2 XBOX One's on Pace 5268AC

1) Installing a router that supports UPnP behind the Gateway and placing it in DMZplus/IP Passthrough does work.

2) A block of public static IP addresses incurs a monthly charge.  I can't say if it's $15 or not, but I can tell you that it's monthly.

Hi,

We do not allow for uPnP due to the huge security issues that come with it. Also, with how networking works, you are not able to assign the same ports to 2 different devices under the same public IP. No router can do this. The best options for most is to use a 3rd party device that does allow for uPnP to achieve an open NAT. For those having issues setting up their router behind router, always feel free to post in the U-verse Community, and there are a lot of users that participate that are willing to help.

-ATTU-verseCare

Here's my problem with that repsonse:  It does not adequately address the end user's needs in this case.  Regardless of whether or not UPnP is full of security holes is best left up to the end user, NOT to AT&T to make that determination.  Otherwise, you have basically become like Microsoft and are trying to determine what is best for the end user, which is not a good thing.

2nd: The earlier suggestion of adding IP's does indeed fix this issue, however, the problem is that it COSTS additonal $ per month, which is NOT ACCEPTABLE.  What would be acceptable to your customers is that if you want to force these modems upon us because you believe the security to be inadequate, then the correct customer service approach is to provide a couple extra IPs FREE OF CHARGE.  But this is not what is happening here.

3rd: And this is mostly directed at the guy with the ACE badge that I am assuming isn't on the AT&T payroll:  Although the addition of the router behind the router solution will no doubt allow you achieve a NAT Open setting for all the devices going through it, I'm assuing that it will not solve the IP address issue (in other words, if you have several Xbox Ones heading out to a specific game, e.g. Destiny, it does not magically give you more IPs, correct?). At the end of the day, not only would I spend the money & time on the additional router, but I would still have to spend $15 a month for a block to get everything to still work correctly in the game environment.  I'm assuming some multiplayer games don't require this, but, why take chances? The best and "cheapest" solution in terms of time & money here is to simply call up AT&T to add the block. Still COMPLETELY UNACCEPTABLE no matter how you do it.

---

@NathanDayspring wrote:

 

...

 

3rd: And this is mostly directed at the guy with the ACE badge that I am assuming isn't on the AT&T payroll:  Although the addition of the router behind the router solution will no doubt allow you achieve a NAT Open setting for all the devices going through it, I'm assuing that it will not solve the IP address issue (in other words, if you have several Xbox Ones heading out to a specific game, e.g. Destiny, it does not magically give you more IPs, correct?). At the end of the day, not only would I spend the money & time on the additional router, but I would still have to spend $15 a month for a block to get everything to still work correctly in the game environment.  I'm assuming some multiplayer games don't require this, but, why take chances? ...

---

Apparently most multiplayer-console games are able to work with a UPnP router in order to obtain non-standard ports to be provided to others for communication back through the UPnP/NAT router.  If Destiny does not do this, then Destiny would not work with any NAT gateway/router at all (provided by any ISP) and thus public statics would be necessary.

I'm sorry, but I'm with NathanDayspring, that answer is thoroughly unacceptable B S. Dictating what security I require, WITHOUT having any idea of my actual individual needs, is a load of crap. If I'm savvy enough to get into the gateway's settings and fiddle with them, and I decide to fiddle with the security settings, I probably have a reasonable idea of what I'm doing. Moreover, the fact that I can't just connect my MAINSTREAM devices to the gateway and expect them to work as intended is enough to throw me into a frothing rage. Allow me to capitalize this next part, both for emphasis and so at&t can understand I'm pist off enough to be yelling through the computer: I SHOULDN'T HAVE TO FIDDLE WITH A BLASTED THING IN THE FIREWALL SETTINGS JUST TO CONNECT MY XBOX TO THE INTERNET AND OPEN A CHAT CONNECTION WITH A FRIEND. Forget the fact that I have both an Xbox One AND an Xbox 360 now fighting for room on the network (and I do mean fighting, only the one with the Xbox port opened will consistently work, the one relegated to the DMZ loses its connection repeatedly and regularly), just dealing with ONE SINGLE XBOX, IN THE MANNER THE MANUFACTURER INTENDED, SHOULD NOT NECESSITATE THAT I MAKE ANY CHANGES TO THE FACTORY SETTINGS IN MY GATEWAY. at&t has screwed the pooch hard on this one, and they need to make it right, because I'm just about fed up with the lack of service and consideration. And the constant replacement of failed, cheap, garbage hardware. And the buggy DVR setup. Oh, and the fact that I have to spell it "pist" because it's apparently a "bad word." I didn't realize we were all kindergarteners here. Kind of adds insult to injury. I despise the Cast of Com, but they're rapidly looking more appealing by the minute at this point.

Your use of all capitals does not change the realities of Network Address Translation and how Microsoft engineered XBOX Live and/or instructed/allowed game developers to require unsolicited connections from the Internet into the console.

AT&T provides some limited router functionality it the Gateway they provide you.  If that router functionality is not to your liking, then you can purchase your own router with whatever functionality you may desire, and install it between the U-verse Gateway and your network; just configure your Gateway to treat your router in DMZplus/IP Passthrough mode.  If you wish to inflict UPnP upon your network security, that is certainly your choice and not one I would or have made.

If Microsoft had written the software to operate purely as a client to a game server, or to allow you to manually configure ports instead having UPnP do it, then this wouldn't be an issue.  Their choice, their issue.  How many times have you had to use UPnP so two Internet Browsers could share your connection?  Two Amazon Fire TV Sticks?  Two Amazon Echos?  Two Smart TVs?  That's what I thought.

---

@ProjectD wrote:

at&t provided hardware that isn't up to industry standard. 

---

Please cite the applicable industry standard that you speak of that applies to ISP-provided VDSL2 protocol gateways for residential use.  I'll wait.