection issue Error code
-
Hello fellow Netgate community members can you please help?
Everything works on our new Nintendo Switch, Except the final step of the connection test I get an error on upload error displayed is 2160-8052. I even have NAT B Can anyone help?
login-to-view
login-to-view
I have enabled UPnPUPnP works for my XBOX one it shows connections and online games. Nintendo Switch no.
login-to-view
I have created static port mappings for the device.The Nintendo Switch can access Hulu just fine. I have the proxy enabled and it runs fine.
login-to-view
(Firewall is set to disabled for Nat Reflection)I feel I still do not have enough experience with the NAT settings to know if this is set correctly for a simple home set up.
I am running a simple airport in bridge mode for all my lan my wan connects to the wan Dsl modem.
I have a static DHCP mapping for the switch. Snort shows nothing blocked when the tests run.
login-to-view
(Nintendo is set to splice only with custom it fails when it says aborted)login-to-view
(TCP/UDP ports open for the gaming group)Nintendo Switch specific approved ports.
TCP: 6667, 12400, 28910, 29900, 29901, 29920
UDP: 1-65535I can not get it to start the Disney speed game.
-
Also does Nintendo switch normally use cURL out of the box new?
login-to-view
If so I will whitelist it. -
Can anyone please help me with getting a Nintendo switch to work with online games. My Xbox works with UpNp but my Nintendo will not. It testers to NAT type B and after shows good download speed. It fails right at upload. I have static ports set up also.
It runs some games but the connection test fails on upload test
-
-
@JonathanLee You sure?
I got a switch and i log ALL connectivity be it inbound or outbound and pulling up a report for my switch over the last 7 days i dont see STUN.
Lots of 443 and 53 -
@michmoor perhaps you are using portfoward and disabled uPnP in the nintendo Switch ?
What I found problematic is the range ports that Switch needs.. UDP from 1024 to 65535 ??
-
@mcury no port forward here although i do not have UPnP turned on for that vlan.
But i do have a permit any/any for outbound internet access so i wouldve seen the attempt. -
@michmoor said in Nintendo Switch connection issue Error code:
no port forward here although i do not have UPnP turned on for that vlan.
But i do have a permit any/any for outbound internet access so i wouldve seen the attempt.NAT shows open for you with those settings ? I don't think it will and perhaps voice in game for some games wouldn't work..
And what about static outbound NAT, is that enabled for the Switch IP address ?
-
@mcury @JonathanLee I think the questions are for you.
-
I have NAT B with these settings.
I use DNS Unbound forwarder
login-to-view
(UPnP)
login-to-view
(STATIC PORT)My son can play many online games except Disney Speedster
This is the weird result of the test
login-to-view
(NAT B)login-to-view
(FAILS ON UPLOAD SPEED)Lots of games are playable
Does use of google stun.l.google.com require a port forward configured from 3478 to 19302? Or if that is configured inside of UPnP is it already set up to do that?
-
@mcury @michmoor UPnP only works for my XBOX shows NAT open on it
login-to-view
(UPnP RUNNING Xbox shows open nat)login-to-view
(ACL)
login-to-view
(ACL)I do have a proxy the only way the xbox works using both transparent + custom
Does Squid need ACLs? If it does why does xbox still run with out it?
login-to-view
(XBOX NAT OPEN)login-to-view
(SQUID ACLs)login-to-view
(FIREWALL NAT) -
@JonathanLee said in Nintendo Switch connection issue Error code:
Does Squid need ACLs? If it does why does xbox still run with out it?
If squid is showing connection attempts in port 80 or 443 for the Nintendo Switch, you should bypass it from the transparent proxy setting in Squid.
By the way, I would create an IOT network and put these things there.
Disable Squid and Snort in this network, allow everything but not to the internal networks, enable uPnP or enable portforward, latter is preferred.Note that Snort will listen in the parent interface, so this IOT network should be a separate network and not a VLAN, this will help to avoid the waste of CPU cycles in Snort/pfSense.
-
@mcury The switch allows Proxy use, it has options for it where as the Xbox does not. That is what's weird I have no issues with anything in Games except the new Disney racing game. Nintendo does allow you to use a proxy in the LAN settings.
-
@JonathanLee I see, but is there a reason to use proxy in the nintendo switch ?
I don't have one here so I really can't say, perhaps it has a browser that kids could use that you don't want them to use ? -
@mcury Yes I protect the web browser from specific sites. Child Safe system.
(It works great with many games like this)
(F-ZERO X Online 99 players Racing game)
login-to-view
(Proxy use is approved of for Nintendo Switch)Nintendo Does not block proxy use, they approve of it. But this connection test may check for a proxy right? That is why it has NAT B over NAT A but it should still do a upload test ok right?
-
@JonathanLee When you get the error code: 2160-8055 (upload test fails), what shows up in Squid ?
Since you are using transparent proxy, you won't be able to bypass that specific domain, but you can check their network IP range in https://whois.domaintools.com/.
After getting their network range, can you try to bypass that network in Squid settings and test again ?
-
@mcury a simple connection test thats shows good https response
ctest-ul-lp1.cdn.nintendo.net//upload
ctest-dl-lp1.cdn.nintendo.net//downloadboth show ok in proxy too
Maybe . . .
login-to-view stun port forward???
-
@JonathanLee I can see that Squid is intercepting SSL connections.
Can you do a quick test ? Disable SSL interception for one second, test again and confirm the results..Then enable it again.
If the test passes, you would need to bypass that network completely from Squid.
I mean, better to bypass the entire network than a single IP address because they usually change.
-
@mcury it is splice always for Nintendo already so it is transparent for this device
-
@JonathanLee Its sitll passing through the proxy.
Can you set this up so it doesnt use the proxy at all. Have it hit a firewall rule instead.?