Messages

I allow multicast (224.0.0.0/4 and 240.0.0.0/4) in my LAN firewall rules for LAN-net devices and set my consoles to a specific range of IP's. 
(I also allow access to UPNP (2189) and PMP ports (5351), via created an Alias for all LAN net, maybe redundant because of defaults created by activating UPNP service? but it doesn't hurt either)

All my consoles are ranged within CDIR 192.168.0.80/29.

So I create a Hybrid rule.
Hybrid Outbound NAT rule generation
(Automatic Outbound NAT + rules below)

With mappings 192.168.0.80/29 to be static.

With the UPNP service I set my consoles to:
By default deny access to UPnP & NAT-PMP? active YES !!!! (important!!!)
User specified permissions 1: allow 88-65535 192.168.0.80/29 88-65535 (Consoles, DHCP MAC assigned, udp 88 lowest port for xbox/xboxone)
User specified permissions 2: allow 1024-65535 192.168.0.0/24 1024-65535 (other PC's and laptops, only 1024 and higher)

I will have to check this out when I get time. I saw something kinda like this in a forum about pfsense I just wasn't sure how to implement it correctly in opnsense. Thanks for the recommendation I will post later if it works.

What is your build? What does your PS4 report NAT type 2 or? How did you configure it? did you manually configure UPnP or did you just enable it? My PS3 and 360s work with just UPnP enabled I did not manually configure anything.

My build is 15.7.12. My ps4 shows nat type 2, because I set up a outbound nat rule that says anything in the range on my consoles ip address (Ex. 192.168.1.200/29)  have static ports for translation and I left everything else going to or coming from as any. That allowed me to get nat type 2. I then went an enabled UPnP and I got nothing so I put something under "User specified permissions 1" and it says "allow 1-65535 192.168.1.200/29 1-65535" but I still get nothing.

I have enabled UPnP for the range of IPs that my game consoles sit in, but when I check the status page for UPnP there is nothing there. I would think it should have the IPs and ports and translations going out to the internet of my game consoles. I have two PS4s and we aren't able to play online really well without UPnP and I feel like I might be missing something here.

It looks to pick up on dns correctly and its from dhcp. I have also tried just doing static entries in my phone and still no luck.

So I just recently had the note 4 and now I have the S6 edge and both seem to have issues, but nothing else on my network does. From my s6 edge I can ping to the internet by IP just fine, but by domain name like www.google.com it doesn't go any where and this is causing stuff to load really slowly or not at all when it comes to the facebook app. I'm using LanDroid for my testing. I don't know if Samsung is just picky or if I'm doing something wrong. I have my nat type setup to be a nat type 2 and I still have mostly everything stock on opnsense. Any kind of help would be greatly appreciated. If you have any questions on my setup feel free to ask, I'm not sure what all I should include.