Intel Xeon-D x552/x557 10baseT fails to negiotiate a 10Gb link
Images
A zone based firewall (ZBFW) configuration for Steam games
A template to allow client support for steam games on a Cisco IOS firewall using ZBFW
The following portion of configuration can be used to provide support for Steam clients. Change the access lists 'fw4-steam-hosts' and 'fw4-steam-hosts' as appropriate to list hosts/networks allowed to use Steam.
A few common Team Fortress 2 (TF2) ports are included in the configuration.
ip port-map user-steam-game port udp 27000 description Steam game client traffic ip port-map user-steam-game port udp 27001 description Steam game client traffic ip port-map user-steam-game port udp 27002 description Steam game client traffic ip port-map user-steam-game port udp 27003 description Steam game client traffic ip port-map user-steam-game port udp 27004 description Steam game client traffic ip port-map user-steam-game port udp 27005 description Steam game client traffic ip port-map user-steam-game port udp 27006 description Steam game client traffic ip port-map user-steam-game port udp 27007 description Steam game client traffic ip port-map user-steam-game port udp 27008 description Steam game client traffic ip port-map user-steam-game port udp 27009 description Steam game client traffic ip port-map user-steam-game port udp 27010 description Steam game client traffic ip port-map user-steam-game port udp 27011 description Steam game client traffic ip port-map user-steam-game port udp 27012 description Steam game client traffic ip port-map user-steam-game port udp 27013 description Steam game client traffic ip port-map user-steam-game port udp 27014 description Steam game client traffic ip port-map user-steam-game port udp 27015 description Steam game client traffic ip port-map user-steam-mm port udp 27016 description Steam Matchmaking and HLTV ip port-map user-steam-mm port udp 27017 description Steam Matchmaking and HLTV ip port-map user-steam-mm port udp 27018 description Steam Matchmaking and HLTV ip port-map user-steam-mm port udp 27019 description Steam Matchmaking and HLTV ip port-map user-steam-mm port udp 27020 description Steam Matchmaking and HLTV ip port-map user-steam-mm port udp 27021 description Steam Matchmaking and HLTV ip port-map user-steam-mm port udp 27022 description Steam Matchmaking and HLTV ip port-map user-steam-mm port udp 27023 description Steam Matchmaking and HLTV ip port-map user-steam-mm port udp 27024 description Steam Matchmaking and HLTV ip port-map user-steam-mm port udp 27025 description Steam Matchmaking and HLTV ip port-map user-steam-mm port udp 27026 description Steam Matchmaking and HLTV ip port-map user-steam-mm port udp 27027 description Steam Matchmaking and HLTV ip port-map user-steam-mm port udp 27028 description Steam Matchmaking and HLTV ip port-map user-steam-mm port udp 27029 description Steam Matchmaking and HLTV ip port-map user-steam-mm port udp 27030 description Steam Matchmaking and HLTV ip port-map user-steam-voice port udp 3478 description Steamworks P2P Networking and and Steam Voice Chat ip port-map user-steam-voice port udp 4379 description Steamworks P2P Networking and and Steam Voice Chat ip port-map user-steam-voice port udp 4380 description Steamworks P2P Networking and and Steam Voice Chat ip port-map user-steam-cod port udp 1500 description Call of Duty: Modern Warfare 2 Multiplayer ip port-map user-steam-cod port udp 3005 description Call of Duty: Modern Warfare 2 Multiplayer ip port-map user-steam-cod port udp 3101 description Call of Duty: Modern Warfare 2 Multiplayer ip port-map user-steam-cod port udp 28960 description Call of Duty: Modern Warfare 2 Multiplayer no ip access-list extended fw4-steam-downloads ip access-list extended fw4-steam-downloads ! Note: 27015 in this range is for 'SRCDS Rcon' permit tcp any any range 27014 27050 ! Team Fortress (TF2) additional ports permit udp any any eq 20100 permit udp any any eq 21000 permit udp any any range 27031 27100 permit udp any any range 28000 28100 permit udp any any eq 27105 permit udp any any eq 27115 permit udp any any eq 27117 permit udp any any eq 27200 permit udp any any eq 27215 permit udp any any eq 27315 permit udp any any eq 27415 permit udp any any eq 27515 permit udp any any eq 27615 permit udp any any eq 27715 permit udp any any eq 29015 permit udp any any eq 47015 exit ip access-list extended fw4-steam-hosts permit ip host 10.20.1.2 any exit ipv6 access-list fw6-steam-hosts permit ipv6 host 2001:4428:225:1::2 any exit class-map type inspect match-any fw-steam-hosts description The list of hosts permitted to use Steam match access-group name fw4-steam-hosts match access-group name fw6-steam-hosts exit class-map type inspect match-any fw-steam-services description Steam protocols match protocol user-steam-game match protocol user-steam-mm match protocol user-steam-voice match protocol user-steam-cod match access-group name fw4-steam-downloads exit ! Steam for games class-map type inspect match-all fw-steam description Steam and steam games match class-map fw-steam-hosts match class-map fw-steam-services exit
This should be put into the policy-map for traffic going out of your network
policy-map type inspect egress
description Traffic from internal networks to the internet
.... OTHER CLASS TYPES ...
class type inspect fw-steam
inspect
exit
class class-default
drop log
exit
exit
zone-pair security egress source InsideZone destination OutsideZone
description Outgoing firewall traffic
service-policy type inspect egress
exit
Residual
The configurtation listed above doesn't perform any QOS. The 'user-steam-game' protocols should be prioirtised (according to the Steam KB).
Links
