Text only | Text with Images

OPNsense Forum

English Forums => General Discussion => Topic started by: lmnsour on September 26, 2022, 03:33:08 AM

Title: DMZ Help
Post by: lmnsour on September 26, 2022, 03:33:08 AM
I'm trying to setup a Gaming PC on the firewall and some games don't like the Strict NAT policy.

I tried manual port forwarding and then tried UPNP but neither worked.

I was looking into setting up a DMZ and found a help thread that said setting up a 1:1 NAT would work with the port fwd'ing.  https://forum.opnsense.org/index.php?topic=429.0

The problem is I'm kind of a caveman and its not broken down quiet enough for me to follow.  Attached is a map to my network and screen shots of the virtual IP and 1:1 NAT rule I made.  Its still not working so I think I did something wrong.
Title: Re: DMZ Help
Post by: lilsense on September 26, 2022, 08:06:05 PM
I am not sure why you need DMZ, as this is a plain Jane PC.  What game are you trying to play that you are unable to?
Title: Re: DMZ Help
Post by: lmnsour on September 26, 2022, 08:38:23 PM
Quote from: lilsense on September 26, 2022, 08:06:05 PM
I am not sure why you need DMZ, as this is a plain Jane PC.  What game are you trying to play that you are unable to?

Bungie servers don't like strict NATs.  I keep getting a network message from Bungie and noticeable network lag.
Title: Re: DMZ Help
Post by: lilsense on September 26, 2022, 08:46:12 PM
based on this link: https://help.bungie.net/hc/en-us/articles/360049496751

all you gotta do is to port forward the two UDP ports: 3074, 3097
Title: Re: DMZ Help
Post by: lmnsour on September 26, 2022, 09:04:26 PM
Quote from: lilsense on September 26, 2022, 08:46:12 PM
based on this link: https://help.bungie.net/hc/en-us/articles/360049496751

all you gotta do is to port forward the two UDP ports: 3074, 3097

I tried port forwarding and UPnP.  The UPnP status shows the ports are open (the PC firewall rules are already configured for the ports so that's not an issue). 

I still get the "Strict NAT" error.

Anyways, from what I understand, a 1:1 NAT is needed to fix this but if you have a better idea, I'd appreciate it.  Thanks!
Title: Re: DMZ Help
Post by: lilsense on September 27, 2022, 09:46:32 PM
no need for 1:1 NAT as you do not have sufficient Internet IP. you may need to do a 1:1 PAT as in port not network. So set your ports to be the same.
Title: Re: DMZ Help
Post by: lmnsour on September 28, 2022, 03:56:25 PM
Quote from: lilsense on September 27, 2022, 09:46:32 PM
no need for 1:1 NAT as you do not have sufficient Internet IP. you may need to do a 1:1 PAT as in port not network. So set your ports to be the same.

Thanks, I looked deeper into it and was able to get Port Forwarding to work finally. 
Title: Re: DMZ Help
Post by: lilsense on September 28, 2022, 06:06:45 PM
I am glad I was able to help. You might want to post what you did or how you did it for others that might have the same issue.
Title: Re: DMZ Help
Post by: lmnsour on September 28, 2022, 07:29:39 PM
Quote from: lilsense on September 28, 2022, 06:06:45 PM
I am glad I was able to help. You might want to post what you did or how you did it for others that might have the same issue.

I think my first attempt to Port Fwd didnt work (and UPnP?) because I didn't have "Hybrid NAT" selected on the firewall outbound rules.  I found this article helpful:

https://niallbest.com/achieve-full-open-nat-with-port-forwarding-for-xbox-live-via-opnsense/
Text only | Text with Images