On 18/1/25 21:11, louise9...@gmail.com wrote:
Questions:
1. About your match out egress findings, would you recommend I use the
actual WAN interface instead of egress? For instance match out igc0?
Best to use (egress:0) for this in the event that your ISP rolls your IP
address without telling you, your NAT will still work. It could look
something like this:
match out on egress inet from !(egress) to any nat-to (egress:0)
2. Also is there any other way to do this without the static-port
option for ALL traffic instead of just for the Xbox? Am I hampering my
security by doing so?
static-port should be used only for the xbox traffic. The rest of the
traffic can use a separate match out rule:
P.S. : Thank you so much for answering and I appreciate your help and
kind support!
No worries, glad you got it working. Cheers
