PFSense on gaming local
estebanbtf last edited by
Hello everybody. This is my very first post… I apologize by my English... I know it's bad... bad... bad...
I'm needing help on configuring a PFSense that is going to be as firewall/router on a gaming store (in my country we call it a "cibercafé").
First of all, I'll describe the CPU that the owners give to me:
Microprocessor: Intel Celeron 1.8Ghz (I don't like Celeron, but well, it's what I have, with time will try change it for a Pentium processor).
RAM memory: 256Mb DDR333
Hard disk: 30Gb IDE
Ethernet WAN and LAN: 3COM 3C905-TX (10/100)
Internet service: 5Mbits/s national / 3Mbits/s international (down and up both)
Network: Gigabit with UTP Cat.6, every PC (40 in total) connected to a Linksys SLM2048 switch. Static IP on it (192.168.0.0/24), the Gateway will be the PFSense (192.168.0.1).
Priorities: 1- Online gaming as the top priority
2- Messengers and web navigation as secondary priority
3- p2p very reduced bandwidth
At this point I installed and configured PFSense, and make some changes:
* SSH access enabled (for emergencies when I cannot access via webGUI)
* webGUI access changed to HTTPS
* Add a WAN rule HTTPS port (for accessing from my home)
* BandwidhtD installed (just for occasional control)
Last of all, I run the Traffic Shaper wizard:
Download: 3072Kbits/s (used the international parameters instead of the national 5Mbits/s parameters)
Prioritize VoIP: DISABLED
Penalize IP or Alias: DISABLED (thinking in use it in a future, but not right now)
Lower priority for p2p traffic: ENABLED
p2p CatchAll: DISABLED (I'm afraid it going to interfere with some games connection)
All protocols marked up
Prioritize network gaming traffic: ENABLED
All games marked up
I havent marked the Xbox 360 support because we'll never use it
Other networking protocols: ENABLED
MSN, TeamSpeak and HTTP changed to Higher Priority
The games list of Traffic Shaper doesn't show the whole games list we've installed, hence I ask if I need to create NAT entries for the other games that doesn't listed, or it is just necessary for hosting games that must be visible from outside the internal network.
So, my three questions are:
* ¿It's really necessary to create NAT entries for every game? (even if I'm not interested in hosting games visible from the internet)
* ¿Do you have any recommendation in the PFSense configuration? (beside the processor change)
* ¿The use of protocol obfuscation in some p2p clients left the Traffic Shaper control useless?
I'll appreciate every help, since this is my first router configuration for gaming (and my first post wrote in English... or BAD English).
I hope you could understand me.