UPnP & Static NAT but still NAT: Moderate CoD BO2?
I've set the machine I use Steam on to a static IP, and given it and only it UPnP:
Allow Port Mapping
Interface: Guest LAN
Traffic Shaping: qGames
ACL Entry: allow 1024-65535 192.168.16.7 1024-65535 (I initially tried 1-65535 on both, but it was still Moderate)
Outbound NAT Rule:
SOURCE: Network, 192.168.16.7/32
Destination: any 3074:3076
Translation: Interface Address
I flush the states, and restart the game and still at NAT: Moderate
What else is there to do?
This sounds eerily similar to this topic: https://forum.pfsense.org/index.php?topic=124988.0
What port(s) is your PC getting in Status/UPnP when running CoD? 3074?
When you first start CoD - do you see 1 entry in your firewall log on the WAN interface with a Block of an unsolicited inbound packet from a demonware server on port 3075 to your public IP address on port 3076? If so, add an inbound port forward for 3076 to your PC (along with the associated firewall rule).
Also, don't limit your outbound nat rule to only port 3074:3076 on the destination…leave that port field blank.
Thanks, I see one from 3075 to 3074 getting blocked, assume that's no different. So inbound port forward to 3074 on the PC and a firewall rule? I'll try that!
Still Moderate, however, on Status / UPnP there is nothing.
What am I doing wrong there?
Probably be good to post some screen shots of your config.
Step 1. DHCP Static Mapping
Step 2. Outbound NAT rule & mapping order (put it at the top)
Step 3. NAT Port forwards
Step 4. UPnP Config
Step 5. Firewall rules
At a minimum, your firewall rules should allow traffic to port 1900 for the uPnP SSDP discovery broadcast, and to port 2189 to talk to the miniupnpd server
Also, to diagnose this, you can either do a Diagnostics - Packet Capture on your PC and comb through the capture to map out your traffic OR setup a Floating Match rule to log all traffic in & out of your PC into the firewall log. Then correlate those to WAN block/pass events.