Hello there, I´m kinda new to the OPNSense and general firewall topic. Im currently having issues with allowing Steam to authenticate my user.
I have two interfaces:
WAN (192.168.2.236)
LAN (192.168.0.1)
On the LAN I have configured the following rules as stated in the Steam firewall configuration guide (https://help.steampowered.com/en/faqs/view/2EA8-4D75-DA21-31EB)
If I now open Steam I run into an timeout. The connection log from Steam says the following in the .txt file.
I can´t see any blocking on the LAN side, so I think I setup everything correctly there. Even any LAN-Any-Allow rule won´t do it.
On the WAN site I can see alot of blockings from the default deny / state violation. I assume that Steam is sending their authentication over an CDN. This has a different IP and port, so the firewall thinks its a random packet and denys it.
How can I fix this problem?
The RFC1918 WAN IP address suggests that OpnSense is already behind another, maybe ISP-provided router, so you are operating under double-NAT conditions. At least you should be, because if you set up OpnSense without outbound NAT, you would have to provide a route to 192.168.2.0/24 on your front router.
As Steam needs to have opened ports, you will also have to create inbound NAT rules on both OpnSense and your ISP router.