RE: [pfSense Support] XBOX live not working with public IPS on MY LAN
This is a poke in the dark, but I ran into a number of Xbox live issues with a 3G Router setup. The Xbox worked fine on the cable connection (which is what we were getting rid of) but once we hooked it up to the 3G Router it would not work. The 3G router was controlled by the ISP and so I have no access to make changes to it. Logging into Xbox Live did not work and it was complaining that the MTU size was incompatible... looking further into it, it appears that there is no fix for this (SOL). Since I have not access to the router, I couldn't adjust the MTU size and the ISP wasn't interested in helping resolve this issue. In an effort to trick the Xbox into not knowing the MTU directly, I placed a Linksys Router in between the 3G Router and the Xbox... the MTU complaint stopped on the Xbox... logging in to play a game worked fine. Multiplayer worked. But there were still some problems playing in specific groups, some servers not showing up, etc... it got it working, but was still slightly wonky. I would suggest you look at the MTU size, it is possible that the Xbox is unaware or somehow doesn't know the MTU size of the WAN connection (as if it's hooked up to the Linksys above), so it doesn't complain and is connecting/running like above, but not too well because of MTU upstream from it. Regards, Chuck -Original Message- From: Trevor Benson [mailto:tben...@a-1networks.com] Sent: May-26-10 12:01 PM To: support@pfsense.com Subject: Re: [pfSense Support] XBOX live not working with public IPS on MY LAN It sounds to me like you already answered your own question. You said he plugged his xbox directly into a public ip "bypassing his router", I assume you mean bypassing the firewall/router not the CPE device acting as a bridge or router from the ISP (without which you dont have internet). If you have bypassed pfSense and still have problems with his xbox, it is either his XBOX or its the ISP filtering your traffic. It doesn't matter that you did some custom setup on the firewall, if you bypass it then its not part of your issue when failure still occurs. Unless your referring to him having a linksys router in his room and then that gets a public IP from the "LAN" of the pfSense box (like a dorm setup or something), you already ruled out the pfSense by having him plug in directly. I assume you are just bridging your LAN to your WAN for getting public IP's to the LAN? -- Trevor Benson dCAP, LPIC-1, CLA, Network+, MCP, CNA A1 Networks - Network Engineer DID (707)703-1041 FAX (707)703-1983 On May 11, 2010, at 5:09 PM, Chris Flugstad wrote: > So I have a pfsense router in a buidling DHCP'ing pub ip's on the LAN. I > have a user that can connect his xbox 360 online to xbox live but cannot > connect to other players or join parties. He has tried plugging his xbox > directly bypassing his router and giving his xbox a pub ip. this does not > work. i wonder if something would need to be set in pfsense to allow this to > work? > > Again, I have public ip's on the inside of my network so i do not have > NAT for any of you who are going to respond with responses that would > point me into doing fw changes for NAT - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] XBOX live not working with public IPS on MY LAN
