Messages

[one big bad idea]

NOFI but this is just one big bad idea :
- USB NICs have two major issues :
1. Prone to high CPU usage delays.
2. Chipsets inside them are not always of the greatest quality to say the least...

- A Laptop is fun as your handy dandy MP3 player or so when being this old, but using it as any kind of Server device is just a bad idea!
Unless you like your Firewall to get some sleep from time to time ?! ;) ;)

[set DHCP reservations]

In my experience most modern online games don't work with out of the box settings on OPN/pfS due to the way they re-write source ports for NAT traffic. I'm not sure why this continues to be the default config. Many years ago it was a security feature but now it just breaks stuff more than it helps.

As far as I'm aware only OPN/pfS do this, literally every other implementation of a router/firewall will not.

Actually I like it and I hope it never changes! :)

The best way to tackle this for your P2P Clients/Servers/Phones that use apps that need it too is a combination of the following :

If you have many LAN devices all trying to join the same online game lobby (multiple Xbox consoles for example), you will need to set DHCP reservations for each one and manually set outbound traffic rules for each one.

You'll need to manually switch the firewall to Hybrid Outbound NAT and manually create a single outbound NAT rule with the "static" port option selected. This will prevent your source ports from being rewritten by the firewall during NAT traversal.
It's pretty straight forward and I've attached a screenshot for reference. Make a rule like you've see in the screenshot and save/apply the settings. Then retry your games and see if this helps.

And a nice way to add/remove many clients to this rule is to use the Alias/Group option and edit it every time you need to remove or add one of your clients ;)

If you need a tutorial just search for https://duckduckgo.com/?q=opnsense+strict+nat and you should find plenty of them!

@cookiemonster :

Actually I am aware of that topic and many more, but I was kind of hoping that now with the new Forum Software/Update all those issues are a thing of the past ?! :)

No reply after more than a week ?!

Am I the only one?

Absolutely NOT! :)



I am having a really hard time finding a nice way to get messages/notifications from the Announcements sub-forum sent my way too !!! :'(

For now I am following https://forum.opnsense.org/index.php?board=11.0 via RSS in Pale Moon but receiving e-mails in any of my Inboxes would be nice to have too!