PFsense and PS4 issues

Notice: Page may contain affiliate links for which we may earn a small commission through services like Amazon Affiliates or Skimlinks.
Jul 14, 2017
60
16
8
53
I’m trying to get my PS4 to have a better NAT as it’s preventing me from participating in the Gundam Battle Operations online games.

Since the PFSense box I’m using has 4 ports and most of the examples I’ve found for doing this, use some sort of non-192.168.1.XXX net. So I set up one of the 4 ports as a DMZ interface using the 10.10.20.XXX range (it was what was used in one of the examples I found, I'm not using it for any particular reason).

There’s a bunch of stuff you have to do with regards to UPnP and such. I believe I’ve followed those parts correctly, but I’ve found that the IP for the DMZ Interface (10.10.20.1) interface (port) is not able to ping the fixed IP set up for the PS4 (10.10.20.42). The WAN interface can however ping the DMZ interface just fine. The PS4 is not able to access the internet and internet connection is listed as failed when I test the internet set up.

Clearly I’m missing something in terms of a rule or permission, but I’m not having a whole lot of luck trying to narrow down the problem searching on line. I think I just don't know the right question to ask. The obvious issue is that the interface IP is not talking to the device IP, but I don't know what that problem is called and the obvious search turns up pretty much everything.
 

LodeRunner

Active Member
Apr 27, 2019
540
227
43
I haven't worked with a PS4, but I have plenty of PC games that use uPnP and go screwy when NAT doesn't play nice.

Things to look at:
uPnP settings:
-Service enabled
-External interface WAN, internal LAN (duh)
-For sanity, use ACLs to restrict which devices can use uPnP on pfSense (enable default deny option and add an entry for your PS4, make sure it has a DHCP reservation or static IP)

Firewall > NAT > Outbound
Set the mode to Hybrid and add a rule for the PS4 IP and make sure the Static Port option is set; depending on the game it may be finicky and require specific source port rules along with the static port option; for me doing any/any outbound with static port has been sufficient.

I would move the PS4 back into your LAN network as well.
 

RTM

Well-Known Member
Jan 26, 2014
956
359
63
Something that may be too obvious to think about: is your ISP doing NAT themselves? (if you are unsure, look at the assigned IP, is it internal (RFC1918) or in a Carrier Grade Nat segment)
 
Jul 14, 2017
60
16
8
53
The problem currently is less the NAT part, than that the DMZ interface IP is not talking to the fixed IP assigned to the PS4.

The suggestions are good and I believe I have followed the procedure for setting up the NAT for the PS4.

I'm really trying to figure out what is wrong between the DMZ interface and the PS4's IP address. Until that's working the NAT doesn't really matter since it won't work at all.
 

LodeRunner

Active Member
Apr 27, 2019
540
227
43
Why fuss with sticking the PS4 in a DMZ? Stick it in the LAN, fix NAT and uPnP configuration and see if that sorts it out. The PS4, being in the DMZ and not able to reach the internet seems to indicate a network level issue, since you gave it a static IP, and I assume a proper gateway IP and DNS IPs. Is your DMZ done with VLANs? Tagged or untagged? Is the PS4 _actually_ connected to your DMZ interface?

If this was a computer, it'd be easier to troubleshoot as you'd have a device capable of proper diagnostics (e.g. seeing if it can ping the DMZ interface IP). The PS4 is not a great candidate for figuring this out.