It sounds to me like you already answered your own question. You said he plugged his xbox directly into a public ip "bypassing his router", I assume you mean bypassing the firewall/router not the CPE device acting as a bridge or router from the ISP (without which you dont have internet). If you have bypassed pfSense and still have problems with his xbox, it is either his XBOX or its the ISP filtering your traffic. It doesn't matter that you did some custom setup on the firewall, if you bypass it then its not part of your issue when failure still occurs. Unless your referring to him having a linksys router in his room and then that gets a public IP from the "LAN" of the pfSense box (like a dorm setup or something), you already ruled out the pfSense by having him plug in directly. I assume you are just bridging your LAN to your WAN for getting public IP's to the LAN? -- Trevor Benson dCAP, LPIC-1, CLA, Network+, MCP, CNA A1 Networks - Network Engineer DID (707)703-1041 FAX (707)703-1983 On May 11, 2010, at 5:09 PM, Chris Flugstad wrote: > So I have a pfsense router in a buidling DHCP'ing pub ip's on the LAN. I > have a user that can connect his xbox 360 online to xbox live but cannot > connect to other players or join parties. He has tried plugging his xbox > directly bypassing his router and giving his xbox a pub ip. this does not > work. i wonder if something would need to be set in pfsense to allow this to > work? > > Again, I have public ip's on the inside of my network so i do not have NAT > for any of you who are going to respond with responses that would point me > into doing fw changes for NAT - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] XBOX live not working with public IPS on MY LAN
Op 12-5-2010 3:13, Chris Flugstad schreef: Cool. I didnt think anything special would have to be done. Its prolly a "personal" problem that the client isn't hookin up with there freinds on xbox live. i havent a clue. never had a problem like this before Like Chris said, you should have a rule that allow traffic from the internet to the public lan subnet. Do make sure to add a block entry above it for the webui if you are doing this. I've run such a configuration before, my /27 was delivered via a /30. Create a block rule on wan from source any, port any to pfSense addresses on the webui ports. Create a allow rule on wan from source any, port any to lan subnet, port any. That way the internet can connect to anything on the lan subnet without actually being able to connect to your pfsense. I didn't see a allow rule on wan whilst skimming your config?! Regards, Seth - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] XBOX live not working with public IPS on MY LAN
Cool. I didnt think anything special would have to be done. Its prolly a "personal" problem that the client isn't hookin up with there freinds on xbox live. i havent a clue. never had a problem like this before thanks gary. if this raises an eyebrow to anyone on why there would be a problem, do tell, as Gary and myself both agree that there isnt anything that I should have to do in pfsense to make this work. -topher On 5/11/2010 6:09 PM, Gary Buckmaster wrote: My point wasn't that you need NAT, I got the part where you said you weren't NATing. The point is that no special configurations are needed to make XBox live work with pfSense and yes, UPnP is simply to automagically set up NATs as needed. Chris Flugstad wrote: I totally knew I'd get a response in regards to NATing ;) I am not using NAT. I have public ip's on the inside of this network so there is no NATING. UPNP would only be used for NAT correct? I myself tend to skim posts on here, so I totally understand Gary, and thanks for the quick response. Hopefully someone else has a response that will help though. -topher On 5/11/2010 5:23 PM, Gary Buckmaster wrote: I'm using an XBox behind a very straightforward pfSense install without any difficulty. You shouldn't need any special contortions to make it