Advanced Outbound NAT: Static Port - Bug or?



  • Just was wondering if anyone else has noticed a problem.

    I'm looking after 2 systems, one here one remotely for some friends.

    Here we're running: 1.2RC4 built on Sun Jan 27 20:31:15 EST 2008
    remotely: 1.2-RC3 built on Wed Nov 7 19:10:57 EST 2007

    I enabled the AON and edited the default rule to set the "static port" option, saved and applied. This was following the advice to do so for certain games, such as battle.net games.

    Now on the remote system running 1.2RC3 it all just works.

    On this system (RC4) as soon as I enable it, I get a message from battle.net that it cannot connect on port 6112 udp and that only chat will be enabled. As soon as I disable it (return NAT to Automatic) I can connect again, but then I have latency problems when connected with more than one player.

    I searched through the forums and through the CVStrac and I don't see any recent entries affecting static port so it all seems odd that it isn't working.

    Anyway I'll try updating to the latest snapshot and see if that helps, but thought it might be a bug that should be reported.

    Okay I updated to: 1.2-RC5 built on Wed Feb 6 19:54:56 EST 2008
    Unfortunately I have to report the same problem exists.



  • Well I have two PfSense systems trying to NAT, i have not been able to achieve any communication between them. While i have a PfSense and some Senao accesspoints and never a problem.

    I believe there is a problem with NAT-ting on fixed ports between pfsense and pfsense.

    best regards,
    hans



  • Well, that may be so, but this problem exists before even the 2 pfSense networks try to connect. The error is taking place just trying to connect to battle.net itself.

    The other odd thing I've noticed is that the 2 different versions of pfSense seem to be setting things up exactly the same. (Which they should) When I run pfctl -sr or pfctl -sn I see exactly the same entries. At least with regard to the settings for port 6112 inbound and the change in the settings for the outbound NAT. But the thing that's consistent is that it doesn't work properly on this end. I wonder if this is effecting anyone else who needs the static-port setting, or if it's just my system?

    Update: I was able to track down a file for a 1.2RC3 build. It also had the same problems here. It seems to be something with this location. This is very strange because everything else between the 2 locations is very similar, and the firewall here works great for everything else. So far I can't track down any specific reason why this happens. I guess it's just another network oddity.


Locked