If you saw this tweet, you'll see that a little while ago I had some fun with Playstation 3 online gaming; it's probably my own fault because I'm possibly the only person with a version 6 Cisco Pix Firewall at home in front of their playstation.
If you want to get online gaming working though your firewall there's a really good online reference here and my specific grumble about having to open up a shed load of ports for EA's Burnout paradise is documented in their support area.
To summarize, this is what I've got open:
General Playstation Network Ports, these always need to be open.
udp 3658
udp 3478-3479
Open these extra ones for Motor Storm
udp 3659 - 3660
Open these extra ones for Burnout
udp 3659
udp 9600-9699
If you to have a cisco pix, you'll need to open an entry on your outside access-list, something like
access-list outside permit udp any any eq 3658
and you'll need a static entry....
static (inside,outside) udp interface 3658 playstation3 3658 netmask 255.255.255.255
For lots of ports the access-list command supports the range statement, so
access-list outside permit udp any any range 9600 9699
But you won't be so lucky with statics, you'll have to add an entry for each port, I created a small bash shell script to automate the task...
1 2 3 4 5 6 | #!/bin/bash
#9600-9699
for i in `seq 9600 9699`;
do
echo "static (inside,outside) udp interface $i playstation3 $i netmask 255.255.255.255"
done
|
I then pasted the output into my pix. If you are having problems here are some references that might be useful are the cisco pix command ref and the pix nat guide.