• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

UPnP double NAT working but not multiwan failover

Scheduled Pinned Locked Moved Gaming
2 Posts 1 Posters 435 Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • G
    Gblenn
    last edited by Jan 21, 2023, 3:07 PM

    Inspired by my success in having all games getting Open NAT, using 22.05, I decided to go on to test towards WAN2 (failover) which is on a consumer LTE router.

    This router does not support bridging so I am stuck with double NAT, or rather a DMZ setup. BUT, the only way was to go back to port forward of 3074 like before.

    After a bit of googling I found something about minupnp not working with Private IP on the external interface...
    Unexpectedly, my TP-Link archer actually allows me to set any IP on the internal interface, not just private IP ranges.

    So, I simply picked a random IP address that I knew belonged to the ISP I'm using, and... now it works!!
    So this might be a tip for anyone sitting with an ISP router or on a FWA connection that doesn't support bridging. At least test it to see if the router allows it... I just realized that I never did any testing where I had turned off blocking of private and loopback addresses...

    The thing that still doesn't work however, is my scenario with failover...

    For regular port forwards I can set up two NAT rules for each port that I have forwarded, one for WAN and another for WAN2. In other settings I can simply use my Gateway Group which I created, like for DynamicDNS.

    The UPnP settings however does not give me the option of using a Gateway Group, and I obviously can't have two different settings for WAN and WAN2. Which means that in case of a failover scenario, UPnP will not work... 😢

    G 1 Reply Last reply Jan 23, 2023, 7:14 PM Reply Quote 0
    • G
      Gblenn @Gblenn
      last edited by Jan 23, 2023, 7:14 PM

      Although UPnP works when using something other than a private IP on WAN2, it does break the Dynamic DNS update.
      Normally pfSense will use http://checkip.dyndns.org to get the IP address IF it detects a Private IP on the monitored port. If not, it will assume it is the correct IP which means the DDNS will be incorrect.

      As there doesn't seem to be a way to force it to use that checkup service so I guess it's back to using port forwards for MW3 on the WAN2 port ...

      1 Reply Last reply Reply Quote 0
      2 out of 2
      • First post
        2/2
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
        This community forum collects and processes your personal information.
        consent.not_received