Need help to figure out Port Forward/Outbound NAT vs UPnP
-
After considerable testing with a goal of being able to turn off UPnP whilst maintaining "Open NAT" for all games, I am still not able to find a setting that works...
Here's what I have found and the settings I'm using:
Port forward 3074 > Gaming PC
Outbound NAT, Hybrid mode port 3074 - Gaming PC Static portWith this simple setting I get Open NAT on most games except MW2 (2009 version)...
This game is also using port 28960 but no matter what I do here, I can't get anything but Strict NAT. I have tried opening up a whole lot of other ports as well, listed by Activision and others but that doesn't help.
On the other hand, when using UPnP (and only Automatic Outbound rules and no port forwards) I get Open NAT on every single game. And I notice that games typically initiates much quicker, especially if I have NAT-PMP activated.
On the UPnP status page I can see the following listed for MW2:
Experimenting further, I took an EdgeRouterX (with UPnP activated) and placed it between my PC and pfsense => Double NAT'ed.
And now I'm able to get Open NAT on MW2 and the other games without any further changes. In fact I can get Open NAT on MW2 and Moderate NAT on others, without Port forwarding 3074, as long as I maintain Outbound NAT Static ports (for the EdgeRouterX this time).
I have tried to mimic what I see in Status / UPnP in different ways, setting e.g. 28960-28963 as source and 28960 as internal destination port, but that doesn't help.
Any ideas on how to solve this? Or are there things that UPnP does that simple can't be replaced through port forwarding and other rules?
-
@Gblenn I say stick with UPnP if it works for you. Just make it available only on the networks or hosts that need it and you are good.
-
@Bob-Dig You are not wrong, and I suppose that is the simple and even the best solution. And it is how I have had it set up for a long long time...
But now I have started digging and I'm a bit to much of a curious mind to stop now...
I mean I have really done some extensive testing (if you ask me) with all kinds of settings and trying out all different suggestions on which ports to forward etc. Which has led me to this minimal configuration that almost works... except this one game...
Isn't it strange that I can't get anything but Strict NAT on MW2, except when using UPnP... yet, when placing a UPnP device between pfsense and the PC, that game just works!!
And that is with UPnP turned off in pfsense, no gaming ports forwarded and Outbound NAT automatic... It's suddenly like it was no more complicated than a web browser...Yet, when UPnP is turned on in pfsense, and it also works, it shows in Status / UPnP that MW2 does ask for port 28960. And here it is when having EdgeRouterX in between even... It looks exactly the same...
All the while, any games depending on Port 3074 must have ports forwarded or UPnP activated, to get Open NAT. The difference being that they also work with only Port Forward and static ports.
Perhaps the information is hidden somewhere in some logs... I'm thinking there is more going on than what UPnP is showing in the status page?
Do all consumer grade routers have UPnP? All instructions list ports to forward, even from Activision and Infinity Ward themselves, so why is that not enough? Would pfsense really be any different in that regard?