XboX One and NAT

Started by stark, June 02, 2018, 08:03:36 PM

Previous topic - Next topic
Print
Go Down Pages 1 2
User actions
February 20, 2023, 06:13:51 PM #15
What else should I do then, as I have set up the outbound nat rule and it is still not working.
March 01, 2023, 04:43:14 AM #16
I will add that this shows up in my firewall log when I test the nat type
December 10, 2023, 12:20:07 AM #17
Quote from: supercm on February 20, 2023, 06:13:51 PM
What else should I do then, as I have set up the outbound nat rule and it is still not working.

I also have a static port NAT for TCP/UDP 3074 mapped to my XBox dhcp lease reservation IP. This plus the Outbound NAT for the XBox IP and the Static-port is all that was required for my stock OPNsense config. That's all I need. No UPnP. Set that, reboot the XBox, Network Test and it is completely happy and shows "Open NAT".
March 24, 2024, 04:02:45 PM #18
This is how I set mine up, and I have OPEN NAT status on my Xbox all the time, including Call of Duty

I highly recommend that you use wired networking with an Xbox and NOT WiFi.

Get some Info from the Xbox and select an Alternate port

  • On your Xbox go into Settings / Network Settings / Advanced Settings
  • Write down the MAC address - Use wired if possible, otherwise write down the wireless address
  • Alternate port selection
  • Select an Alternate port and write that number down

Go into OPNsense

Create static IP address for Xbox

  • Services / DHCP
  • Create a new static IP address
      The only relevant thing you need to make sure of is that you use the
      MAC address that you wrote down earlier and that you type in an IP
      address that works on that subnet that is not part of your DHCP pool.
  • Save
  • Apply

Create Aliases - This is optional but it does make things a bit easier

  • Firewall / Aliases
  • Hit the plus to add an Alias
  • Give the alias a name like Xbox_One
  • Type: host(s)
  • Content: The IP address you just created for the Xbox
  • Save
  • Hit the plus to create a new alias
  • Name: Xbox_Live_Port
  • Type: Port(s)
  • Content: Alternate port you selected in step 3 at the top
  • Save

Create Inbound NAT Mapping
  • Firewall / NAT / Port forward
  • Hit the Plus to create a new port map
  • Interface: WAN
  • Protocol: TCP / UDP
  • Destination: WAN Address
  • Destination Port Range
    from: Xbox_Live_Port(number)
        to: Xbox_Live_Port(number)

  • Redirected Target: Xbox_One
  • Redirected Target Port: Xbox_Live_Port(number)
  • Save

The reason why the port range is labeled as a "Destination" - is because you have to think about the packet entering in from the Internet and arriving at the WAN port on the firewall... so its destination is the WAN interface where from that point, it will end up being Redirected to the redirected Target.

Reboot your xbox (A warm reboot will be fine) so that it picks up the static IP address.

When you go back into Networking, it should show your NAT status as OPEN. If not, give it some time like 5 minutes and check it again.
July 05, 2024, 10:03:19 PM #19
You don't have to set an alternate port unless you have multiple Xboxes.

I also had to add an outbound NAT rule:

Firewall / NAT / Outbound

Select Hybrid outbound NAT rule generation then click Save.

In the Manual rules section click the plus to add a new rule.

  • Interface: WAN
  • Protocol: TCP/UDP
  • Source address: Xbox
  • Source port: Xbox_Live_Port
  • Static-port: ENABLE
  • Save
  • Apply

Here's an important tip: in between changing these settings and retesting open NAT status on the Xbox, you have to clear firewall states for the Xbox or it will continue to report strict NAT. Under Firewall / Diagnostics / States search for the static IP of the Xbox. A red X button will pop up to clear all states for the matched IP address, click it, then retest NAT status on the Xbox. This tripped me up big time.
Print
Go Up Pages 1 2
User actions