UPnP double NAT working but not multiwan failover

Gblenn

Inspired by my success in having all games getting Open NAT, using 22.05, I decided to go on to test towards WAN2 (failover) which is on a consumer LTE router.

This router does not support bridging so I am stuck with double NAT, or rather a DMZ setup. BUT, the only way was to go back to port forward of 3074 like before.

After a bit of googling I found something about minupnp not working with Private IP on the external interface...
Unexpectedly, my TP-Link archer actually allows me to set any IP on the internal interface, not just private IP ranges.

So, I simply picked a random IP address that I knew belonged to the ISP I'm using, and... now it works!!
So this might be a tip for anyone sitting with an ISP router or on a FWA connection that doesn't support bridging. At least test it to see if the router allows it... I just realized that I never did any testing where I had turned off blocking of private and loopback addresses...

The thing that still doesn't work however, is my scenario with failover...

For regular port forwards I can set up two NAT rules for each port that I have forwarded, one for WAN and another for WAN2. In other settings I can simply use my Gateway Group which I created, like for DynamicDNS.

The UPnP settings however does not give me the option of using a Gateway Group, and I obviously can't have two different settings for WAN and WAN2. Which means that in case of a failover scenario, UPnP will not work...

Gblenn

Although UPnP works when using something other than a private IP on WAN2, it does break the Dynamic DNS update.
Normally pfSense will use http://checkip.dyndns.org to get the IP address IF it detects a Private IP on the monitored port. If not, it will assume it is the correct IP which means the DDNS will be incorrect.

As there doesn't seem to be a way to force it to use that checkup service so I guess it's back to using port forwards for MW3 on the WAN2 port ...