Hello,
I have an Opnsense router on which I've setup a Wireguard client. I have a private VPS Wireguard server in the cloud and I'm redirecting all my home network traffic through it. I sometimes have friends over and play games on LAN, specifically call of duty. I want everyone to have Open NAT when connected to my home network. If I disable the wireguard tunnel and route all traffic through WAN, I can just enable UPnP and everything works fine. But if I route all traffic through Wireguard interface, UPnP does not get used at all (Shows nothing in the Status page). I've tried all combinations of External and Internal interface options in UPnP settings. Is there something I'm missing here?
			
			
			
				Anyone?
			
			
			
				Bump
			
			
			
				Nobody?
			
			
			
				Just create rules that match the Call of Duty traffic and send it out of your normal WAN interface. Why make it complicated?
			
			
			
				@Monviech,
You mean create rules for selective routing to not use Wireguard tunnel if the traffic is using the given ports?
If so, I guess I can do that but the whole reason for me to use wireguard was protection. Call of Duty MW2 from 2022 had several vulnerabilities that allowed IP address to be leaked online. I don't think the new MW3 is any different. I'd rather use wireguard to mask my IP while playing.
			
			
			
				forgive me for interfering as I don't have a suggestion: I don't care about gaming NATs in my household but the only person who did play never complained of a problem _and_ I don't like the concept of UPNP.
That out of the way, when you use wg "for protection", what are you protecting and from what?
I'm genuinely curious.
			
			
			
				@cookiemonster, I don't like the concept of UPnP either. But the NAT type does make a lot of difference in matchmaking and voice comms in many multiplayer games and unfortunately Call of Duty is one of them. Ideally I would love to just portforward to a single device that I play on but doing it for all the devices when hosting a LAN party is just a hassle. So its just convinient to use UPnP during that time and later turn it off.
And like I already mentioned, I use a private VPN to mask my IP because I have static IP from my ISP. Just general safety, nothing exclusive that I'm trying to protect.
			
			
			
				Yup I get the UPNP bit. Why are you using a VPN for though when masking your real IP ? What is doing that protecting you from? Genuine question.