NAT Type 3 on PS4 - I've tried everything I can think of
-
You've really confused me here.
You dont like Static Port open Outbound for everything coming from the LAN.
Fine, I get that. So I start setting up NAT for allowing only ports used by the PS4 and the game to Outside.
But that doesnt make sense because after all that comes the any/any rule for traffic coming in on LAN going everywhere.
But setting up Rules is even more so no workable as you can't set port ranges there.So what is so wrong with me having port forwarding specific ports to the PS4, but allowing only traffic coming from the PS4 to have Static Port enabled?
What am I missing now?
-
SO I was experiencing this issue to and I thought I would post what I did to get around this problem. As it stands, from reading up on the PS4 since I play destiny as well, the PS4 needs uPnP for certain functions. The problem has two parts. The first pfSense does not automatically turn this setting on and you must enable it as well and the first option below it (i'll post the name when I get home) so that pfsense will respond to uPnP requests. The second part of the problem is the PS4 itself; which provides no setting to enable or disable uPnP. What the PS4 attempts to do is negotiate the connection on startup. What must be done each time you hop onto play on PSN is start your game and wait till you receive the TYPE-3 NAT notice. Once you see it, press the play station button and go to the settings\network and click test connection. What this does is force the PS4 to renegotiate the connection with the game running. You will be disconnected from the server while running the test and when you start the game back up you should at least have a type 2 NAT.
-
You don't need UPnP, just forward the correct ports and set them as static in outbound.
Som games might require additional ports. If you need additional ports, just add them in the alias page.PS4 in the pictures is your static PS4 IP on your LAN.
 -
Or you can use my settings without having to much port forwards in it so here's my screenshot for my currently settings if you want to try this first. It will work with everything, like as PSN, Xbox Live, Steam, etc. in every devices on LAN.
 -
Tried your settings… Did not work. So I read into the issue and discovered that most game consoles including PS4 required Upnp. The PS4 however provides no option to change its own setting so you have to force the console to renegotiate its own connection therefor resolving it's own issue. Since reading this and doing as I have posted, I have no more issues with NAT 3. With your settings, I still had NAT 3. The router is not the issue, it is the console itself. Therefor opening up ports that weaken the security that pfsense provides is a bad idea.
Just incase I trying to apply your setting wrong. Can you explain the steps you took in the above graphic?
-
It is simple. I was installed latest pfsense and setting up like this way. Here's how I process with NAT setting and also UPNP.
This is what I am getting NAT Type 2 and UPNP is available at all depending on how your way as configuration. Also I don't need any port forward. You can delete any port forward and it will work if you do same as mine.
-
It is simple. I was installed latest pfsense and setting up like this way. Here's how I process with NAT setting and also UPNP.
This is what I am getting NAT Type 2 and UPNP is available at all depending on how your way as configuration. Also I don't need any port forward. You can delete any port forward and it will work if you do same as mine.
I'm going to ship you +1 internet when I get the chance,
This solved my NAT type 3 internet issues with Destiny and my PS4 altogether.
Thanks a bunch guardian! -
Doing this outbound rule…Does it leave any ports open once your logged of say the PS4?
-
Open ports are only an issue if there is a service listening on that port.
-
Just to point in a different direction - I had a similar issue and couldn't find a fix for it. In the end it was the switch and the setting of the "IGMP Snooping" that don't let me get the nat type. Maybe have a look at it.
-
It is simple. I was installed latest pfsense and setting up like this way. Here's how I process with NAT setting and also UPNP.
This is what I am getting NAT Type 2 and UPNP is available at all depending on how your way as configuration. Also I don't need any port forward. You can delete any port forward and it will work if you do same as mine.
Sorry for the necro but that works perfectly. Had some PS4s that needed to be connected , just put them on our guest VLAN and enabled this , sorted.
Does PfSence have a user editable wiki , may be worth you putting that in there as this simple fix is hard to find through the googles
-
Just wanted to point out that this resolved the issue for me.
https://www.reddit.com/r/PFSENSE/comments/2uc645/need_help_getting_open_nat_on_ps4/coltde7
Things Required.
1: An unchanging IP address for the PS4 (dhcp static mapping).
2: UPNP enabled.
3: NO manually created port forwards to the PS4.
4:A rule in "Firewall: NAT: Outbound" specific to outbound UDP traffic from the PS4 that has the "Static Port" option enabled. The STUN-based networking that PS4/Destiny want to use cannot work with PFSense's default behaviour of randomizing source ports.
-
Just to point in a different direction - I had a similar issue and couldn't find a fix for it. In the end it was the switch and the setting of the "IGMP Snooping" that don't let me get the nat type. Maybe have a look at it.
I had the same issue. UPnP uses multicast and since pfsense does not appear to IGMP join the UPnP channel the switch will block all UPnP requests to it. Turn off IGMP snooping if you have a managed switch that uses it (many do by default), unless you know you need it.
-
I know this is an old thread, but if it helps people in the future, I just wanted to say:
Thanks mate, your solution worked perfectly!
-
yup for me too.. thanks.
-
@geeklex: awesome, I'd've never been able to figure this out on my own.
btw. PS4 connection test shows NAT 2 even if UPNP is disabled. Let's see how this goes in the games
-
Just wanted to point out that this resolved the issue for me.
https://www.reddit.com/r/PFSENSE/comments/2uc645/need_help_getting_open_nat_on_ps4/coltde7
Things Required.
1: An unchanging IP address for the PS4 (dhcp static mapping).
2: UPNP enabled.
3: NO manually created port forwards to the PS4.
4:A rule in "Firewall: NAT: Outbound" specific to outbound UDP traffic from the PS4 that has the "Static Port" option enabled. The STUN-based networking that PS4/Destiny want to use cannot work with PFSense's default behaviour of randomizing source ports.Anyone able to help me with the Firewall: NAT: Outbound rule? Not quite enough details in this post for me to understand what boxes to check/ fill in. Also, I was able to pull a NAT Type 2 on my PS4 with just the first three steps done here (really just 1 & 2 since I didn't have any unique firewall rules). We'll see if that holds up when I try voice chatting/ party play.
-
Instead of setting Static IPs for consoles so you can make special Outbound NAT Rules, what I do is just set Outbound NAT to "Manual Outbound NAT" and change the "Auto created rule - LAN to WAN" and enable Static Port for the whole subnet. There is little reason or benefit to have random source ports anyways and this solves quite a few things, not just for consoles.
-
Instead of setting Static IPs for consoles so you can make special Outbound NAT Rules, what I do is just set Outbound NAT to "Manual Outbound NAT" and change the "Auto created rule - LAN to WAN" and enable Static Port for the whole subnet. There is little reason or benefit to have random source ports anyways and this solves quite a few things, not just for consoles.
Okay – I went into Firewall -- NAT -- Outbound and changed it to Manual Outbound NAT rule generation. I left all of the other rules alone, except the very last rule (description says Auto Created rule - LAN to WAN) and...the only thing I changed in here was under Translation I clicked the box "Static Port". Is that correct? I have "no idea" what I'm actually doing when I do this, so we'll see how it goes.
I was able to successfully get (prior to doing this) my PS4 to grab a Type 2 NAT and 50 Mbps (my purchased bandwidth) on the internet connection test, but when I tried to play some BF4 I experienced extreme latency (lag/high ping) when playing online -- even tried different servers. I regrettably plugged my Verizon router back in and of course, everything worked perfectly. Ugh.
Thanks for your help! We'll see if this helps with my ping.
-
You need to do it correctly for it to work. Please post a pic of your outbound NAT config and also post your game consoles IP.
