I think full cone works. I tried with stunclient from https://github.com/jselbie/stunserver And got Endpoint Independent NAT + Endpoint Independent Filtering One thing I didn't see people mention, in addition to adding a filter-table forward-chain accept from WAN to LAN of protocol udp, Make sure in...