Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Port Forwarding certain ports to bypass vpn problem

    Scheduled Pinned Locked Moved OpenVPN
    2 Posts 2 Posters 936 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      garyhost
      last edited by

      Hi pfsense community. I'm looking for some help regarding port forwarding.

      I'd like to open up the ports my games uses to not go through the vpn connection, in order to avoid latency and loss problems I just want it to go straight via the isp wan.

      In this case the official statement from blizzard claims their games uses ports on tcp/udp 1119, 6113, 1120, 80, and 3724.

      Through pfsense interface I've set up following:
      http://oi62.tinypic.com/5wa0qh.jpg
      (10.220.0.3 is my static)

      I am however still experiencing latency and package losses ingame, so I'm still connected over vpn - what am I missing here? Any help is appreciated.
      Best Regards

      1 Reply Last reply Reply Quote 0
      • DerelictD
        Derelict LAYER 8 Netgate
        last edited by

        It is unclear to me if all those ports correspond to outbound destination ports or just the inbound ports that need to be forwarded.

        You might have better luck identifying the traffic you want to go out the VPN, checking Don't pull routes in the VPN client config (thereby not accepting a default route from the VPN provider), and routing specific traffic to the VPN instead of trying to exclude games from the VPN.

        Either way, you need to pick a default route (either your WAN or the VPN), identify the exceptions, and policy route that traffic accordingly.  The traffic easiest to identify should be the exceptional traffic, with everything else going to the default gateway.

        Also, look at these:

        https://doc.pfsense.org/index.php/Firewall_Rule_Processing_Order

        https://doc.pfsense.org/index.php/Firewall_Rule_Troubleshooting

        That last rule on LAN will never be processed because the rules above it will match first.

        How to identify traffic for Blizzard might be better asked in the Games forum.

        Chattanooga, Tennessee, USA
        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
        DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.