Port forward for Xbox Live
Hi all, It seems like i'm not able to correctly forward ports used by xbox live service.
On my FWG in router mode (directly connected with optical fiber ONT, public ip address verified), I enabled upnp (in the vlan where the xbox is), and I also manually set the ports to be forwarded in the NAT menu of FW app (https://support.microsoft.com/en-us/topic/open-these-network-ports-for-xbox-one-94d5f68a-387c-1982-7163-6e12a4d9e981), granting access from any source. NAT status is still "moderated" when i turn on the console (same appears on some games such as cod). I asked my ISP if they filter in any way some ports, they told me they don't and I can also ask them for a change of IP. Before proceeding with that, am I doing something wrong? I expected that with Upnp enabled I didn't had to manually forward ports too, but also leaving only upnp enabled result is the same...
Edit: i just checked also on NAS (same VLAN of xbox, so UPNP enabled but no port manually forwarded). If someone is familiar with Synology, there's the option to test if the router is upnp capable in order to automatically open ports for required/given services. Test is failed...
-
Well, I figured out how to make Nat open on Xbox. This is the list of port that I forwarded, not all of them are in the list provided by MS:
TCP/UDP: 53, 1863, 3074, 3075, 16000
TCP: 80
UDP: 4500, 3544, 500, 88
As a general rule applied to the VLAN where the xbox is, there's block traffic from internet.
UPNP is now disabled, still I don't understand why it wasn't working as expected while it was enabled
-
I correct myself. Yesterday in the evening, NAT status on xbox was again moderated, no changes done since I opened the above ports and checked the NAT status as open...
I put xbox on DMZ, which is something that personally would absolutely avoid, just to check if doing so something changes.
-
Thanks David.
Yesterday I tried with DMZ. At a first stage, NAT was still moderated, after performing a NAT test it became open. I'll leave the DMZ also for today, this evening (CET) I'll try again to check if it's still open. If it is, than there's some port that should be open, not documented. If it's moderated, than I personally don't know what to do more. The only takeway for now is that UPNP somehow is not working as I expect.
P.s. of course I assigned a reserved IP address to the xbox via the firewalla app.
-
I finally ended up by opening some additional ports on top of those suggested by microsoft. Specifically, I added the 3076 to the list I wrote here before. BUT, every time I turn on the xbox, it still says nat is moderated. If I redo the nat test, it then shows it as open...
I'm not a fan of UPNP, I appreciate the possibility to turn it on on specific VLAN, but doing so I feel like I'm building segregated lans and then leave, even if remotely, the possibility for some devices to open ports as they want. Will stick with my current config.
-
I have achieved Open NAT on my Xbox Series X with Firewalla Purple. UPnP is not enabled. All I did was to port forward TCP & UDP port 3074.
I have powered off the Xbox and powered it back on over multiple days and the NAT type stays as Open.
I had used this article when I was running OPNSense and it worked at that time as well.
https://niallbest.com/achieve-full-open-nat-with-port-forwarding-for-xbox-live-via-opnsense/
Please sign in to leave a comment.
Comments
9 comments