An odd (NAT?) problem, could use some help figuring this one out!
-
Okay… I've noticed something really strange this week.
I'm using release 1.01, and I'm not great with the rules and such, but I know enough to do port forwarding and the traffic shaper to a usable degree.
I just installed a FEAR dedicated server on port 27888 (the default), and for the most part it works fine. Of course, I can connect to it from inside the network, and I do get players on it that have no problems. But, I have a friend that is using a regular old netgear router on his cable connection, and here is where it gets weird. He sees the server in the list in game, but it says I'm using some weird port, like 54523 and stuff. Thing is, when I restart the server trying to diagnose the error, it shows yet another random port. If I take the pfSense router out of the picture and use a standard router, I have no problems with that issue. He can still manually type the information and connect with no problems....
I have this set up:
Rules:TCP/UDP * * Server 27888 * NAT Fear Server - Main TCP/UDP * * Server 45301 * NAT Fear Server - PBNAT:
WAN TCP/UDP 27888 Server (ext.: 65.190.172.99) 27888 Fear Server - Main WAN TCP/UDP 45301 Server (ext.: 65.190.172.99) 45301 Fear Server - PBWAN->LAN TCP * Server qOthersDownH/qOthersUpH TCP to Server WAN->LAN UDP * Server qOthersDownH/qOthersUpH UDP to Server LAN->WAN TCP Server * qOthersUpH/qOthersDownH TCP from Server LAN->WAN UDP Server * qOthersUpH/qOthersDownH UDP from Server'Server' is an alias pointing to 192.168.1.15
I see no problems with the rules and such, but the issue I'm having is perplexing. If anyone could shed some light on this, I'd greatly appreciate it!
-
The port of the server appears on the outside on something random because the port gets scrambler by pfsense.
you can deactivate that under NAT–>Outbound.activate advanced outbound NAT.
there will be an autocreated rule for your LAN subnet.
at the end of the rule you will see the field: "Static port" on "NO".
Set this field to "YES" and your ports will no longer be scrambled. -
Hey, thanks a lot! That fixxed it. What is the drawback to doing this, other than not randomizing ports? I seem to remember some reason for not activating it…
My next question is why it randomizes the FEAR port, but doesn't randomize other ports I have set up, such as bittorrent, my webcam shares, and such. Those have always worked just like I set them.
-
I set it up that i only have the ports unscrambled that i need unscrambled.
For that let the default scrambling rule be and create above the default rule a rule for your single port you want to have unscrambled.
rules are processed from top to down and if one rule catches the rest is no longer considered.Do you mean it does not scramble them when you NAT them to be accessed from the outside?
This is a different matter. This is about OUTBOUND NAT. All ports on outgoing connections get scrambled (even Bittorrent, look at the state tables while you are downloading).
But some Programms get their destination to send the reply to, from the source port out of the header of the packets they recieve (with the correct scrambled port) and thus work.
