Stadia Firewall Rules

Stadia Firewall Rules
Photo by Cristiano Pinto / Unsplash

Google was running a deal that if you bought a game on Stadia you would get a free controller and Chromecast Ultra (what they call the Premier Edition).

I was excited for this as this would round out my gaming capabilities to let me game on all of my screens. My main TV had been gameless for some time due to the untimely death of my original Xbox One.

Well the hardware arrived and after an easy Chromecast set up, I was ready to game. Unfortunately, the controller would only control Stadia and associated menus. I would launch a game and it would load fine, but the controller would only bring up Stadia stuff, no input was being passed to the game.

So, after some firewall sleuthing I have arrived at this set of rules to ensure Stadia works through my pfSense firewall. These may only be required for set up but the first one I know is necessary at all times.

  • Controller: Outbound UDP ports 44850-44860 to,,,,and . I keep needing to add more IPs and I cannot seem to capture a DNS request associated with this so this is where I am at for now. I only saw ports 44858 and 44859 but it seemed prudent to use a range
  • Controller and Chromcast: Outbound TCP/UDP port 53 to – I really am annoyed that hardware makers hardcode DNS servers like this instead of just using the network provided DNS, but here we are. Typically UDP would suffice here but depending on your DNS security settings, TCP may be necessary. Again, this rule may only be necessary during setup and not needed afterwards. While gaming I do not see any traffic hitting this rule.