Allowing Steam through Firewall

[PANZER]

Hello there, I´m kinda new to the OPNSense and general firewall topic. Im currently having issues with allowing Steam to authenticate my user.

I have two interfaces:

WAN (192.168.2.236)
LAN (192.168.0.1)

On the LAN I have configured the following rules as stated in the Steam firewall configuration guide (https://help.steampowered.com/en/faqs/view/2EA8-4D75-DA21-31EB)

If I now open Steam I run into an timeout. The connection log from Steam says the following in the .txt file.

I can´t see any blocking on the LAN side, so I think I setup everything correctly there. Even any LAN-Any-Allow rule won´t do it.

On the WAN site I can see alot of blockings from the default deny / state violation. I assume that Steam is sending their authentication over an CDN. This has a different IP and port, so the firewall thinks its a random packet and denys it.

How can I fix this problem?

[meyergru]

The RFC1918 WAN IP address suggests that OpnSense is already behind another, maybe ISP-provided router, so you are operating under double-NAT conditions. At least you should be, because if you set up OpnSense without outbound NAT, you would have to provide a route to 192.168.2.0/24 on your front router.

As Steam needs to have opened ports, you will also have to create inbound NAT rules on both OpnSense and your ISP router.