Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Steam client difficulty connecting behind pfSense 2.0 release

    Scheduled Pinned Locked Moved General pfSense Questions
    10 Posts 3 Posters 13.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      tekkon
      last edited by

      My steam client on windows is finding it difficult to connect on the steam network. WAN on pfSense 2.0 is configured as pppoe and connects via an adsl modem in bridge mode.
      By difficult I mean that sometimes I can connect to steam but most of the time i can't connect when behind pfSense. I can connect to steam without issues if I connect my PC directly to the modem, by-passing pfSense.

      I've tried the following to solve the problem but so far none worked:

      Switched to Manual Outbound NAT rule generation (AON - Advanced Outbound NAT) with static ports enabled.
      Turning off UPnP.
      Setting rules on inbound and outbound for TCP (27014:27050) and UDP (3478, 4379, 4380, 27000:27030).
      Tried MTU settings for WAN with 1500, 1492 and 1464.

      Bellow is a sceenshot of a wireshark capture during when steam client failed to connect 4 times:

      Unfortunately I can't really understand what is going wrong here. I checked the firewall logs but didn't find the steam ports mentioned above being blocked.

      1 Reply Last reply Reply Quote 0
      • S
        Sleeps
        last edited by

        To get Steam to work I created Firewall rules and forgot about MON.  I also used an additional port 27015.

        Sleeps

        1 Reply Last reply Reply Quote 0
        • T
          tekkon
          last edited by

          Hi Sleeps,

          I read you older theard from http://forum.pfsense.org/index.php/topic,32798.0.html and I've added TCP/UDP 27015 to the firewall rule. It too didn't worked.

          Finally I set from any ip, any port to any port on my lan ip. The practically removes me from the firewall protection right?
          However, I still can't get steam to connect.

          I believe this has little to do with the firewall now.

          I did another screen capture from Wireshark packet analyzer. It still shows Steam unable to send or receive TCP PSH packets, similiar to my previous screen capture a day ago.

          How else can pfSense be preventing the Steam Client from sending and recieving TCP PSH packets?

          1 Reply Last reply Reply Quote 0
          • S
            Sleeps
            last edited by

            @tekkon:

            Hi Sleeps,

            I read you older theard from http://forum.pfsense.org/index.php/topic,32798.0.html and I've added TCP/UDP 27015 to the firewall rule. It too didn't worked.

            Finally I set from any ip, any port to any port on my lan ip. The practically removes me from the firewall protection right?
            However, I still can't get steam to connect.

            I believe this has little to do with the firewall now.

            I did another screen capture from Wireshark packet analyzer. It still shows Steam unable to send or receive TCP PHS packets, similiar to my previous screen capture a day ago.

            How else can pfSense be preventing the Steam Client from sending and recieving TCP PHS packets?

            I've got my IPTV and steam connected to the same VLAN.  I disabled port 53 (DNS) rule and unable to download updates when re-enabled downloads resume's, so add a DNS rule. These rules should be entered into the corresponding interface and not in the WAN.

            Sleeps

            1 Reply Last reply Reply Quote 0
            • X
              xtropx
              last edited by

              Where are you in your screenshots? Are you on the LAN interface or the WAN interface?

              Regards,

              xtropx

              1 Reply Last reply Reply Quote 0
              • S
                Sleeps
                last edited by

                @xtropx:

                Where are you in your screenshots? Are you on the LAN interface or the WAN interface?

                Rules are on the LAN (IPTV Vlan). Diagram below

                Proto      Source    Port    Dst        Port 
                UDP        IPTV        *      DNS        53
                *            "            *        Lan add  *
                TCP        "            *      *            web ports
                TCP        "            *      *            Steam Clients
                UDP        "            *      *            Steam Client UDP
                TCP/UDP  "            *        *            Steam server
                *            "            *        *            * (Rule left open for torrent)

                Hope this helps

                Sleeps

                1 Reply Last reply Reply Quote 0
                • X
                  xtropx
                  last edited by

                  Well from what I can see, and maybe I am wrong, your "test all" rule has the wrong source (if that screenshot is on the LAN interface, as you say). You have to think about it like where the packets originate is your "source." So maybe you could try switching your destination and source IP address around there and see if that works.

                  Regards,

                  xtropx

                  1 Reply Last reply Reply Quote 0
                  • T
                    tekkon
                    last edited by

                    xtropx: The rules screenshot was from my WAN interface. On the LAN interface I have from "Lan net" at "any port" to "any ip" at "any port" opened for LAN traffice to get out.

                    Sleeps: Steam is on the same subnet as every device on the LAN interface and dns is working.

                    I suspect it's the TCP push packets being dropped. I have to find out where.

                    1 Reply Last reply Reply Quote 0
                    • S
                      Sleeps
                      last edited by

                      @tekkon:

                      xtropx: The rules screenshot was from my WAN interface. On the LAN interface I have from "Lan net" at "any port" to "any ip" at "any port" opened for LAN traffice to get out.

                      Sleeps: Steam is on the same subnet as every device on the LAN interface and dns is working.

                      I suspect it's the TCP push packets being dropped. I have to find out where.

                      Enter the rules into the LAN and remove LAN net from the destination field and replace it with any.

                      Sleeps

                      1 Reply Last reply Reply Quote 0
                      • T
                        tekkon
                        last edited by

                        Because of Steam Client's inconsistency at connecting to it's servers, I had took a long time tracking down the culprit.

                        Until one of the computers on the LAN went offline. It was apperently running utorrent.
                        Even though it wasn't using bandwidth heavily, it might somehow intefrere with Steam's ability to connect.

                        I'm not entirely sure yet, even though I was able to connect to Steam 2 times now after that PC with utorrent went down.
                        I'll post back after I further succeed at connecting on Steam.

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.