Global Rules - Help

jovan111p · September 18, 2010, 6:41pm

Can somebody write Global Rules for this please?

Note that if you have a firewall and want to play online, the following TCP/IP ports
must be open in the outbound direction:

HTTP 80 TCP/IP
HTTPS 443 TCP/IP
Roomsvr 30440-30449 TCP/IP

The following UDP ports must be opened for game packets, for the outbound and inbound connections

Peer Game Connection 3659 UDP
Game Packets 3658 UDP
News Ticker 9000-9999 UDP
Online Team Play 9000-9999 UDP

Thanks a lot

rhgtyink · September 19, 2010, 11:56am

I assume this application is already on your Network Security Policy.
It could be like “Allow IP any any” then all the above traffic is already allowed.
If you wish to narrow it down you can add rules;

Select application, right click, Add rule.
Allow, TCP, Out, Source Any, Destination Any, Source Port Any, Destination port 80
Allow, TCP, Out, Source Any, Destination Any, Source Port Any, Destination port 443
Allow, TCP, Out, Source Any, Destination Any, Source Port Any, Destination port range 30440-30449

Apply, etc.

rhgtyink · September 19, 2010, 12:07pm

For this we need to open global rules if you have used Stealth ports wizard to block all incoming traffic.
There are two ways you can do this, you can create a “port set” that contains all these port and ranges, or you can create multiple rules with these ports.

I’ll go for the port groups approach;
Open Network Security Policy and go to Port Sets.

Add a new port set, give it a name like gameXports.
Select the group, and right click “Add” now add the following
Port 3658
Port 3659
Port range 9000-9999

Now APPY this policy otherwise the group won’t show up in the other policy windows.
Open the policy again and go to Global rules, click Add

Allow, UDP, In, Source Any, Destination Any, Source ports Any, Destination ports “A set of ports” and select GameXports. Make sure you move this rule above the block rules and press Apply.

Now repeat the same procedure for the Application rule so it’s also allowed to receive this traffic.
Accept for Allow I’d recommend Allow + Log so you can log the IP’s of the servers that this game uses.
If you wish you can then narrow down the rules also based on source ip range.

jovan111p · September 19, 2010, 1:34pm

How can I do this when I only can chose between Port Range or only one Port? There is no 3 slots.

http://i56.tinypic.com/2yy5r3m.jpg

rhgtyink · September 19, 2010, 4:33pm

You have to repeat this action 3 times to create the “set” of ports.

jovan111p · September 19, 2010, 5:06pm

When I Add in Application and when i press Apply I have message Please select an Application but I dont have that game installed yet. What to do? Thanks a lot

rhgtyink · September 19, 2010, 7:08pm

If you don’t have it installed, you can’t create the application rule, you need an executable path for it.