Xbox (360 & One) Nat Problems
-
A guess - You have multiple gateways?
Maybe do something to make sure your game consoles only use one gateway?
I'm trying to imagine u-pnp or even port forwards with multiple gateways if there is load balancing going on. Not sure but perhaps can cause issue.
-
Aye, I have forced the Consoles, to use a single gateway that I'm forwarding the ports on via the firewall rules, but no luck. :(
-
I have also noticed that SOME UDP services get broken by the auto rewriting and randomization of packets that happens in a default config.
SIP especially.
Wonder if game consoles traffic also?
I use manual outbound NAT and set static port (prevents rewrite of source port) when I have connectivity issues.
-
Indeed, I also have a PBX behind another of my gateways using SIP but that doesn't have an issue, neither does 20 or so other NAT'd ports I use for remote admin such as SSH and RDP, etc.
Even games on the PC via steam seem to use UPnP to successfully request open UDP ports without an issue.
But the Xbox One seems to be quite stubborn when it comes to open ports, even during the PCAP there were successful TCP/UDP streams going on, nothing that would appear to be "one-way traffic" e.g. the Xbox one trying to speak on a port with no response.
It truly is odd. I have my Outbound NAT rules set to Auto right now.
-
xbox has a long history of being painful - At my kids house behind pfsense its fine but I am running manual outbound there and only one WAN.
-
I can believe it… Do you have any particular rules setup for the manual outbound NAT?
-
Tons…
I made that entire LAN segment static port, for one thing... All hosts, all ports.
-
I'll give it a try as static port is set to "NO" at the moment, thanks :)
-
Hope it helps. Let me know how it goes.
-
Well, that seems to have fixed it.
All I did was allow static outbound NAT mappings for my LAN subnet out to the ISP the console is set to go out of and it works and now gives an OPEN NAT type.
Weirdly enough it seems to now also be requesting port 1200 UDP via UPnP which it wasn't doing before.
Many thanks for your help :)
-
No problem - Glad it was an easy fix for you.