Creative Commons

2020-04-28 15:55:30

Nintendo Switch NAT Type C Solution

Recently I purchased a Nintendo Switch and wanted to be able to play online with friends. After running the Internet test and seeing that the Switch determined my network was a NAT Type C, that wasn't possible. Only NAT Type A or NAT Type B can play online due to the awful way Nintendo designed their online services.

If your router supports it, the way to ensure you have zero problems is to fully put your Switch in a DMZ (full port forwarding), where it's 100% exposed to the public internet. That will ensure everyone can connect to your Switch (even hackers).

Nintendo's second recommendation is to forward _all_ UDP ports to your Switch, which is insane. As it turns out, this isn't even the actual solution. All that is necessary to get to NAT Type B is to ensure your Switch is hitting the internet using Static-NAT (no port translation/remapping). By default, all routers do port translation (source port remapping) with NAT, so this breaks Nintendo's online service.

I have a Check Point 620 for my firewall/router and it doesn't have the ability to fully put anything into a DMZ nor does it have any options to disable source port remapping like some firewalls do. But I was able to find a solution that achieved Static NAT without forwarding 65535 UDP ports (because ports don't actually have to be forwarded to get to NAT Type B).

To do this on the 620, follow these steps:

The downside to this approach is that each time your ISP renews your DHCP lease your public IP changes and you'll have to modify the Server on the Check Point with the new address. The Server rule has no way of configuring the Static NAT to use "This Gateway" as the address like other rules do.

So that's it! Happy NAT Type B'ing!


Post a comment!