Helpful Links

XBox Live problem - 2wire NAT is not open

Contributor

XBox Live problem - 2wire NAT is not open

I just got Uverse yesterday. I discovered that my NAT is moderate, which prevents me from joining my friends in games. I tried forwarding all the ports that microsoft reccomends... hasn't worked. Any input?

75,591 Views
Message 1 of 46

Accepted Solutions
Expert

Re: XBox Live problem - 2wire NAT is not open

OK, I don't have an XBox 360, so I can't test this, but I did a lot of research tonight on this issue because this has been an ongoing question/problem that has been posted several times on the forum.  Here are a few facts and my recommendation:

 

  • The reason that the XBox 360 is very particular about the NAT on the user's router is due to the way the XBox 360 connects to other users to play a game.  While the XBox Live servers are used to register and coordinate game play, the actual internet communication between XBox 360 consoles is peer-to-peer for several of the communication streams.
  • Even though a lot of XBox 360 communication is initiated from inside the firewall (i.e. the connection is outbound, and therefore the port opens automatically), this is sometimes not enough for proper game play, because multiple other XBox 360's have to send packets back to yours on that open port.  Many routers will not allow a packet from just anyone on the Internet to come back in on that open port.  Many routers will specifically only allow packets coming back in from the same source port as the initial outbound packet was directed to (if your router restricts inbound packets like this, then the NAT type is labeled "moderate").  Some routers go further and will only allow packets coming back in from the same source port AND the same source IP address as the initial outbound packet was directed to (if your router restricts inbound packets like this, then the NAT type is labeled "strict").  If your router is not restricting inbound packets by source port or IP address, then the NAT type is labeled "open".
  • The XBox 360 is smart enough to compensate for moderate and strict NAT types if the majority of the other people who have joined the game are open NAT types.  Where problems occur is when multiple people in the game have moderate or strict NAT, then the gameplay won't work properly.  Thus, the preferred setup is to have an open NAT type, because this makes it such that your XBox 360 can join and stay connected to any game on the Internet, regardless of other people's NAT types.
  • For routers that support Universal Plug and Play (UPnP), the XBox 360 can direct the router to open ports such that the NAT type will be open.  However, as has been mentioned before:
    • UPnP is a security nightmare, because there is no authentication, authorization, or logging for UPnP requests to the router.
    • The 2Wire routers that AT&T uses do not support UPnP anyway.
  • Microsoft has some documentation in several places for how to open ports on your router if your router does not support UPnP.  Unfortunately, these directions are incorrect, and open far more ports than are necessary for proper operation.

 

Here is the proper method to open ports on the 2Wire routers for the XBox 360.  This should give you an open NAT.

 

  1. Open a web browser, browse to the URL of your U-Verse® Residential Gateway (usually http://192.168.1.254).
  2. Click the Settings tab at the top.
  3. Click the Firewall label in the second row of tabs.
  4. Click the Applications, Pinholes, and DMZ label in the third row of tabs.
  5. Click on your XBox 360 under section (1).  You will probably have to identify it by its IP address.
  6. Click the Allow Individual Applications button under section (2).
  7. Click Add a New User-Defined Application.
  8. Type "XBox 360 Live" in the Application Profile Name field.
  9. Select TCP for the protocol.
  10. Type 3074 in the Port From and Port To fields.
  11. Leave the Protocol Timeout field blank.
  12. Leave the Map to Host Port field blank.
  13. Do not select anything in the Application Type pull-down.
  14. Click the Add to List button.
  15. Select UDP for the protocol.
  16. Type 3074 in the Port From and Port To fields.
  17. Leave the Protocol Timeout field blank.
  18. Leave the Map to Host Port field blank.
  19. Do not select anything in the Application Type pull-down.
  20. Click the Add to List button.
  21. Select UDP for the protocol.
  22. Type 88 in the Port From and Port To fields.
  23. Leave the Protocol Timeout field blank.
  24. Leave the Map to Host Port field blank.
  25. Do not select anything in the Application Type pull-down.
  26. Click the Add to List button.
  27. Click the Back button.
  28. Reselect your XBox 360 under section (1).  You will probably have to identify it by its IP address.
  29. Click the Allow Individual Applications button under section (2).
  30. Click "XBox 360 Live" in the Application list.
  31. Click the Add button.  XBox 360 Live will now be listed in the Hosted Applications list.
  32. Click the Save button at the bottom.

 

Now reboot your XBox 360, you should have an open NAT type.

