Post by jrronimo on Nov 26, 2015 6:45:24 GMT
I'm running into a major problem playing the Wii U game Splatoon online. It doesn't seem to use specific ports, so you end up doing things like forwarding UDP 30000-65535 to a specific IP, and even then, 99% of the time, the game will not connect. I got into a game *once*, but I didn't change anything. It worked until I left the group, and I haven't been able to connect since.
Most chatter online suggests just putting the Wii U in a DMZ. I'm familiar with DMZ from more basic home routers, where the admin assigns an IP to be "the DMZ". SmallWall's setup is a bit more intimidating. Does it actually require a 3rd interface? Is there a way to declare an IP address to allow all traffic in and out of it on the existing interfaces?
I've been fighting with firewall rules all night. I can see accepted packets when I try to connect to a game, but then I'm given this mysterious 118-0516 error from Nintendo (essentially: check your firewall rules...). This page has the most detail relating to pfsense, but I'm not quite sure about the outbound NAT mapping. This thread also has some info about a static outbound port... I don't quite understand.
Any insights?
Most chatter online suggests just putting the Wii U in a DMZ. I'm familiar with DMZ from more basic home routers, where the admin assigns an IP to be "the DMZ". SmallWall's setup is a bit more intimidating. Does it actually require a 3rd interface? Is there a way to declare an IP address to allow all traffic in and out of it on the existing interfaces?
I've been fighting with firewall rules all night. I can see accepted packets when I try to connect to a game, but then I'm given this mysterious 118-0516 error from Nintendo (essentially: check your firewall rules...). This page has the most detail relating to pfsense, but I'm not quite sure about the outbound NAT mapping. This thread also has some info about a static outbound port... I don't quite understand.
Any insights?
), I might just include outbound NAT rules for all of them -- something tells me it might just be required to not remap outbound ports if avoidable.
