Xbox on the network

A Former User

i enabled, upnp, but xbox still says i am strict.

does pfsense need a hard reboot to confirm the changes are in fact working/in place?

A Former User

can a mod move this, i just saw the gaming forum.

:)

A Former User

this worked, but i did not complete all the steps (i didnt assign a static IP to my xbox).

i highlighted the steps i did in red. also, i am running 2.0.1

http://forum.pfsense.org/index.php/topic,43624.0.html

I have searched and searched and every suggestion I have found failed in one way or another.

This is what worked for me from a fresh install of Pfsense

SETTING UP Pfsense for XBOX360 only 1 xbox is used.

Step 1: Set up the xbox under DHCP Server to use a specific IP. I used 192.168.0.5

Step 2:

GOTO: Services: UPnP & NAT-PMP

Only the changes from Default are listed below.

Enable UPnP & NAT-PMP –- CHECKMARKED
Allow UPnP Port Mapping --- CHECKMARKED
Allow NAT-PMP Port Mapping –- CHECKMARKED
Interfaces (generally LAN) –- LAN Selected
By default deny access to UPnP & NAT-PMP? –- CHECKMARKED
User specified permissions 1 --- allow 3074 192.168.0.5 3074

Click on change

Done fire up xbox and go on live.

Nothing else was done or changed anywhere.

Suggestions are Welcome

mosesjf

I have two xbox lives on my network, I have them set up with static DHCP and have them mapped through upnp and outbount NAT. I don't get any problems with NAT or with online play, but the two machines can't join games with each other. Whenever they try the joiner gets "The game session is no longer available." Please Help, this has been a problem for some time.

marryitydrinc

Im no fanboy The console are as good as each other but i just prefer the xbox. I love them both i own them both x

froob

@mosesjf:

I have two xbox lives on my network, I have them set up with static DHCP and have them mapped through upnp and outbount NAT. I don't get any problems with NAT or with online play, but the two machines can't join games with each other. Whenever they try the joiner gets "The game session is no longer available." Please Help, this has been a problem for some time.

I had a similar problem to this, and I think it is caused by pfSense not having NAT reflection implemented for UPnP port forwards. My guess is that when the first Xbox tries to connect to the second in game it uses your external IP address, and because this isn't reflected back to the internal IP address in the network, the connection fails.

The way I have gotten around this (which is not a perfect solution but works) is to set up a manual port forward to each Xbox which matches the UPnP port forward, and turn on NAT reflection for the manual port forward. It helps to also set up some UPnP reservations in the UPnP settings, otherwise the port will change and you'll need to edit the manual port forwards constantly.

Post back here if this isn't making sense, and I could probably post some more detailed instructions.

bdwyer

Ok, first off, there is no need for manual port forwards. You are all close, however you are forgetting to configure Outbound NAT specifically for the Xbox 360. By default, outbound source ports are randomized by the firewall as a security feature. Xbox Live does not seem to play nicely with this. My guess is that the Xbox somehow encapsulates the packets and specifies a source port inside this encapsulation which is not adjusted by pfSense, therefore the return traffic hits a port thats not mapped.

What does this mean? You have two options. One is to follow the instructions on the link below to change this behavior for all of your LAN. The second is to enable Static Port for only the Xbox (or Xboxes). Basically, enable Manual outbound NAT and create an entry for the Xbox. To do this properly, your Xbox needs to maintain a static IP, so the best thing to do is create a static DHCP lease on the DHCP server page. Then, create the static outbound NAT entry tied to that source IP. If you only see the network option and not host in the drop down box, put your xboxes IP and select /32 which equates to a host entry. When finished, it should look like the attached image.

Those of you who created manual port forwards, if you want to use UPnP I suggest you clear out all the manual entries you created.

Read more here.
http://doc.pfsense.org/index.php/Static_Port

![Screen Shot 2012-05-08 at 4.49.03 PM.png](/public/imported_attachments/1/Screen Shot 2012-05-08 at 4.49.03 PM.png)
![Screen Shot 2012-05-08 at 4.49.03 PM.png_thumb](/public/imported_attachments/1/Screen Shot 2012-05-08 at 4.49.03 PM.png_thumb)

francisuk22

http://forum.pfsense.org/index.php/topic,45995.msg263369.html#msg263369
Look at this ^^!

goztepeleeee

tyyyyyyyyyyyyyyy

austinm6

Try testing your connection on the xbox under settings, that should change your nat to open

a-a-ron

Just to throw this out there. For xbox to easily have open NAT, it requires DHCP + uPNP.
http://miniupnp.tuxfamily.org/forum/viewtopic.php?t=393

To secure your upnp, I would recommend checking the box next to "By default deny access to UPnP & NAT-PMP?"

Then in your rule set next to "User specified permissions 1" set "allow 3074 xbox.ip.address 3074"

Setting a static DHCP reservation in pfsense will not work in your main subnet.

http://doc.pfsense.org/index.php/Why_can't_I_have_static_mappings_inside_my_DHCP_range%3F