Sorry for the big wall of text, trying to explain in as much detail as I can. Please bear with me
So I had been running OPNsense for about a year, and PFsense before that. Those worked fine, but I wanted to get some more detailed traffic info and integrate my devices better so I switched to Unifi. I have my network up, my security cameras up, and all that stuff. Everything is working well enough and I have no issues in my day to day usage.
Myself and a roommate play Destiny 2 on PC. And while everything works, our NAT is now moderate. This is fine, but means we cannot play with any players who have a strict NAT, which I have run across a few of them including one of the guys we used to do raids with every once in a while.
On OPNsense, I was able to go to port forwarding and set it up so that when traffic came from 192.168.1.102 on port 3097, it would send out the traffic from the router on port 3098 instead. And I had a port forward that said any source IP on port 3098 then fwd to x.102 PC. In Destiny when looking at the network info, this results in the PC at x.102 saying they had an open NAT, the internal port was 3097 (which destiny likes to use) and external port was 3098.
I had the same thing set up for 192.168.1.101 but just said 3097 out and in. And then again on a spare gaming PC we have, for 192.168.1.103 to send out and receive on port 3099, even though the internal port on that PC stayed 3097.
The concept is simple enough, right? Just make the router re-map the ports so it all functions transparently and correctly. I should be able to do that on Unifi too.
I also have a PLEX server and I have it on port 33133 for external traffic, but the server only will look at its default of 32400. So I have a port forward rule set up so that any source IP on port 33133 gets forwarded to 192.168.1.100 port 32400. This seems to work as PLEX says it is fully accessible outside, PLEX shows my external IP and port 33133 going in to x.100 port 32400. So this seems like the same concept I was talking about above and does seem to be working.
However, if I try to make a rule saying: any source IP, on port 3098, forward to x.102 port 3097, it doesnt work in Destiny. The game running on that PC does not say it is using external port 3098 and it says it is still moderate NAT.
If I set up a rule that says: any source IP, on port 3097, fwd to x.101, port 3097 then my PC will say open NAT. So the forwarding functionality does work, as long as it is the same source and destination port. It is this issue of trying to make the game automatically (and transparently to the game and user) use a different, pre-set port and getting it working that I am having an issue with.
My thought is that OPNsense had a few more options in the port forwarding area than Unifi has. I think this is why I was basically able to say when traffic on IP x.102 tries to go out port 3097, send it out port 3098 instead, and a rule that said when the router sees traffic bound for x.102 port 3098 to send it to that PCs port 3097. Unifi doesnt seem to be able to do this, and the game doesnt seem to know/want to grab port 3098 or any other port really.
edit: and now that I am thinking about it and looking at more info, maybe this port remapping thing I am trying to make the router do to the traffic was really more of an āOutbound NATā /source NAT rule I set up rather than a regular port forwarding? Does Unifi support making a source NAT rule?
So does anyone know how I would go about setting this up to make the Unifi setup map the traffic how I want and get open NAT on multiple PCs for running Destiny?