work except NATing the ports XBox Live wants (it works without them but it complains). UPnP should also "Just Work" if you enable that. Chris Flugstad wrote: So I have a pfsense router in a buidling DHCP'ing pub ip's on the LAN. I have a user that can connect his xbox 360 online to xbox live but cannot connect to other players or join parties. He has tried plugging his xbox directly bypassing his router and giving his xbox a pub ip. this does not work. i wonder if something would need to be set in pfsense to allow this to work? Again, I have public ip's on the inside of my network so i do not have NAT for any of you who are going to respond with responses that would point me into doing fw changes for NAT below is a dump of my config. Sincerely, Topher 3.0 nervecenter normal .net $. Etc/GMT-8 0.pfsense.pool.ntp.org https yes yes 207.66.128.8 207.66.60.8 bge0 216.127.63.65 26 100 Mb bge1 100 Mb 216.127.32.44 29 216.127.32.41 dyndns 216.127.63.66 216.127.63.126 216.127.63.65 00:21:91:15:90:24 216.127.63.80 WBR-1310 public block wan keep state 216.127.63.80 pass wan keep state reject lan keep state 216.127.63.80 block misch ip block lan keep state 216.127.63.116 block misch ip block lan keep state 216.127.63.100 pass lan keep state lan Default LAN -> any mischeif 216.127.63.80 bad peoplos host Entry added Mon, 18 Jan 2010 16:57:58 +0800|| 0 * * * * root /usr/bin/nice -n20 newsyslog 1,31 0-5 * * * root /usr/bin/nice -n20 adjkerntz -a 1 3 1 * * root /usr/bin/nice -n20 /etc/rc.update_bogons.sh */60 * * * * root /usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 sshlockout 1 1 * * * root /usr/bin/nice -n20 /etc/rc.dyndns.update */60 * * * * root /usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 virusprot */60 * * * * root /usr/bin/nice -n20 /usr/local/sbin/expiretable -t 3600 snort2c */5 * * * * root /usr/local/bin/checkreload.sh */5 * * * * root /etc/ping_hosts.sh */140 * * * * root /usr/local/sbin/reset_slbd.sh /firewall_rules_edit.php made unknown change 1272412107 traffic inverse 10 10 lan wan Asterisk 128 on mischeif 356 356 on on 20 20 on on on on on on on on on on on on on on on on on on on on on on hfsc qwanRoot 0 0 on 10 Kb qlanRoot 0 0 on 10 Kb qwandef qwanRoot 0 true 1 on 1% 1 % 500 qlandef 1 qlanRoot 0 true on 1% 1 % 500 qwanacks qwanRoot 0 7 on 10% 25 % qlanacks qlanRoot 0 7 on 10% 25 % qVOIPUp qwanRoot 0 7 on 128Kb 25 % qVOIPDown qlanRoot 0 7 on 128Kb 25 % qPenaltyUp qwanRoot 0 2 on on on 356Kb 1 % 500 qPenaltyDown qlanRoot 0 2 on on on 356Kb 1 % 500 qP2PUp qwanRoot 0 1 on on on 1Kb on 20Kb 1 % 500 qP2PDown qlanRoot 0 1 on on on 1Kb on 20Kb 1 % 500 qVOIPUp qVOIPDown wan lan lan 1-2 m_voip Asterisk inbound udp qVOIPDown qVOIPUp lan wan lan 1-2 m_voip Asterisk outbound udp qVOIPUp qVOIPDown wan lan lan 5060-5069 m_voip Asterisk inbound udp qVOIPDown qVOIPUp lan wan lan 5060-5069 m_voip Asterisk outbound udp Penalty IP qPenaltyUp qPenaltyDown wan lan mischeif Penalty IP qPenaltyDown qPenaltyUp lan wan mischeif qP2PUp qP2PDown wan lan lan 5500-5503 m_P2P HotlineConnect inbound tcp qP2PDown qP2PUp lan wan lan lan 4329-4329 m_P2P iMesh outbound tcp qP2PUp qP2PDown wan lan lan 4329-4329 m_P2P iMesh inbound tcp qP2PDown qP2PUp lan wan lan lan 6699-6701 m_P2P Napster outbound tcp qP2PDown qP2PUp lan wan lan l
Re: [pfSense Support] XBOX live not working with public IPS on MY LAN
