UPnP issue: sessions not showing up in status screen
-
I have set up UPnP and Hybrid NAT with static port mapping for my gaming PCs.
I can see my NAT Type as Moderate, but when I go to the UPnP status screen, I don't see any sessions.Questions:
- Why aren't my UPnP sessions showing up?
- How can I get Open NAT (vs Moderate)?
I am running pfSense 2.5.2
Some information about the configuration:Using Pure NAT with "Enable automatic outbound NAT for Reflection"
UPnP enabled with "Allow UPnP Port Mapping", "Allow NAT-PMP Port Mapping" and "Deny access to UPnP & NAT-PMP by default."
Each gaming device has a allow rule in the UPnP configuration for a given port range.
NAT type is set to Hybrid and I have rules for gaming system alias to do static port mapping.I get always the same static IP from my ISP with no port restrictions.
-
The most common reason for UPnP not working is double NAT. Is your pfSense WAN using a public IP directly?
Try just allowing any UPnP, disable the default deny. Does it create sessions then?
Steve
-
@stephenw10 yes, WAN is using a public IP (my ISP router is in bridge mode).
Using upnpc client I see that I can request ports to be opened which then show up in the UPnP status page, so I'm guessing it's a game application thing... I have created manual port forwarding rules for the games, but still getting moderate NAT.
Not sure what's going on. -
Hmm, well if they are not asking for UPnP forwards there's not much pfSense can do.
It's possible they are asking for something miniupnpd cannot set. You might try running pcap for the upnp traffic on the LAN.Steve
-
I think it's just the gaming apps not sending UPnP requests. I'll set up a pcap when I have time to fiddle with it.
In the meantime, for anybody looking into testing UPnP, here is a good read on the upnpc utility you can use to do just that: FYI: Tool to test and set Port Forwarding with UPnP
