• My son has problems connecting to his friends playing FIFA15. He can play online against random other people, but when trying to play with friends it doesnt work.
    What I understand is that FIFA uses some ports when going through gameservers and other random ports when connecting to friends.
    Is there a simple way to shut off the firewall for one single ip adress in the home network? I want to try that since nothing else works.

  • Do you have the UPNP service enabled?

  • The PS4 has a diagnostic mode for NAT. It's located at [Network] -> [Test Internet Connection]. If the test says that you are ending up with Type 3, or fails completely, you will need to make a change in pfSense. You have two options:

    1. Configure the firewall to use static port mapping specifically for the PS4. You will need to create a rule for the PS4 in pfSense ([Firewall] -> [NAT] -> [Outbound]). If you are running 2.1, you will have to select Advanced Outbound Nat and take full control of the NAT rules. If you are running 2.2, you can use Hybrid mode which allows you to add just the PS4 rule without having to take full control of NAT rules.

    2. Enable NAT-PMP ([Services] -> [UPnP & NAT-PMP]). The PS4 supports PMP/PCP.

    The advantage of #1 is that it allows you to restrict the port mapping/forwarding specifically to the PS4. The disadvantage is that it's slightly more complicated to set up in pfSense.

    The advantage of #2 is that it is simple–one checkbox and you are done. The disadvantage is that any host in your local network may now make dynamic changes to the firewall port forwarding rules. You only want to do this if you fully trust all the hosts in your local network.

    Recommend reading about PMP and PCP before choosing option 2:

  • @dennypage: I've the same problem.

    I would prefer #1! Could you help me with the right outbound-settings (pfSense 2.2)? What du you mean with "… Hybrid mode ..."?



  • Hybrid mode is one of the settings available on the [Firewall] -> [NAT] -> [Outbound] page. Look for a radio dial selection that says "Hybrid Outbound NAT rule generation  (Automatic Outbound NAT + rules below)". Select that option.

    After you have turned on Hybrid mode, you can add a rule for your PS4 like so:

    In Interface, choose WAN.

    In source, choose type network and enter the address of your PS4 (x.x.x.x/32). Note that your PS4 must either be configured for a static address, or you need a static DHCP mapping for it.

    In Translation, check the box that says Static-port.


    Let me know if you have any other questions.


    What du you mean with "… Hybrid mode ..."?

  • Thanks!

    It works well now!  :) :) :)