My point wasn't that you need NAT, I got the part where you said you weren't NATing. The point is that no special configurations are needed to make XBox live work with pfSense and yes, UPnP is simply to automagically set up NATs as needed. Chris Flugstad wrote: I totally knew I'd get a response in regards to NATing ;) I am not using NAT. I have public ip's on the inside of this network so there is no NATING. UPNP would only be used for NAT correct? I myself tend to skim posts on here, so I totally understand Gary, and thanks for the quick response. Hopefully someone else has a response that will help though. -topher On 5/11/2010 5:23 PM, Gary Buckmaster wrote: I'm using an XBox behind a very straightforward pfSense install without any difficulty. You shouldn't need any special contortions to make it work except NATing the ports XBox Live wants (it works without them but it complains). UPnP should also "Just Work" if you enable that. Chris Flugstad wrote: So I have a pfsense router in a buidling DHCP'ing pub ip's on the LAN. I have a user that can connect his xbox 360 online to xbox live but cannot connect to other players or join parties. He has tried plugging his xbox directly bypassing his router and giving his xbox a pub ip. this does not work. i wonder if something would need to be set in pfsense to allow this to work? Again, I have public ip's on the inside of my network so i do not have NAT for any of you who are going to respond with responses that would point me into doing fw changes for NAT below is a dump of my config. Sincerely, Topher 3.0 nervecenter normal .net $. Etc/GMT-8 0.pfsense.pool.ntp.org https yes yes 207.66.128.8 207.66.60.8 bge0 216.127.63.65 26 100 Mb bge1 100 Mb 216.127.32.44 29 216.127.32.41 dyndns 216.127.63.66 216.127.63.126 216.127.63.65 00:21:91:15:90:24 216.127.63.80 WBR-1310 public block wan keep state 216.127.63.80 pass wan keep state reject lan keep state 216.127.63.80 block misch ip block lan keep state 216.127.63.116 block misch ip block lan keep state 216.127.63.100 pass lan keep state lan Default LAN -> any mischeif 216.127.63.80 bad peoplos host Entry added Mon, 18 Jan 2010 16:57:58 +0800|| 0 * * * * root /usr/bin/nice -n20 newsyslog 1,31 0-5 * * * root /usr/bin/nice -n20 adjkerntz -a 1 3 1 * * root /usr/bin/nice -n20 /etc/rc.update_bogons.sh */60 * * * * root /usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 sshlockout 1 1 * * * root /usr/bin/nice -n20 /etc/rc.dyndns.update */60 * * * * root /usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 virusprot */60 * * * * root /usr/bin/nice -n20 /usr/local/sbin/expiretable -t 3600 snort2c */5 * * * * root /usr/local/bin/checkreload.sh */5 * * * * root /etc/ping_hosts.sh */140 * * * * root /usr/local/sbin/reset_slbd.sh /firewall_rules_edit.php made unknown change 1272412107 traffic inverse 10 10 lan wan Asterisk 128 on mischeif 356 356 on on 20 20 on on on on on on on on on on on on on on on on on on on on on on hfsc qwanRoot 0 0 on 10 Kb qlanRoot 0 0 on 10 Kb qwandef qwanRoot 0 true 1 on 1% 1 % 500 qlandef 1 qlanRoot 0 true on 1% 1 % 500 qwanacks qwanRoot 0 7 on 10% 25 % qlanacks qlanRoot 0 7 on 10% 25 % qVOIPUp qwanRoot 0 7 on 128Kb 25 % qVOIPDown qlanRoot 0 7 on 128Kb 25 % qPenaltyUp qwanRoot 0 2 on on on 356Kb 1 % 500 qPenaltyDown qlanRoot 0 2 on on on 356Kb 1 % 500 qP2PUp qwanRoot 0 1 on on on 1Kb on 20Kb 1 % 500 qP2PDown qlanRoot 0 1 on on on 1Kb on 20Kb 1 % 500 qVOIPUp qVOIPDown wan lan lan 1-2 m_voip Asterisk inbound udp qVOIPDown qVOIPUp lan wan lan 1-2 m_voip Asterisk outbound udp qVOIPUp qVOIPDown wan lan lan 5060-5069 m_voip Asterisk inbound udp qVOIPDown qVOIPUp lan wan lan 5060-5069 m_voip Asterisk outbound udp Penalty IP qPenaltyUp qPenaltyDown wan lan mischeif Penalty IP qPenaltyDown qPenaltyUp lan wan mischeif qP2PUp qP2PDown wan lan lan 5500-5503 m_P2P HotlineConnect inbound tcp qP2PDown qP2PUp lan wan lan lan 4329-4329 m_P2P iMesh outbound tcp qP2PUp qP2PDown wan lan lan 4329-4329 