Ah, you’re right. I never even thought to look into my actual upstream provider to see what’s going on there. I will check with them at some point when I have time to sit in their queues to get to an actual tech that can give me some info! Thanks, you’ve been really helpful!
This is a great post. I followed the steps almost exactly to achieve open NAT on 3 xboxes in their own vlan. I deviated slightly, using a suggestion found on the netgate forum. Specifically the last post in this thread. What I did differently:
- Assign unique static ports for each xbox
- UPnP ACLs for allow specify the unique ports for each xbox ip, instead of a range
I’m not entirely sure this would work for games like COD, which seems to use a bunch of ports, in which case the solution will be to use a range as you have done.
Thanks so much for the detailed write up, it helped tremendously.
Continuing the discussion from pfSense and Multiple Xbox Ones: Open NAT Guide:
Need help, ran out of ideas. Followed all these recommendations and i still getting strict NAT on Xbox Series X. I just created my own pfsense box moving from bitdefender box2 because i was getting moderate NAT. I have 4 port NIC and I setup 1 dedicated port for just the xbox. it looks like UPnP is working and the rule to assign a higher port is also working. I added the outbound NAT rule. I did have pfblocker installed and after reading other replies it looked like recommendation was to disable it from that LAN. I reran the pfblocker wizard and selected all my other interfaces except the XBOX LAN and i was still getting strict. I removed pfblocker completely and still getting strict. For some reason i cant figure out how to delete these automatic rules pfblocker setup even after i removed the package from the system. Any other suggestions? I appreciate your time.
This is OT but has anyone come up with a solution for PC that doesn’t include forwarding large ranges of ports to the desktop? Maybe using VMs and VLANs is the best bet?
Anyone looking for a resolution can follow this guide as it works for both consoles and did my own test with PC’s when playing Call Of Duty Vanguard. Netgate Forums. There is a patch you can apply which adds an anchor to the UPNP service which before the patch was not working correctly. Then proceed with following the setup Nyarlathotep provides but skip the “Network Address Translation” part as this is not needed. I can confirm that this setup and the path which netgate forums provides on how to get works when running 2 PC’s and trying to play call of duty on the same network. Just make sure you reboot your pfsense firewall and turn off your PC’s until the firewall is back up so your computer doesn’t keep the old port rules.
There is a patch that can be applied that may help: