Port forward for Xbox Live

Comments

9 comments

  • Avatar
    David Rothenberger

    Appreciate the updates, Radagast82. I'm sorry the topic is so quiet, but I wanted to let you know that I at least am interested in what you find.

    1
    Comment actions Permalink
  • Avatar
    Vijay V

    I have achieved Open NAT on my Xbox Series X with Firewalla Purple. UPnP is not enabled. All I did was to port forward TCP & UDP port 3074.

    I have powered off the Xbox and powered it back on over multiple days and the NAT type stays as Open.

    I had used this article when I was running OPNSense and it worked at that time as well.

    https://niallbest.com/achieve-full-open-nat-with-port-forwarding-for-xbox-live-via-opnsense/

    1
    Comment actions Permalink
  • Avatar
    Radagast82

    Well, I figured out how to make Nat open on Xbox. This is the list of port that I forwarded, not all of them are in the list provided by MS:

    TCP/UDP: 53, 1863, 3074, 3075, 16000

    TCP: 80

    UDP: 4500, 3544, 500, 88

    As a general rule applied to the VLAN where the xbox is, there's block traffic from internet.

    UPNP is now disabled, still I don't understand why it wasn't working as expected while it was enabled

    0
    Comment actions Permalink
  • Avatar
    Radagast82

    I correct myself. Yesterday in the evening, NAT status on xbox was again moderated, no changes done since I opened the above ports and checked the NAT status as open...

    I put xbox on DMZ, which is something that personally  would absolutely avoid, just to check if doing so something changes. 

    0
    Comment actions Permalink
  • Avatar
    Radagast82

    Thanks David.

    Yesterday I tried with DMZ. At a first stage, NAT was still moderated, after performing a NAT test it became open. I'll leave the DMZ also for today, this evening (CET) I'll try again to check if it's still open. If it is, than there's some port that should be open, not documented. If it's moderated, than I personally don't know what to do more. The only takeway for now is that UPNP somehow is not working as I expect. 

    P.s. of course I assigned a reserved IP address to the xbox via the firewalla app.

    0
    Comment actions Permalink
  • Avatar
    Radagast82

    ok, after 3 days I can say that putting the xbox in DMZ "works", meaning that NAT is open (after performing a nat test, as soon as I turn on the xbox, nat is moderated...). So I'm pretty sure it's a matter of ports, anyone else here using xbox?

    0
    Comment actions Permalink
  • Avatar
    Scott J Purkey

    @Radagast82 One port I had to open on my system to get open NAT that you do not have is

    TCP/UDP port 49190

     

    Let me know if that helps

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    If you have the Gold and can do segmentation, you can now turn on UPnP per network. So you can attach the xbox to a segment and allow UPnP on that segment. 

    0
    Comment actions Permalink
  • Avatar
    Radagast82

    I finally ended up by opening some additional ports on top of those suggested by microsoft. Specifically, I added the 3076 to the list I wrote here before. BUT, every time I turn on the xbox, it still says nat is moderated. If I redo the nat test, it then shows it as open...

    I'm not a fan of UPNP, I appreciate the possibility to turn it on on specific VLAN, but doing so I feel like I'm building segregated lans and then leave, even if remotely, the possibility for some devices to open ports as they want. Will stick with my current config.

    0
    Comment actions Permalink

Please sign in to leave a comment.