m_P2P iMesh inbound tcp qP2PDown qP2PUp lan wan lan lan 6699-6701 m_P2P Napster outbound tcp qP2PDown qP2PUp lan wan lan lan 5500-5503 m_P2P HotlineConnect outbound tcp qP2PUp qP2PDown wan lan lan 8038-8039 m_P2P grouper inbound tcp qP2PDown qP2PUp lan wan lan lan 8038-8039 m_P2P grouper outbound tcp qP2PUp qP2PDown wan lan lan 6699-6701 m_P2P Napster inbound tcp qP2PDown qP2PUp lan wan lan lan 28864-28865 m_P2P hotComm outbound tcp qP2PUp qP2PDown wan lan lan 28864-28865 m_P2P hotComm inbound tcp qP2PDown qP2PUp lan wan lan lan 8311-8311 m_P2P Sco
Re: [pfSense Support] XBOX live not working with public IPS on MY LAN
On Tue, May 11, 2010 at 8:37 PM, Chris Flugstad wrote: > I totally knew I'd get a response in regards to NATing ;) I am not using > NAT. I have public ip's on the inside of this network so there is no > NATING. UPNP would only be used for NAT correct? Yeah. As long as you have a wide open ruleset, you don't need to do anything else. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] XBOX live not working with public IPS on MY LAN
I totally knew I'd get a response in regards to NATing ;) I am not using NAT. I have public ip's on the inside of this network so there is no NATING. UPNP would only be used for NAT correct? I myself tend to skim posts on here, so I totally understand Gary, and thanks for the quick response. Hopefully someone else has a response that will help though. -topher On 5/11/2010 5:23 PM, Gary Buckmaster wrote: I'm using an XBox behind a very straightforward pfSense install without any difficulty. You shouldn't need any special contortions to make it work except NATing the ports XBox Live wants (it works without them but it complains). UPnP should also "Just Work" if you enable that. Chris Flugstad wrote: So I have a pfsense router in a buidling DHCP'ing pub ip's on the LAN. I have a user that can connect his xbox 360 online to xbox live but cannot connect to other players or join parties. He has tried plugging his xbox directly bypassing his router and giving his xbox a pub ip. this does not work. i wonder if something would need to be set in pfsense to allow this to work? Again, I have public ip's on the inside of my network so i do not have NAT for any of you who are going to respond with responses that would point me into doing fw changes for NAT below is a dump of my config. Sincerely, Topher 3.0 nervecenter normal .net $. Etc/GMT-8 0.pfsense.pool.ntp.org https yes yes 207.66.128.8 207.66.60.8 bge0 216.127.63.65 26 100 Mb bge1 100 Mb 216.127.32.44 29 216.127.32.41 dyndns 216.127.63.66 216.127.63.126 216.127.63.65 00:21:91:15:90:24 216.127.63.80 WBR-1310 public block wan keep state 216.127.63.80 pass wan keep state reject lan keep state 216.127.63.80 block misch ip block lan keep state 216.127.63.116 block misch ip block lan keep state 216.127.63.100 pass lan keep state lan Default LAN -> any mischeif 216.127.63.80 bad peoplos host Entry added Mon, 18 Jan 2010 16:57:58 +0800|| 0 * * * * root /usr/bin/nice -n20 newsyslog 1,31 0-5 * * * root /usr/bin/nice -n20 adjkerntz -a 1 3 1 * * root /usr/bin/nice -n20 /etc/rc.update_bogons.sh */60 * * * * root /usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 sshlockout 1 1 * * * root /usr/bin/nice -n20 /etc/rc.dyndns.update */60 * * * * root /usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 virusprot */60 * * * * root /usr/bin/nice -n20 /usr/local/sbin/expiretable -t 3600 snort2c */5 * * * * root /usr/local/bin/checkreload.sh */5 * * * * root /etc/ping_hosts.sh */140 * * * * root /usr/local/sbin/reset_slbd.sh /firewall_rules_edit.php made unknown change 1272412107 traffic inverse 10 10 lan wan