I have pfSense running on an old dell, and the LAN and WAN interfaces seem to function fine. I have a 3rd interface that I just added, called "DMZ" that for the life of me I can't set up. I want to put all my video game systems on this interface, so they're wide open. Problem is, I can't figure out the config in pfSense to allow EVERYTHING (to/from) on that interface. Any ideas? Right now my xbox is freaking out at the ICMP stage...
![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
Navigation
Install the app
How to install the app on iOS
Follow along with the video below to see how to install our site as a web app on your home screen.
Note: This feature may not be available in some browsers.
More options
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
pfSense questions
- Thread starter mrand01
- Start date
YeOldeStonecat
[H]F Junkie
- Joined
- Jul 19, 2004
- Messages
- 11,330
There's no need to do anything odd with XBOX...it will run great right from behind your router/pfsense box.
yeah but it doesn't work.
I run the XBL connection test and it fails at MTU. Maybe my config is weird? I have 4 NICs, only 3 in use. 1 in from my ISP, 2 out (one LAN, one DMZ). The XBox is plugged into the DMZ switch. It has a static IP of 192.168.2.1 and all the other settings it needs. It has no problem w/ IP and DNS, but once it gets to MTU it fails. Here are the current rules set that have to do w/ the DMZ:
Under the DMZ tab:
Allow all protocols and ports on the DMZ interface to get to anywhere except the LAN interface (so this should enable all ports/protocols over WAN?)
Under the WAN tab:
Allow everything to DMZ.
I also may be setting this up wrong...i'm by no means a network guy, but I wanted to give this a shot. Any help would be great
I run the XBL connection test and it fails at MTU. Maybe my config is weird? I have 4 NICs, only 3 in use. 1 in from my ISP, 2 out (one LAN, one DMZ). The XBox is plugged into the DMZ switch. It has a static IP of 192.168.2.1 and all the other settings it needs. It has no problem w/ IP and DNS, but once it gets to MTU it fails. Here are the current rules set that have to do w/ the DMZ:
Under the DMZ tab:
Allow all protocols and ports on the DMZ interface to get to anywhere except the LAN interface (so this should enable all ports/protocols over WAN?)
Under the WAN tab:
Allow everything to DMZ.
I also may be setting this up wrong...i'm by no means a network guy, but I wanted to give this a shot. Any help would be great
Does the xbox have to be on the DMZ?
http://digg.com/gaming_news/Xbox_Live_connection_problems_Here_s_a_tip_(port_forwarding)
?
http://digg.com/gaming_news/Xbox_Live_connection_problems_Here_s_a_tip_(port_forwarding)
?
I don't know much about pfsense, but I'm assuming there's some port forwarding. Why not just set it up normally and reference this:
http://support.microsoft.com/kb/908874/en-us
for what to forward?
http://support.microsoft.com/kb/908874/en-us
for what to forward?
No, DMZ does not mean everything wide open. It means separate from your main network in many cases. DMZ Host is everything wide open on many home/small business routers:
http://en.wikipedia.org/wiki/Demilitarized_zone_(computing)
You can forward 3074 and 88 to your xbox (TCP and UDP) as those are the XBL ports, but MTU is not a port issue usually....
Note I had XBL issues and it was my DSL modem not passing certain packets properly, Zyxel had a fix for it that you could do and that solved it for me (this was a old modem though).
http://en.wikipedia.org/wiki/Demilitarized_zone_(computing)
You can forward 3074 and 88 to your xbox (TCP and UDP) as those are the XBL ports, but MTU is not a port issue usually....
Note I had XBL issues and it was my DSL modem not passing certain packets properly, Zyxel had a fix for it that you could do and that solved it for me (this was a old modem though).
YeOldeStonecat
[H]F Junkie
- Joined
- Jul 19, 2004
- Messages
- 11,330
Depending on your ISP.....
Have your router assign your XBox a static LAN IP (DHCP reservation)...
Open/forward these ports to that LAN IP address:
UDP 88
UDP 3074
TCP 3074
MTU on the router to be set to 1384
Have your router assign your XBox a static LAN IP (DHCP reservation)...
Open/forward these ports to that LAN IP address:
UDP 88
UDP 3074
TCP 3074
MTU on the router to be set to 1384