Xbox and pfsense (tried both uPnP and PF)

amrogers3

I know this has probably been covered a 101 times. I googled and found 101 different ways to try and make xbox work with pfsense, however, I am using pfSense 2.0 RC1 and can't get my xbox to work with pfSense. I still am seeing "your NAT type is Strict" from xBox Live.

I seen the guide, HOWTO: Xbox 360 Live connection with pfSense, but I can't get it to work. That post is from 2009 and I have the latest release 2.0 RC1. I've spent half a day trying both uPnP and port forwarding, nothing is working.

Any help, suggestions, ideas, would be greatly appreciated!

amrogers3

Changed port forwarding to source port "any". When I go to network settings in xBox Live, I see all green from xbox 360 to xBox Live. However, when I "Text Xbox Live Connection" I get "NAT type is moderate". I can hear chat but people cannot hear me.

Also, canyouseeme doesn't show 3074 and 88 open. I am not sure why this is. I have both ports forwarding. I don't know if the "destination address" should be LAN subnet, VLAN103 address, VLAN103 subnet. I can't find a good description of these on the pfsense site.

p0ddie

I just turned on upnp in addition to my NAT rule. Works flawlessly.

![Bildschirmfoto 2011-07-06 um 23.41.28.png](/public/imported_attachments/1/Bildschirmfoto 2011-07-06 um 23.41.28.png)
![Bildschirmfoto 2011-07-06 um 23.41.28.png_thumb](/public/imported_attachments/1/Bildschirmfoto 2011-07-06 um 23.41.28.png_thumb)
![Bildschirmfoto 2011-07-06 um 23.50.30.png](/public/imported_attachments/1/Bildschirmfoto 2011-07-06 um 23.50.30.png)
![Bildschirmfoto 2011-07-06 um 23.50.30.png_thumb](/public/imported_attachments/1/Bildschirmfoto 2011-07-06 um 23.50.30.png_thumb)

amrogers3

@p0ddie:

I just turned on upnp in addition to my NAT rule. Works flawlessly.

Hi and thanks for post. I REALLY didn't want to use uPnP. My current configs are posted below. Can you tell me if you see any errors in my config? I can join and play Xbox Live and can hear chat but they can't hear me.

I am getting a new error now….

Here is the error I am getting from xBox Live:

ERROR STATUS REPORT (googled this came up with nada)
W: 0000-000B
X: 0000-000D
Y: 20A8-4800
Z: 0000-0000
ID: FFFF-FFFF

Here is my current setup:

Metu69salemi

Are you having wrong subnet at manual outbound nat.

Edit: Made a question

p0ddie

I can understand you don't want to use upnp. What I did is limit upnp to my xbox only (see my screenshot)… aside from that; I guess you have to define the ports 88 and 3074 in outbound NAT, too.

![Bildschirmfoto 2011-07-07 um 09.35.36.png](/public/imported_attachments/1/Bildschirmfoto 2011-07-07 um 09.35.36.png)
![Bildschirmfoto 2011-07-07 um 09.35.36.png_thumb](/public/imported_attachments/1/Bildschirmfoto 2011-07-07 um 09.35.36.png_thumb)

amrogers3

Post from Ars Technica:

@gusgizmo:

Xbox live needs uPnP to work correctly. I imagine this is because every game is using different ports, so you will need to forward a large number of ports to get things working correctly without it.

p0ddie

well there ya go. Either do the upnp limited to only the xbox as I did, or combine that with your own vlan for your xbox, or if you are crazy about securing this further, get another network interface and hook up the xbox (or any number of xboxes with a switch) to an entirely different subnet and set rules in pfsense to allow internet only, not the rest of your network. essentially, you are doing that with the vlan already :)