port forwarding for pfSense/Xbox

A

amrogers3

Gawd
Joined
Nov 7, 2010
Messages
643
I posted in Gaming but one of poster's suggested I ask here since it's more of a networking issue. I've found several different ways to try and connect with Xbox Live through pfSense. Been messing around with this for days and not met with much success.

I made some tweaks to pfSense and got Xbox Live from "strict NAT" to moderate NAT". I could join games but could not get chat to work correctly. Now I am getting a new error. I could really use some help trying to figure out what going on and make sense of the errors I am now receiving fom Xbox Live.

I am running pfSense 2.0 RC3. My Xbox sits on VLAN103 at 192.168.103.2/30 (only device on VLAN)

Here is the error I am getting from xBox Live:

ERROR STATUS REPORT (googled this came up with nada)
W: 0000-000B
X: 0000-000D
Y: 20A8-4800
Z: 0000-0000
ID: FFFF-FFFF

Here is my current setup:

Picture10-2.png


yyyyy.jpg


xxx.png


I am out of my league on this one. Any help/suggestions/advice would be appreciated.
 
Last edited:
Curious to know, as im working with pfsense now too.

Hey amg, you got msn ? or aim ? ( think we exchanged this already didn't we )
 
UPnP worked in the older version, never tried it in 2.0. If that doesn't work....just give it a static LAN IP via reservation, and forward these ports to it
• UDP 88
• UDP 3074
• TCP 3074

Also...manually set your MTU to 1384. Your strict NAT issues will now disappear. ;)
 
YeOldeStonecat said:
UPnP worked in the older version, never tried it in 2.0. If that doesn't work....just give it a static LAN IP via reservation, and forward these ports to it
• UDP 88
• UDP 3074
• TCP 3074

Also...manually set your MTU to 1384. Your strict NAT issues will now disappear. ;)
Click to expand...

Sup Stonecat, the Xbox is assigned a static IP. Already forwarding both parts 88, 3074 (see above screenshots of config). MTU of 1384 on WAN breaks internet. Problem is I am no longer getting strict or moderate NAT, now I am getting

ERROR STATUS REPORT
W: 0000-000B
X: 0000-000D
Y: 20A8-4800
Z: 0000-0000
ID: FFFF-FFFF

:confused:
 
Last edited:
Post from Ars Technica:

gusgizmo said:
Xbox live needs uPnP to work correctly. I imagine this is because every game is using different ports, so you will need to forward a large number of ports to get things working correctly without it.
Click to expand...

Is this true? Read that people got pfsense to work with xbox with port forwarding, however, I can't seem to get port forwarding to work.
 
Last edited:
I have this working fine. I can decrypt that error message for you a little bit.
X: Means you are using Ethernet to connect
Y: Means you are experiencing NAT problems
Z: Means you have a connection problem
Don't know what W means.

Yes, uPnP is the best way to get this working, period. For whatever reason if you choose to go the forwarding route, I had to open 88, 3074, 53, and 80 all to my xbox before it listed nat as open. When I removed 53 and 80 I went back to moderate.

So, ditch the nat rules, ditch the firewall rules, go to services and enable upnp for the interface. Enable DHCP for the subnet and reserve the dhcp address for your xbox 360's mac address, set your xbox to dhcp, turn the xbox off, Clear the states/reset the firewall, and fire the xbox up.

If you can't get it with that, I don't know what will because 2.0 works fine for me.
 
awesomo said:
I have this working fine. I can decrypt that error message for you a little bit.
X: Means you are using Ethernet to connect
Y: Means you are experiencing NAT problems
Z: Means you have a connection problem
Don't know what W means.

Yes, uPnP is the best way to get this working, period. For whatever reason if you choose to go the forwarding route, I had to open 88, 3074, 53, and 80 all to my xbox before it listed nat as open. When I removed 53 and 80 I went back to moderate.

So, ditch the nat rules, ditch the firewall rules, go to services and enable upnp for the interface. Enable DHCP for the subnet and reserve the dhcp address for your xbox 360's mac address, set your xbox to dhcp, turn the xbox off, Clear the states/reset the firewall, and fire the xbox up.

If you can't get it with that, I don't know what will because 2.0 works fine for me.
Click to expand...

Thanks awesomo. I would rather use port forwarding because UPnP of the insecurity with uPnP. I only have 88 and 3074 open. I'll try opening 53 and 80.

Also, what is the purpose of using DHCP? can't I just manually assign the IP address?

Thanks again for reply.

**UPDATE** enabled additional ports 53 and 80 and still the same error as above. :eek:

Picture14-1.png
 
Last edited:
amrogers3 said:
Thanks awesomo. I would rather use port forwarding because UPnP of the insecurity with uPnP. I only have 88 and 3074 open. I'll try opening 53 and 80.

Also, what is the purpose of using DHCP? can't I just manually assign the IP address?

Thanks again for reply.

**UPDATE** enabled additional ports 53 and 80 and still the same error as above. :eek:

Picture14-1.png
Click to expand...

What are the "insecurities" you're so worried about with upnp?
 
The only UPNP security issues I know of is the ability of a compromised computer on your network to open ports without direct access to the router. More of an issue on a huge network, but I wouldn't worry about it on a home network with a few computers.

Dhcp with a reservation would be for upnp. In the past I have had upnp not allow stuff applied if the address wasn't assigned by dhcp. I don't know if this is the case or not in pfsense, but it wouldn't hurt anything.

Start with a fresh pfsense config. I have no idea what else you might have changed.
 
You must log in or register to reply here.
Back
Top