Asterisk 128 on mischeif 356 356 on on 20 20 on on on on on on on on on on on on on on on on on on on on on on hfsc qwanRoot 0 0 on 10 Kb qlanRoot 0 0 on 10 Kb qwandef qwanRoot 0 true 1 on 1% 1 % 500 qlandef 1 qlanRoot 0 true on 1% 1 % 500 qwanacks qwanRoot 0 7 on 10% 25 % qlanacks qlanRoot 0 7 on 10% 25 % qVOIPUp qwanRoot 0 7 on 128Kb 25 % qVOIPDown qlanRoot 0 7 on 128Kb 25 % qPenaltyUp qwanRoot 0 2 on on on 356Kb 1 % 500 qPenaltyDown qlanRoot 0 2 on on on 356Kb 1 % 500 qP2PUp qwanRoot 0 1 on on on 1Kb on 20Kb 1 % 500 qP2PDown qlanRoot 0 1 on on on 1Kb on 20Kb 1 % 500 qVOIPUp qVOIPDown wan lan lan 1-2 m_voip Asterisk inbound udp qVOIPDown qVOIPUp lan wan lan 1-2 m_voip Asterisk outbound udp qVOIPUp qVOIPDown wan lan lan 5060-5069 m_voip Asterisk inbound udp qVOIPDown qVOIPUp lan wan lan 5060-5069 m_voip Asterisk outbound udp Penalty IP qPenaltyUp qPenaltyDown wan lan mischeif Penalty IP qPenaltyDown qPenaltyUp lan wan mischeif qP2PUp qP2PDown wan lan lan 5500-5503 m_P2P HotlineConnect inbound tcp qP2PDown qP2PUp lan wan lan lan 4329-4329 m_P2P iMesh outbound tcp qP2PUp qP2PDown wan lan lan 4329-4329 m_P2P iMesh inbound tcp qP2PDown qP2PUp lan wan lan lan 6699-6701 m_P2P Napster outbound tcp qP2PDown qP2PUp lan wan lan lan 5500-5503 m_P2P HotlineConnect outbound tcp qP2PUp qP2PDown wan lan lan 8038-8039 m_P2P grouper inbound tcp qP2PDown qP2PUp lan wan lan lan 8038-8039 m_P2P grouper outbound tcp qP2PUp qP2PDown wan lan lan 6699-6701 m_P2P Napster inbound tcp qP2PDown qP2PUp lan wan lan lan 28864-28865 m_P2P hotComm outbound tcp qP2PUp qP2PDown wan lan lan 28864-28865 m_P2P hotComm inbound tcp qP2PDown qP2PUp lan wan lan lan 8311-8311 m_P2P Scour outbound tcp qP2PDown qP2PUp lan wan lan lan 5190-5190 m_P2P SongSpy outbound tcp qP2PUp qP2PDown wan lan lan 5190-5190 m_P2P SongSpy inbound tcp qP2PDown qP2PUp lan wan lan lan 6699-6699 m_P2P WinMX outbound tcp qP2PUp qP2PDown wan lan lan
Re: [pfSense Support] XBOX live not working with public IPS on MY LAN
I'm using an XBox behind a very straightforward pfSense install without any difficulty. You shouldn't need any special contortions to make it work except NATing the ports XBox Live wants (it works without them but it complains). UPnP should also "Just Work" if you enable that. Chris Flugstad wrote: So I have a pfsense router in a buidling DHCP'ing pub ip's on the LAN. I have a user that can connect his xbox 360 online to xbox live but cannot connect to other players or join parties. He has tried plugging his xbox directly bypassing his router and giving his xbox a pub ip. this does not work. i wonder if something would need to be set in pfsense to allow this to work? Again, I have public ip's on the inside of my network so i do not have NAT for any of you who are going to respond with responses that would point me into doing fw changes for NAT below is a dump of my config. Sincerely, Topher 3.0 nervecenter normal .net $. Etc/GMT-8 0.pfsense.pool.ntp.org https yes yes 207.66.128.8 207.66.60.8 bge0 216.127.63.65 26 100 Mb bge1 100 Mb 216.127.32.44 29 216.127.32.41 dyndns 216.127.63.66 216.127.63.126 216.127.63.65 00:21:91:15:90:24 216.127.63.80 WBR-1310 public block wan keep state 216.127.63.80 pass wan keep state reject lan keep state 216.127.63.80 block misch ip block lan keep state 216.127.63.116 block misch ip block lan keep state 216.127.63.100 pass lan keep state lan Default LAN -> any mischeif 216.127.63.80 bad peoplos host Entry added Mon, 18 Jan 2010 16:57:58 +0800|| 0 * * * * root /usr/bin/nice -n20 newsyslog 1,31 0-5 * * * root /usr/bin/nice -n20 adjkerntz -a 1 3 1 * * root /usr/bin/nice -n20 /etc/rc.update_bogons.sh */60 * * * * root /usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 sshlockout 1 1 * * * root /usr/bin/nice -n20 /etc/rc.dyndns.update */60 * * * * root /usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 virusprot */60 * * * * root /usr/bin/nice -n20 /usr/local/sbin/expiretable -t 3600 snort2c */5 * * * * root /usr/local/bin/checkreload.sh */5 * * * * root /etc/ping_hosts.sh */140 * * * * root /usr/local/sbin/reset_slbd.sh /firewall_rules_edit.php made unknown change 1272412107 traffic inverse 10 10 lan wan Asterisk 128 on mischeif 356 356 on on 20 20 on on on on on on on on on on on on on on on on on on on on on on hfsc qwanRoot 0 0 on 10 Kb qlanRoot 0 0 on 10 Kb qwandef qwanRoot 0 true 1 on 1% 1 % 500 qlandef 1 qlanRoot 0 true on 1% 1 % 500 qwanacks qwanRoot 0 7 on 10% 25 % qlanacks qlanRoot 0 7 on 10% 25 % qVOIPUp qwanRoot 0 7 on 128Kb 25 % qVOIPDown qlanRoot 0 7 on 128Kb 25 % qPenaltyUp qwanRoot 0 2 on on on 356Kb 1 % 500 qPenaltyDown qlanRoot 0 2 on on on 356Kb 1 % 500 qP2PUp qwanRoot 0 1 on on on 1Kb on 20Kb 1 % 500 qP2PDown qlanRoot 0 1 on on on 1Kb on 20Kb 1 % 500 qVOIPUp qVOIPDown wan lan lan 1-2 m_voip Asterisk inbound udp qVOIPDown qVOIPUp lan wan lan 1-2 m_voip Asterisk outbound udp qVOIPUp qVOIPDown wan lan lan 5060-5069 m_voip Asterisk inbound udp qVOIPDown qVOIPUp lan wan lan 5060-5069 m_voip Asterisk outbound udp Penalty IP qPenaltyUp qPenaltyDown wan lan mischeif Penalty IP qPenaltyDown qPenaltyUp lan wan mischeif qP2PUp qP2PDown wan lan lan 5500-5503 m_P2P HotlineConnect inbound tcp qP2PDown qP2PUp lan wan lan lan 4329-4329 m_P2P iMesh outbound tcp qP2PUp qP2PDown wan lan lan 4329-4329 m_P2P iMesh inbound tcp qP2PDown qP2PUp lan wan lan lan 6699-6701 m_P2P Napster outbound tcp qP2PDown qP2PUp lan wan lan lan 5500-5503 m_P2P HotlineConnect outbound tcp qP2PUp qP2PDown wan lan lan 8038-8039 m_P2P grouper inbound tcp qP2PDown qP2PUp lan wan lan lan 8038-8039 m_P2P grouper outbound tcp qP2PUp qP2PDown wan lan lan 6699-6701 m_P2P Napster inbound tcp qP2PDown qP2PUp lan wan lan lan 28864-28865 m_P2P hotComm outbound tcp qP2PUp qP2PDown wan lan lan 28864-28865 m_P2P hotComm inbound tcp qP2PDown qP2PUp lan wan lan lan 8311-8311 m_P2P Scour outbound tcp qP2PDown qP2PUp lan wan lan lan 5190-5190 m_P2P SongSpy outbound tcp qP2PUp qP2PDown wan lan lan 5190-5190 m_P2P SongSpy inbound tcp qP2PDown qP2PUp lan wan lan lan 6699-6699 m_P2P WinMX outbound tcp qP2PUp qP2PDown wan lan lan 6699-6699 m_P2P WinMX inbound tcp qP2PUp qP2PDown wan lan lan 6346-6346 m_P2P Shareaza inbound tcp qP2PDown qP2PUp lan wan lan lan 6346-6346 m_P2P Shareaza outbound tcp qP2PUp qP2PDown wan lan lan -8889 m_P2P OpenNap inbound tcp qP2PUp qP2PDown wan lan lan 6346-6346 m_P2P Gnutella-UDP inbound udp qP2PUp qP2PDown wan lan lan 8311-8311 m_P2P Scour inbound tcp qP2PDown qP2PU
[pfSense Support] XBOX live not working with public IPS on MY LAN
So I have a pfsense router in a buidling DHCP'ing pub ip's on the LAN. I have a user that can connect his xbox 360 online to xbox live but cannot connect to other players or join parties. He has tried plugging his xbox directly bypassing his router and giving his xbox a pub ip. this does not work. i wonder if something would need to be set in pfsense to allow this to work? Again, I have public ip's on the inside of my network so i do not have NAT for any of you who are going to respond with responses that would point me into doing fw changes for NAT below is a dump of my config. Sincerely, Topher 3.0 nervecenter normal .net $. Etc/GMT-8 0.pfsense.pool.ntp.org https yes yes 207.66.128.8 207.66.60.8 bge0 216.127.63.65 26 100 Mb bge1 100 Mb 216.127.32.44 29 216.127.32.41 dyndns 