Nintendo Switch Gaming Console UPnP on Palo Alto Networks Device

Nintendo Switch Gaming Console UPnP on Palo Alto Networks Device

31644
Created On 11/17/19 21:36 PM - Last Modified 11/27/19 17:02 PM


Symptom


The Nintendo Switch gaming device is not able to connect to online games.

Cause


Nintendo Switch work on the basis of UPnP (Universal plug and play). UPnP will allow dynamic port opening for TCP and UDP to forward Nintendo gaming traffic and Palo Alto Networks devices are not compatible with UPnP traffic.

Resolution


The solution is to create dynamic NAT with an external IP. Basically, we need to create one dynamic IP rule above dynamic IP and port rule to allow Nintendo Switch traffic. The first rule will be created specifically for Nintendo Switch, and the second rule will be for all internet traffic with DI&P rule.

Object>>>
==================
External = 198.51.100.1/32
Nintendo Switch = 192.168.1.10/32

Port Rules Overview - NAT for Nintendo Switch and all internet traffic



 

Additional Information


We required one public IP for per each gaming console. If you have multiple consoles, then you will more public IP addresses will be required per Switch.
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000PNVtCAO&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail