In my house there are two Nintendo Switches and we have two copies of Splatoon 2. We like to play the game together but of course we only have one Internet connection. At first it seemed like this wasn’t going to work. We could start two games separately and play just fine but if one tried to join the other’s game (through the friend option in the game menu) then both would get kicked out of the game. I was able to use advanced logging and network captures to see where the problem occurred and come up with a solution.
I use Pfsense for my router/firewall and a Ubiquiti Unifi mesh wireless network. The principal configuration in my solution should be possible on most modern networks but the terms and menu options will be different on other manufacture’s equipment. We’re going to create static IP addresses for each device and then make virtual wireless networks for them as well. This fools Nintendo’s network into treating each device as connecting from a separate network (allows UPnP to set the same ports).
Nintendo network games are notorious for having issues with multiple consoles using the same Internet connection. Some routers deal well with it right out of the box, and some don’t. The steps below outline what I did to get mine working. The same steps allow all my kid’s 3DS consoles to play Mario Kart at the same time as well.
Assign a Static IP Address
Before you can set special rules for a device on your network you need to assign it a static (never changes) IP address. This is a slighty different process in each type of router/firewall; use Google or Bing to find out how to do it in yours. Just type: “Firewall/Router Model Set Static IP” 
- In Pfsense open the web console
- Click on Status
- Choose DHCP Leases from the drop down menu
- Find your device and click the pencil icon at the end of the row.
- Enter an IP address that is outside of your DHCP range in the IP address box.
- Click the Save button at the bottom of the form.
Allow NAT Outbound Static Port
This sounds complicated but most residential firewalls (bought at Best Buy) don’t have this setting in the first place. Advanced (enterprise class) systems randomly scramble the source port to prevent NAT hacking. This has no effect for browsing the web or basic Internet activities but network games cannot handle it. If your firewall or router scrambles the source port on NAT traffic you’ll need to create a rule to stop it for your Switches. Assuming that you have Pfsence;
- Open the web console
- Click on Firewall -> NAT -> Outbound
- Click the Add button at the bottom of the page.
- Enter the Static IP address that you created in the seciton above with a / 32 subnet mask and check the Static Port box.
- Click the Save button at the bottom of the form. You should not need to change any of the other boxes.
You should configure the two options above for any multi-player gaming device connected to your network. This includes consoles, smart-phones, tablets, PCs, etc. The scrambled source port will keep most devices from connecting properly. It shows in games and “Strict NAT” or “NAT type 3”.
Create Multiple Wireless Networks
UPnP is a service that is already enabled on most modern firewall / router devices. If it isn’t turned on in your edge device you’ll need to enable it; again Google/Bing “Firewall/Router Model Enable UPnP” UPnP is a service that allows your firewall to automatically open network paths from the Internet to your devices. The trouble is, the way it accomplishes its goal can fail when two similar devices are trying to create similar paths on the same network. The way to work around this issue is to create multiple SSIDs and join a Switch to each.
In most wireless access points you are allowed to create more than one SSID or the device will have a guest network. Some systems even have multiple radios and will let you setup one network on each radio. Once again, use Google or Bing to find instructions for your particular setup. The goal is to create and join one wireless network for each Switch that you have. 
If you have a Unifi wireless network you’ll need to go to settings (the gear icon on the left) and then to Wireless Networks. Click the CREATE NEW WIRELESS NETWORK button and complete the form that opens. 
After you join each Switch to one wireless network you should be able to play Splatoon 2 multiplayer; I think you’ll find that most other multiplayer games work now as well. I’ve also adapted the same technique to resolve issues with multiple Xbox One and PS4 consoles. Games like Destiny 2 and Overwatch also use UPnP to establish their network paths and will sometimes not allow multiple consoles to play on the same network.
techbloggingfool.com 
I’m lookingg to set up a pfsense box, and am doing researc on fixing the “multiple games / same lan” issue that seems common with pfsense.
From my understanding, I’m not sure why this is working? When you create an additional SSID, are you assigning it to a different VLAN? In my mind, pfsense wouldn’t see the SSID if they’re all getting on the internal network, so by the time the traffic is hitting your router, ssid already doesn’t matter? (I haven’t used Unifi so maybe i’m over simplifying it)
LikeLike
Yes, Unifi is a mesh WiFi system and each SSID gets assiged to a different network. Most guest networks on wireless routers are also attached to a different subnet. The good news is that Pfsence 2.4.3 doesn’t require the addituonal wireless networks. Just enable reserved IPs and allow static ports for each system and you should be fine.
LikeLike