Do these port forwards look correct based on these requirements?
-
That all looks fine except for that one for LAN address. I'd delete that. All you need for the outbound traffic is a pass rule on LAN that allows outbound UDP on 3000 - 3001. Probably already done by the default rule.
-
I find it unlikely that 80 and 443 are required inbound.. These ports are blocked by many ISPs - requirement of these ports to play a game inbound seems counter to happy players.
-
I find it unlikely that 80 and 443 are required inbound.. These ports are blocked by many ISPs - requirement of these ports to play a game inbound seems counter to happy players.
I had thought the same thing last night so I disabled those.
-
I just downloaded the launcher - and all those port seem to be outbound. I fired it up and I see 80 and 14000 outbound.
It makes no sense that a launcher that can use a proxy. You can see it in the settings you can set a proxy would have any inbound traffic requirements.
I find it amazing the complete lack of details on some game support pages on what ports, clearly stated inbound or outbound.. They just state ports, etc.
-
Just to clarify, since I'm not really familiar with port forwarding, all my rules in the above screenshot are inbound?
-
Yes a port forward says hey something hitting my public IP, that I did NOT ASK for.. ie its not return traffic.. Just some random IP on the public internet going to your public IP on 3389 would be forwarded to your 10.0.0.15 box.
BTW - not really a good idea to have rdp open to the public internet.
You could prob get rid of those bottom 5 rules - I find it highly unlikely that launcher that has proxy support needs inbound traffic. Everything should be in answer to something the launcher requested and thus allowed by the state the firewall creates when you went oubound and created the connection.
-
I deleted the RDP rule and disabled the launcher rules.
-
I found a possible fix for this game, but I'm not sure if this is opening up security holes for me…
https://forum.pfsense.org/index.php?topic=73012.0
I know my NAT type was labeled "Strict" by the PC version of Call of Duty : Advanced Warfare and someone in The Crew subreddit mentioned my NAT may be the issue here. I followed that guide, rebooted my pfSense box, loaded up the game and tested. I'm seeing players and getting quick PVP matches now so the issue appears to be fixed.
Anything I should be aware of with this "fix?"
-
What using UPnP?
-
Apparently this game is. All my networking issues in the game have disappeared after opening NAT.
-
Huh? Dude no opening ports to your console is not a security issue. Now what ports are actually listed as being used.. Look under status UPnP and it will show you what ports were opened.
-
Huh? Dude no opening ports to your console is not a security issue. Now what ports are actually listed as being used.. Look under status UPnP and it will show you what ports were opened.
This is to my PC, no consoles here. Here us UPnP status while The Crew is running…
3074 udp 192.168.1.10 3074 DemonwarePortMapping
18857 udp 192.168.1.10 18857 Skype UDP at 192.168.1.10:18857 (2897)
18857 tcp 192.168.1.10 18857 Skype TCP at 192.168.1.10:18857 (2897) -
well sure looks like only 3074 udp to me.. that other port is skype - are you running skype?
3074 is not listed in your first port forwards. So that would explain why its now working with UPnP, you had the wrong ports open.
-
well sure looks like only 3074 udp to me.. that other port is skype - are you running skype?
3074 is not listed in your first port forwards. So that would explain why its now working with UPnP, you had the wrong ports open.
Those ports I opened were directly from Ubisoft's website. They never mentioned 3074.
-
Well they missed it clearly ;) Not the first time KB articles about what ports to use are completely nonsense. Like how they state 80 and 443 and 53, etc.. And make it seem like those need to be inbound vs just outbound ports.
Clearly UPnP opened 3074, no other ports are listed other than that skype, turn off skype and see if that goes away. Just play your game and look what ports are forwarded.. Then turn off UPnP and forward the port(s).
-
Those two skype ports and the 3074 port are the only ones showing up in the list. I turned the UPnP back off, set the NAT Outbound back to auto, created a new port forward for 3074 UDP, and launched the game. I can't tell if this is affecting the game yet.
-
I'm only seeing one person on the map. After a few minutes that did not change, so it looks like I need all that other stuff set in pfSense. I'm not seeing any traffic going out over 3000 or 3074 in firewall log, only 3001.
-
Dude - remove all your forwards. Enable UPnP - does it work now? What parts are in use.
Disable UPnP and put in the forwards manual. Or just leave UPnP on.. You do not need both for it to work.. either UPnP will work, or you correctly forward the ports. You do not need both.
