Netgate SG-1000 microFirewall

Author Topic: HOWTO: Xbox 360 Live connection with pfSense (Port Forward & UPnP)  (Read 96169 times)

0 Members and 1 Guest are viewing this topic.

Offline brianm

  • Newbie
  • *
  • Posts: 4
  • Karma: +0/-0
    • View Profile
Re: HOWTO: Xbox 360 Live connection with pfSense (Port Forward & UPnP)
« Reply #15 on: March 11, 2011, 09:25:33 am »
Hi everyone,

I tell you even trying all the recommendations indicate, and yet I still have the problem, the Xbox tells me I have a strict NAT.
I updated my version of pfSense from 1.2.3 to 2.0 on 11 March.
Now I work in Multiplayer games without problems, but the message still appears. Someone comes up with some other option?

Greetings and thank you very much.

Offline BerSerK

  • Jr. Member
  • **
  • Posts: 43
  • Karma: +2/-0
    • View Profile
Re: HOWTO: Xbox 360 Live connection with pfSense (Port Forward & UPnP)
« Reply #16 on: March 12, 2011, 06:05:26 pm »
This thread is full of #fail with conflicting or downright wrong advice. I'm amazed in a sort of way.

If this howto is outdated or wrong please tell us how to correct it or simply remove the sticky or delete the thread.

Offline xtropx

  • Jr. Member
  • **
  • Posts: 88
  • Karma: +0/-0
    • View Profile
Re: HOWTO: Xbox 360 Live connection with pfSense (Port Forward & UPnP)
« Reply #17 on: March 17, 2011, 02:43:20 pm »
Yes please. Grace us humble pfsense newbies with the knowledge on how to correctly set this up!

This worked for me in UPnP:

allow 88 x.x.x.x 88
allow 3074 x.x.x.x 3074
(x.x.x.x is static IP of Xbox)

With no manual outbound rule generation.

...but I should not have to use UPnP.  ::)
Now I have everything set up to NAT ports 80, 88, 53, & 3074; firewall rules; static ports through manual outbound, and XBOX NAT type is still "moderate."

Edit: I will gladly provide any details about my configuration in order to assist in finding a proper method to configure this.
« Last Edit: March 17, 2011, 02:45:31 pm by xtropx »
Regards,

xtropx

Offline databeestje

  • Hero Member
  • *****
  • Posts: 1048
  • Karma: +1/-0
  • It just might be your luck day, if you only knew.
    • View Profile
Re: HOWTO: Xbox 360 Live connection with pfSense (Port Forward & UPnP)
« Reply #18 on: March 25, 2011, 03:12:34 pm »
with upnp enabled the xbox will request a port forward and succeed. It works fine for my xbox 360 at home. I don't get NAT type strict.

The missing multicast traffic rule prevented the xbox 360 from succeeding to add a port forward mapping.

Offline Sikh

  • Newbie
  • *
  • Posts: 13
  • Karma: +0/-0
    • View Profile
Re: HOWTO: Xbox 360 Live connection with pfSense (Port Forward & UPnP)
« Reply #19 on: April 10, 2011, 10:44:05 pm »
with upnp enabled the xbox will request a port forward and succeed. It works fine for my xbox 360 at home. I don't get NAT type strict.

The missing multicast traffic rule prevented the xbox 360 from succeeding to add a port forward mapping.

Thank YOU VERY MUCH. Ive been trying to figure what was the issue.

Any idea when it will go into  effect? I just got a second xbox that will be permanent on my network and its not working. One will fail the other one will Open.

Both of them use to be Open / Moderate. But now its Open / Incorrect MTU.

Both are port forward to 80/88/3074/53.

Offline Sikh

  • Newbie
  • *
  • Posts: 13
  • Karma: +0/-0
    • View Profile
Re: HOWTO: Xbox 360 Live connection with pfSense (Port Forward & UPnP)
« Reply #20 on: April 12, 2011, 10:22:06 pm »
with upnp enabled the xbox will request a port forward and succeed. It works fine for my xbox 360 at home. I don't get NAT type strict.

The missing multicast traffic rule prevented the xbox 360 from succeeding to add a port forward mapping.

So has this missing multicast traffic rule been put into play?

I completely erased everything to do with port forwarding, rules etc. First 360 went open, next one had no connection.

Offline databeestje

  • Hero Member
  • *****
  • Posts: 1048
  • Karma: +1/-0
  • It just might be your luck day, if you only knew.
    • View Profile
Re: HOWTO: Xbox 360 Live connection with pfSense (Port Forward & UPnP)
« Reply #21 on: April 15, 2011, 05:03:13 pm »
Aha, multiple 360's. That explains, I think it overwrites the existing rules.

I don't think Microsoft considered the possibility of 2 xboxes on 1 upnp router.

Offline Sikh

  • Newbie
  • *
  • Posts: 13
  • Karma: +0/-0
    • View Profile
Re: HOWTO: Xbox 360 Live connection with pfSense (Port Forward & UPnP)
« Reply #22 on: April 17, 2011, 02:23:13 pm »
Not true because when we have multiple xboxs on the network, upnp automatically gives the first one 3074(default xbox live port) and then the rest xbox's get random ports.

Its Pfsense not being able to handle this.

DD-WRT does it perfectlly fine so idk

Offline AhnHEL

  • Hero Member
  • *****
  • Posts: 636
  • Karma: +18/-0
  • It is what it is.
    • View Profile
Re: HOWTO: Xbox 360 Live connection with pfSense (Port Forward & UPnP)
« Reply #23 on: April 19, 2011, 11:34:25 pm »
Just as an update, multiple Gaming Consoles do work quite well with pfSense and this tutorial fully explains how to get it up and running. 

What I feel is not stated in enough detail in the tutorial, for any new users to pfSense, is the explanation that Advanced Outbound NAT rules work just like the Firewall rules.  They work top to bottom and match the first rule that applies and ignores the rules below it.  So your LAN rule should always be at the bottom and your specific individual host IP addresses and/or ports should be above the LAN rule.  The diagram shows the proper order but does not explain why.

Hopefully this additional information will help some users who are running into problems.  Personally, using the UPnP method, I have 2 XBoxes and 2 PS3s on my LAN and they all work with Open NAT, all at the same time with zero issues.
AhnHEL (Angel)
NYC

2 pfSense sites: 2.4.2 (amd64)
Dell 755 SFF E6550 @ 2.3Ghz, 4GB RAM, 100/30 Mbps, Intel X3959
Dell 7010 SFF i5-3570 @ 3.4Ghz, 8GB RAM, 940/880 Mbps, Intel X3959
OpenVPN (Road Warrior), pfBlockerNG, Gaming


Offline trendchiller

  • Sr. Member
  • ****
  • Posts: 370
  • Karma: +0/-0
    • View Profile
Re: HOWTO: Xbox 360 Live connection with pfSense (Port Forward & UPnP)
« Reply #24 on: May 16, 2011, 03:20:08 pm »
regardless of what i do, following the whole steps mentioned here:

upnp does not seem to allow the packets, you can see the packet answers always to be blocked in the system-logs :-(

i use    2.0-RC2 (i386) built on Sun May 15 20:43:07 EDT 2011

now i defined NAT by hand and it works...
but why not upnp ?

i used the following upnp rule: allow 1-65535 xxx.xxx.xxx.xxx/32 1-65535

anyone any ideas ?

i even created a pass-rule for the upne ports from lan-network to lan-address as stated in http://forum.pfsense.org/index.php/topic,33024.0.html
but it still does not work, there are simply no mapping in the upnp status...
« Last Edit: May 16, 2011, 03:42:27 pm by trendchiller »