How do I turn on UPNP? (for pc)

AT&T Gateways do not support UPnP.   You can either do as Lafayette suggests and open the requisite ports in the Gateway to allow your XBOX to receive the external communications required, or you can decide that allowing a protocol in your network that can decide to open holes in your firewall is a good idea and purchase a 3rd party router that has the capability and install it between the Gateway and your XBOX.

Hi @lilsushammer, we are happy to help with your gaming concerns.

Let's try  the NAT from strict to open for the XBOX.

•   This link will show you how to verify what NAT type you have and a simple way to resolve this. 

Let us know if this helps.

Thank you for reaching out to AT&T's Community and Forums Team.

Lafayette, AT&T Community Specialist

How do I get my Xbox series X do you have an open NAT type I have a 

Actually using a third-party router that supports uPnP will do you no good since AT&T blocks UDP port 1900, which is the port assigned to uPnP, on its upstream devices. 

Not true.  Most UPnP communication occurs between the software inside the network and the NAT router.  So the console will ask the UPnP-supporting-NAT-router to set up a port forward using the UPnP protocol.  The console need not communicate anywhere else using UPnP once it has open the port forward.  If it needs to tell a remote server or peer what the open port is, it can, and will, use its own proprietary communication channels to do so.  

so if you set the "reflexive acl" setting on the advanced firewall page to "off" on your AT&T gateway, your XBOX's IPv6 address will be reachable from the broader Internet aside from the list of ports @https://about.att.com/sites/broadband/networkwhich AT&T blocks for all residential customers.  If you do turn off reflexive acl, you should set some firewall rules in the gateway for your XBOX and other IPv6 devices on your LAN for security purposes or at least run a software firewall on the device itself if it has one to block unwanted Internet traffic.

Yes, opening up your device to the Internet would probably work, too.  Since it's probably difficult to run a firewall on board a gaming console, you'd need to setup traffic filters in the Gateway to protect it.  To be really effective, you'd need to block all the ports other than the exact ones you need.  OR, you could just set up IPv4 Port Forwarding, which lets you forward only the ports you need instead of trying to use IPv6 and a allow-all-by-default mentality.

If it needs to tell a remote server or peer what the open port is, it can, and will, use its own proprietary communication channels to do so.

"Can" and" will" are two very different things.  Yes, technically, software can use another method to advertise/inform remote clients of the port(s) it is using, but that is not always the case especially since it requires a STUN or similar server to advertise its services to clients.  In cases where an application doesn't use its own method and have an infrastructure to advertise its port(s), SSDP could be used by remote clients to discover the services and port(s) from the router/gateway itself if AT&T didn't block UDP 1900.

"OR, you could just set up IPv4 Port Forwarding, which lets you forward only the ports you need"

That is not viable with applications where the ports used are dynamically assigned which is still common and would require setting (and sometimes guessing) at a range of ports which may be used to forward.  I run into that problem frequently in setting firewall rules in general on computers that don't have an application firewall solution installed and only rely on a static software firewall like ufw on Linux.  NAT advertising and traversal methods have certainly gotten better such as using STUN servers and the like, but a completely native solution which doesn't rely on outside servers or services is the most reliable and network compatible option.  That is what a native IPv6 solution like I suggested above provides, and it should be preferred if the devices and applications used support IPv6.

UPnP is a legacy technology and I don't usually prefer it, but it still beats the hell out of static port forwarding when dealing with applications that involve dynamically assigned ports or if you don't want to leave ports opened and forwarded on the router/gateway when not using them and don't want to have to manually reconfigure the router/gateway to close them.

P2P without any central server to manage communications from the clients is a mess with no simple solution.

P2P without any central server to manage communications from the clients is a mess with no simple solution.

I agree.   Even serverless P2P applications like those that are built on top of Tox and "trackerless" bittorrent that uses DHT still need a "jumpstart/bootstrap list" of nodes or peers to advertise to get propagated before they can start working effectively.  But, not having to deal with NAT when using those applications by employing IPv6 is a huge usability and network compatibility advantage especially when having multiple peers behind the same home router/gateway.