OPNsense Forum
Archive => 18.7 Legacy Series => Topic started by: Amanaki on December 27, 2018, 10:59:39 pm
-
Hi everyone,
Home user trying to get an unrestricted gaming network going for my two teenage sons who play a variety of games on steam, origin and ps4.
Below is a summary of my network which runs on a dedicated VM with three physical network interfaces.
vtnet0 - WAN DHCP client from ISP
vtnet1 - Unassigned for VLANs
vtnet2 - LAN - 10.1.10.1/24
VLANs on vtnet1 are as follows:
VL10_ADM 10.10.10.1/24 - Admin
VL20_IOT 10.10.20.1/24 - IOT/WiFi/OpenVPN
VL30_CLR 10.10.30.1/24 - Unrestricted gaming network
VL40_SEC 10.10.40.1/24 - Secure network no access to WAN
VL50_DMZ 10.10.50.1/24 - Media network only
I installed OS UPnP and it appears in the services menu but I am needing some help satisfying the following instructions that were displayed after the installation was completed: -
For this dameon to work, you must modify your pf rules to add an anchor in both the NAT and rules section. Both must be called 'miniupnp'
Am hoping that someone would be kind enough to show me an example or talk me through what I need to do to get this working? I can provide screenshots of my NAT and fw rules if required just let me know.
Many thanks,
Manaki
-
what worked for me was just installing Upnp and then going to services . open Universal plug and play, go to settings and enable. I also enabled both protocols.
works as expected
-
Thanks for the reply GDixon.
I figured as much.
So, what is the point of this message is then? Surely its not there for nothing.
-
I never got that message. go to services, upnp and then look at the status and see if your ports are open.
I like upnp over a forward for bit-torrents because I can clost the ports if I want at any time and also they are not open unless requested. My bit torrent also uses a random port each time it's opened / used
-
I haven't enabled it yet GD. Still a bit paranoid until I know whats going on with this configuration message.
Enclosed is a screenshot of the message at the time of package installation..
Did you get this message?
-
ah ok yes I got that at the plug in install but ignored it, instead I tried UPnP after enabling it to see if it worked and it does as expected.
-
Okay, thanks for confirming.
I guess from a security standpoint, I am still somewhat nervous about this as I don't want to screw things up and end up paying for it later on. I am still really keen to know what that message means and hope someone else can chime in and help out.
Out of curiosity GD, are you using port rules on your gaming network or are you allowing anything in/out? Is your UPnP setup the same as mine in the attached screenshot?
Thanks heaps for the help btw.
-
I also checked Nat-Pmp. I needed nat-pmp for Qbittorent
no port forwarding for what uses UPnP.
other than that all is the same.
-
Sorry for the late reply GD, thanks for clarifying your settings match mine.
I could not quite follow your comment about nat-pmp. Is there something I need to do in there? I don't allow torrents on our network.
-
If you have it working with no need for it leave it disabled. I just happened to need it.
-
Excellent. Thanks again for the help GD.
I am keen to mark this thread as solved but until I receive some clarity about those warnings from other experienced participants, I am somewhat reluctant to do so.
-
Dis you enable UPnP and is it working for you?
-
Hi GD.
It's working but I am still waiting for someone to explain those security warnings and if/what I need to do to satisfy them without screwing up our network security.
I do not believe that the developers would put serious security warnings like that in there just for them to be ignored, hence I shall wait for someone else to chime in over the next few days, if not I shall contact the moderator and ask for some assistance.
Thanks again GD.