IPsec passthrough not working with Xbox One



  • Well if i put on Automatic outbound NAT  IPsec works but i have a strict NAT

    but if i turn on Manual Nat IPsec dont work but nat is open

    need ipsec for Titianfall game joining and i have 2 xbox ones on same network

    My  outbound rules - i used to have duel wan but got rid of one wan 2 is my only wan

    WAN2 any                       *     *         4500     WAN2 address * YES nat-t
    WAN2 any udp/              *     *         udp/500     WAN2 address * YES test nat
    WAN2  any esp/              *     *         esp/*     WAN2 address * NO Day one Xbox One
    WAN2  192.168.1.0/24    *     *         *             WAN2 address * YES Auto created rule for LAN to WAN2
    WAN2  127.0.0.0/8       *        *         *             WAN2 address * YES Auto created rule for localhost to WAN2

    From Xbox .com

    Step 2: Check to see if IPSec pass-through is enabled

    The Xbox Cloud uses IPsec protocol to secure communication between your console and the Cloud. If IPsec is not enabled within your router’s settings, then you will be unable to communicate with the Cloud. This will interfere with multiplayer gaming.

    By default, most routers either do not allow you to disable IPsec, or they have it enabled by default. You will still need to verify this setting.

    Access your router’s settings to determine if your router has the ability to disable IPsec, and if so, make sure that IPsec is enabled.

    For more information about your specific router’s settings, see the device manufacturer’s support pages. For information that our community may have gathered on your device’s IPSec settings, visit our Networking Hardware Information forums and look for your specific network hardware. Please note that the forums are in English, so take advantage of Bing Translator if you need another language.

    Note Clicking this link opens a second browser window so that you won’t lose your place while you’re looking for information about how to configure your network hardware.

    Is IPSec pass-through enabled on your network device?



  • $ grep tonatsubnets /tmp/rules.debug
    tonatsubnets = "{ 192.168.1.0/24 192.168.32.0/24 127.0.0.0/8 0.0.0.0  }"
    nat on $WAN2  from $tonatsubnets port 500 to any port 500 -> 207.255.220.70/32 port 500 
    nat on $WAN2  from $tonatsubnets to any -> 207.255.220.70/32 port 1024:65535

    found out that is the auto generated rules but how would i add them lil confused which is what

    Interface Source Source Port Destination Destination Port NAT Address NAT Port Static Port Description

    also im on

    2.1-RELEASE (amd64)
    built on Wed Sep 11 18:17:48 EDT 2013
    FreeBSD 8.3-RELEASE-p11



  • I have been having the same problem. When I just connect my Netgear router, all works well.


Log in to reply