Connection to xBox 360 isn't working
-
Hello everyone,
please find attached a capture from my xBox Series X xBox Capture.capFor some weird reason I'm not able to login to the XBox 360 Services on my network. On my xBox 360 is the same issue there aswell. Connecting my xBox via WiFi to my HotSpot I'm able to login and it works like a charm.
Whats wondering me is Entry Number 38, with an incomplete TCP Package. Can somebody give me a hint what I could to debug it? Restarting My Modem, pfSense VM etc didn't helped.
Cheers!
-
Nothing there really looks like a problem. Packet 38 is a Reset Ack but it doesn't look like there's an issue connecting to that IP, there is two way traffic.
Is this something that just started?
Do you see anything blocked in the firewall log?
Are you running pfBlocker or Snort/Suricata?
Steve
-
The problem persists for a couple of weeks IIRC. Like in December sitting on my xBox 360 and wasn't able to login. I thought there is an outage. Now yesterday I tried another game on my Series X and saw the same issue.
I don't see nothing blocked in my firewall, which would surprise me because I didn't blockes anything. Not using pfBlocker or Snort. Only thing I installed was AdGuard, but my xBox don't use my DNS servers
-
So it's not something that happens every time it tries to connect? It just occasionally fails?
-
Nono, it fails all the time, but only on the 360 Part of Microsoft. And I don't play 360 games that often. Thats why I noticed it the second time just now. But the issue is there all the time.
-
@gamienator-0
There are 4 TCP conversations in this PCAP.
2.20.156.141 is Akamai
40.90.217.196 is MSFT -- Im going to assume this is the conversation we care about.Looking at just the HTTP conversation the only thing that sticks out at me is the following
A login fail. Its in a POST message so your xbox sending data to the server, PIFLC.XBOXLIVE.COM.
Maybe something. Maybe nothing. I dont know much about how a normal working connection would look like.
-
Here guys is a PCAP with an successfull login: xBox_Success.cap
When I route my xBox over my VPN Tunnel the login works. I don't understand whats going wrong here
-
Do you have a static WAN IP? It might have been blocked for some reason.
-
@stephenw10
Nope, Dynamic WAN IP on my Line -
@gamienator-0 Are you sure all the right ports are forwarded to your Xbox? If you have ports open, did you change the IP of the Xbox perhaps?
-
@gblenn AFAIK know there aren't any ports needed to be forwared inbound. Otherwise it wouldn't be able to login via Hotspot. am i right?
-
@gamienator-0 By hotspot you mean using your phone? Although mobile carriers do use CG-NAT I'm not sure how "open" their networks are in that regard. Might work actually, and your phone certainly doesn't NAT or do any firewalling.
According to Xbox support pages you need at least 88 UDP and 3074 UDP/TCP opened (in addition to 80 and 53 but they are "open" already).
Port 3074 is used by a lot of different games so if you have PC's used for gaming you might want to look into setting up UPnP for all your gaming devices.https://support.xbox.com/en-US/help/xbox-360/networking/network-ports-used-xbox-live
-
Mmm, I'd be surprised if it needed any inbound ports just to login. And you certainly can't get any through CGNAT even if you configured them.
-
@gamienator-0
For the pcap not working - where did you take it from?
For the pcap working - where did you take it from?They are different. I don't see HTTP traffic on the working one.
The non-working one, it looks like it was taken off some Microsoft device based on the mac address. How did you do capture on this device if it is an xbox?On the working one- there's no mac address seen in the pcap. How did you get this captured? From where?
-
@michmoor Heythere,
I took the not working from pfSense Packet Catpure on Interface WAN, on the Working I took from the pfSense Packet Capture on the VPN Interface. Here is the PCAP catpured from WAN Again with working condition.
XBox_Success_2.zip
And to triple check everything I factory resetted my Modem and tried another Firewall from Sophos, with the same results. So it's not an pfSense issue. Lets see what we get from the PCAPs -
@gamienator-0 said in Connection to xBox 360 isn't working:
I took the not working from pfSense Packet Catpure on Interface WAN, on the Working I took from the pfSense Packet Capture on the VPN Interface.
So your WAN interface, you get a private IP address? You are utilizing double-NAT?
I know that can be an issue for multiplayer gaming but not sure how it plays into xbox sign-in attempts. -
@michmoor No, my WAN Interface has a public IP from Dail-in via PPPoE :)
-
@gamienator-0 where are you routing your vpn connection through? Same country as your from? Or different one?
-
@johnpoz Into a different Country, from Germany to Finland.
-
Ok, well that sounds definitely like some blocking at the server end. Just not for your specific IP as I speculated earlier.