<![CDATA[UPnP & Static NAT but still NAT: Moderate CoD BO2?]]>I've set the machine I use Steam on to a static IP, and given it and only it UPnP:

Enable UPnP
Allow Port Mapping
External: WAN
Interface: Guest LAN
Traffic Shaping: qGames
Log Packets
Uptime
Default Deny
ACL Entry: allow 1024-65535 192.168.16.7 1024-65535 (I initially tried 1-65535 on both, but it was still Moderate)

Outbound NAT Rule:

WAN
TCP/UDP
SOURCE: Network, 192.168.16.7/32
Destination: any 3074:3076
Translation: Interface Address
Static Port

I flush the states, and restart the game and still at NAT: Moderate

What else is there to do?

]]>https://forum.netgate.com/topic/111935/upnp-static-nat-but-still-nat-moderate-cod-bo2RSS for NodeSun, 14 Jun 2026 12:54:18 GMTTue, 21 Feb 2017 19:59:37 GMT60<![CDATA[Reply to UPnP & Static NAT but still NAT: Moderate CoD BO2? on Tue, 21 Feb 2017 23:32:11 GMT]]>Probably be good to post some screen shots of your config.

Step 1. DHCP Static Mapping
Step 2. Outbound NAT rule & mapping order (put it at the top)
Step 3. NAT Port forwards
Step 4. UPnP Config
Step 5. Firewall rules

At a minimum, your firewall rules should allow traffic to port 1900 for the uPnP SSDP discovery broadcast, and to port 2189 to talk to the miniupnpd server

Also, to diagnose this, you can either do a Diagnostics - Packet Capture on your PC and comb through the capture to map out your traffic OR setup a Floating Match rule to log all traffic in & out of your PC into the firewall log.  Then correlate those to WAN block/pass events.

]]>https://forum.netgate.com/post/681561https://forum.netgate.com/post/681561Tue, 21 Feb 2017 23:32:11 GMT<![CDATA[Reply to UPnP & Static NAT but still NAT: Moderate CoD BO2? on Tue, 21 Feb 2017 22:37:24 GMT]]>Still Moderate, however, on Status / UPnP there is nothing.

What am I doing wrong there?

]]>https://forum.netgate.com/post/681548https://forum.netgate.com/post/681548Tue, 21 Feb 2017 22:37:24 GMT<![CDATA[Reply to UPnP & Static NAT but still NAT: Moderate CoD BO2? on Tue, 21 Feb 2017 22:19:49 GMT]]>Thanks, I see one from 3075 to 3074 getting blocked, assume that's no different. So inbound port forward to 3074 on the PC and a firewall rule? I'll try that!

]]>https://forum.netgate.com/post/681541https://forum.netgate.com/post/681541Tue, 21 Feb 2017 22:19:49 GMT<![CDATA[Reply to UPnP & Static NAT but still NAT: Moderate CoD BO2? on Tue, 21 Feb 2017 22:04:06 GMT]]>This sounds eerily similar to this topic: https://forum.pfsense.org/index.php?topic=124988.0

What port(s) is your PC getting in Status/UPnP when running CoD?  3074?

When you first start CoD - do you see 1 entry in your firewall log on the WAN interface with a Block of an unsolicited inbound packet from a demonware server on port 3075 to your public IP address on port 3076?  If so, add an inbound port forward for 3076 to your PC (along with the associated firewall rule).

Also, don't limit your outbound nat rule to only port 3074:3076 on the destination…leave that port field blank.

]]>https://forum.netgate.com/post/681536https://forum.netgate.com/post/681536Tue, 21 Feb 2017 22:04:06 GMT