Is UPnP the reason my games don't work?
-
What are your firewall rules ?
-
@Uglybrian These are the rules for my OPT2 interface (where my router is connected to) interface:
And these are for my WAN:
To be sure, this is the rule that blocked the requests:
-
Your DNS rule, try OPT2 addressed instead of this fire wall. You can see by the 0/0 that the rule is not affective.
-
@Uglybrian Like this?
Hmm it's still unaffective it seems, and the requests still get blocked -
YES, but sorry it didnt work, I took a second look at your rule set and see you have more DNS rules below.
To me it looks like you have something blocking UDP in your rule set. I am basing this on when you put a any/any rule it works. I will take a third look and see if i spot something. -
@Uglybrian Thank you very much! If I need to provide more screenshots or information let me know!
Another thing I maybe should mention is that I have a PiHole on OPT1 that is set as my DNS server (10.10.10.102) -
Just saw, on the firewall rule that you changed. it should be to addresses not to subnet.
like this:
-
@Uglybrian Aah okay I have now changed it to this:
Does the source also need to be any? Because I still see blocked requests in the firewall logsEDIT: that also doesn't seem to be the solution:
-
Is port 22325 in your allowed port aliases?
The source in your DNS firewall rule be either be any or subnets.I have mine as any because i am using this pfSense configuration recipes: https://docs.netgate.com/pfsense/en/latest/recipes/dns-block-external.html
Also for your reference and to double check your settings:
https://docs.netgate.com/pfsense/en/latest/services/upnp.html -
@Uglybrian I followed the UPnP guide from the docs, that's where I got my original configuration from: enable UPnP, no STUN because my WAN interface has a public IP, and enable static port for the outbound NAT rule. The 22325 is not in my alias, so I added it, but I still see the blocked requests and no active UPnP rules :(
I also checked if it was the pfBlockerNG rules, but they don't change anything