MSS FW Best Practices: Gaming Systems

Description

CAUTION: These documents are intended to provide partners with firewall configuration recommendations ONLY. They contain examples and caution should be exercised when making changes to your firewall as unplanned changed could result in downtime based on the complexity of the environment and/or configuration. 

MSS Recomended SonicWall Firewall Best Practices Index

SonicWalls will interfere with most gaming systems/consoles by default due to the nature of the traffic. Do these below things to ensure gaming devices work properly.

  1. Enable Consistent NAT
  2. Make sure the device(s) have a static IP. This can be done by creating a static DHCP reservation based on the MAC address of the gaming console/device or by configuring the static IP info on the device itself.
    1. Make sure the IP of the static reservation is outside of the DHCP scope to avoid IP conflictions.
  3. Create an Address Object for the IP of the DHCP reservation.
    1. You can also create a range object instead of separate objects for each IPs if the IPs are sequential.
    2. Make sure the Address Object Zone is correct.
  4. Create an Address Object Group. Name it Security Exclusion Group for example. This is the Address Object Group that will be excluded from the security services.
    1. Add the above Address Objects for the devices IPs to this group.
    2. There is no need to create a group if there is already an Address Object group excluded from the security services. In that case, just add the Address Object to that existing group.
  5. Go to the Exclusion List section for each security service and select the group created/used above from the drop-down menu.
    1. App Control
    2. Content Filtering
    3. Gateway Anti-Virus
    4. Intrusion Prevention
    5. Anti-Spyware
    6. Geo-IP Filtering
    7. BotNet Filtering
  6. Create a new firewall rule from the source zone of the gaming console to WAN.
    1. Select the address object(s) of the gaming console as the source.
    2. Leave the designation as Any.
    3. This should be an Allow rule.
    4. Under the advanced tab, select Disable DPI.

Related Articles

  • CS : Child CID Provisioning
    Read More
  • Cylance - Uninstalling Agent
    Read More
  • Cylance - Support Collection Tool
    Read More

Categories

Managed Security Services
Firewall Monitoring and Management
Firewall Configuration and Best Practices
not finding your answers?
Ask the Community
was this article helpful?
YesNo