216.127.63.66 216.127.63.126 216.127.63.65 00:21:91:15:90:24 216.127.63.80 WBR-1310 public block wan keep state 216.127.63.80 pass wan keep state reject lan keep state 216.127.63.80 block misch ip block lan keep state 216.127.63.116 block misch ip block lan keep state 216.127.63.100 pass lan keep state lan Default LAN -> any mischeif 216.127.63.80 bad peoplos host Entry added Mon, 18 Jan 2010 16:57:58 +0800|| 0 * * * * root /usr/bin/nice -n20 newsyslog 1,31 0-5 * * * root /usr/bin/nice -n20 adjkerntz -a 1 3 1 * * root /usr/bin/nice -n20 /etc/rc.update_bogons.sh */60 * * * * root /usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 sshlockout 1 1 * * * root /usr/bin/nice -n20 /etc/rc.dyndns.update */60 * * * * root /usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 virusprot */60 * * * * root /usr/bin/nice -n20 /usr/local/sbin/expiretable -t 3600 snort2c */5 * * * * root /usr/local/bin/checkreload.sh */5 * * * * root /etc/ping_hosts.sh */140 * * * * root /usr/local/sbin/reset_slbd.sh /firewall_rules_edit.php made unknown change 1272412107 traffic inverse 10 10 lan wan Asterisk 128 on mischeif 356 356 on on 20 20 on on on on on on on on on on on on on on on on on on on on on on hfsc qwanRoot 0 0 on 10 Kb qlanRoot 0 0 on 10 Kb qwandef qwanRoot 0 true 1 on 1% 1 % 500 qlandef 1 qlanRoot 0 true on 1% 1 % 500 qwanacks qwanRoot 0 7 on 10% 25 % qlanacks qlanRoot 0 7 on 10% 25 % qVOIPUp qwanRoot 0 7 on 128Kb 25 % qVOIPDown qlanRoot 0 7 on 128Kb 25 % qPenaltyUp qwanRoot 0 2 on on on 356Kb 1 % 500 qPenaltyDown qlanRoot 0 2 on on on 356Kb 1 % 500 qP2PUp qwanRoot 0 1 on on on 1Kb on 20Kb 1 % 500 qP2PDown qlanRoot 0 1 on on on 1Kb on 20Kb 1 % 500 qVOIPUp qVOIPDown wan lan lan 1-2 m_voip Asterisk inbound udp qVOIPDown qVOIPUp lan wan lan 1-2 m_voip Asterisk outbound udp qVOIPUp qVOIPDown wan lan lan 5060-5069 m_voip Asterisk inbound udp qVOIPDown qVOIPUp lan wan lan 5060-5069 m_voip Asterisk outbound udp Penalty IP qPenaltyUp qPenaltyDown wan lan mischeif Penalty IP qPenaltyDown qPenaltyUp lan wan mischeif qP2PUp qP2PDown wan lan lan 5500-5503 m_P2P HotlineConnect inbound tcp qP2PDown qP2PUp lan wan lan lan 4329-4329 m_P2P iMesh outbound tcp qP2PUp qP2PDown wan lan lan 4329-4329 m_P2P iMesh inbound tcp qP2PDown qP2PUp lan wan lan lan 6699-6701 m_P2P Napster outbound tcp qP2PDown qP2PUp lan wan lan lan 5500-5503 m_P2P HotlineConnect outbound tcp qP2PUp qP2PDown wan lan lan 8038-8039 m_P2P grouper inbound tcp qP2PDown qP2PUp lan wan lan lan 8038-8039 m_P2P grouper outbound tcp qP2PUp qP2PDown wan lan lan 6699-6701 m_P2P Napster inbound tcp qP2PDown qP2PUp lan wan lan lan 28864-28865 m_P2P hotComm outbound tcp qP2PUp qP2PDown wan lan lan 28864-28865 m_P2P hotComm inbound tcp qP2PDown qP2PUp lan wan lan lan 8311-8311 m_P2P Scour outbound tcp qP2PDown qP2PUp lan wan lan lan 5190-5190 m_P2P SongSpy outbound tcp qP2PUp qP2PDown wan lan lan 5190-5190 m_P2P SongSpy inbound tcp qP2PDown qP2PUp lan wan lan lan 6699-6699 m_P2P WinMX outbound tcp qP2PUp qP2PDown wan lan lan 6699-6699 m_P2P WinMX inbound tcp qP2PUp qP2PDown wan lan lan 6346-6346 m_P2P Shareaza inbound tcp qP2PDown qP2PUp lan wan lan lan 6346-6346 m_P2P Shareaza outbound tcp qP2PUp qP2PDown wan lan lan -8889 m_P2P OpenNap inbound tcp qP2PUp qP2PDown wan lan lan 6346-6346 m_P2P Gnutella-UDP inbound udp qP2PUp qP2PDown wan lan lan 8311-8311 m_P2P Scour inbound tcp qP2PDown qP2PUp lan wan lan lan -8889 m_P2P OpenNap outbound tcp qP2PUp qP2PDown wan lan lan 4661-4665 m_P2P EDonkey2000 inbound tcp qP2PUp qP2PDown wan lan lan 6881-6999 m_P2P BitTorrent inbound udp qP2PDown qP2PUp lan wan lan lan 7788-7788 m_P2P BuddyShare outbound tcp qP2PUp qP2PDown wa