 

This procedure opens only the necessary ports on your router (3074 TCP/UDP, and 88 UDP), and directs them to the XBox 360 only, not to the whole network.  Thus, the security implications are minimal.

 

Hopefully, this procedure should work for you.  Please post your results so that we know if this is solved or not.

 

Here are two of the references where this information is further discussed:

 

http://forums.xbox.com/xbox_forums/b/engineering_blog/archive/2011/06/21/nats_2d00_and_2d00_xbox_2d0...

 

http://compnetworking.about.com/b/2008/11/15/tcp-and-udp-port-numbers-for-xbox-live.htm

 

 

Tags (1)
Message 22 of 46
ACE - Expert

Re: XBox Live problem - 2wire NAT is not open


tinalms2001 wrote:
You might want to also explain this to the AT&T tech support folks. As they are telling me that it does not matter that I assign a port to be open on a specific IP address that it will be open for everything. Well not with their gateway. It would be great if I could do that then both xboxes would work. However I cannot assign the same open ports to 2 different IP addresses with their 2wire gateway. It does not support what they sell as in the u-verse xbox set to run your u-verse through the xbox and then actually use the xbox for online gaming. Xbox will work great with u-verse if you are a hermit one person household. Now in the real world where many homes have more than one person and more than one xbox or gaming computer or playstation whatever it may be. you cannot play online with 2 at the same time. One is fine but 2 not gonna happen. As the 2nd one will have a strict NAT that will not allow you to join game sessions. So until AT&T can figure this out and their tech support can actually be useful I would not recommend u-verse to anyone. Maybe they should go and take pointers from Comcast, Wow, and even time warner they all know how to make it work without an issue!!!!

You cannot port forward the same port from one public IP address through a NAT gateway to two different private addresses.  It cannot be done, regardless of the vendor of the router.  To accomplish what you want the RG has to have two different public addresses to route the same port to two devices inside the home.  Once you have that, there is no port forwarding configuration needed, just opening the ports in the RG FW.

 

*The views and opinions expressed on this forum are purely my own. Any product claim, statistic, quote, or other representation about a product or service should be verified with the manufacturer, provider, or party.
Tags (1)
Message 33 of 46
Expert

Re: XBox Live problem - 2wire NAT is not open


tinalms2001 wrote:
However I cannot assign the same open ports to 2 different IP addresses with their 2wire gateway.

 

You cannot assign the same open port to 2 different internal devices behind any router that does NAT. This is not a limitation of the 2Wire, it is a limitation of Network Address Translation.

 

No router, either provided for you from the ISP nor a 3rd-party one you purchase, whether it's a $19.99 Buffalo Tech super special or a $5000.00 Cisco 2951 can get past this limitation.

 

Now, there are two ways to make 2 XBoxes have an open NAT:

 

1. Two public IP addresses.  For each public IP address, you forward the proper ports to each XBox.

 

2. You can use a UPnP-capable router, and both XBoxes will properly open their own ports without any port forwarding.  (The 2nd XBox figures out that the 1st one is using the normal ports, and the 2nd XBox automatically configures itself to use a set of alternate ports).

 

The U-Verse 2Wire router (and many other routers provided by other ISPs) does not have the UPnP feature, so solution #2 will not work with the 2Wire.

 

However, if you want to purchase your own 3rd-party router that has UPnP, you can install it behind the 2Wire in the DMZ (http://forums.att.com/t5/Residential-Gateway/U-verse-for-BUSINESS-2Wire-3600HGV-bridge-mode-or-anoth...), and then both XBoxes will work.

 

 

 

Tags (1)
Message 34 of 46

All Replies
Anonymous
N/A

Re: XBox Live problem - 2wire NAT is not open

We never had any issues with the 2wire gateway and my son's Xbox 360 or PS3. First remove all the ports that Microsoft recommended to be forwarded, they are not needed.

And yes NAT will be moderate, because the 2-Wire does not use UPnP, which is a huge security risk, with holes that have not been fixed in years.

Just shut everything down, then reboot the gateway, let it sync. Then boot any computers, let them sync with the gateway. When you turn on the Xbox, do a network setup, and let it go through the setup and that should be it.

Keep in mind also with recent changes Microsoft made to their Xbox Live system, they have implemented certain restrictions, that you have to pay for a Gold membership to utilize.
Message 2 of 46
Scholar

Re: XBox Live problem - 2wire NAT is not open

Greg is right that the 2Wire does not support UPnP and that is why it doesn't work with xbox live right out of the box.

However, you can say a lot of things have security risks like many of the Adobe plugins Flash and Reader. Doesn't mean everyone is going to stop using them. Sometimes it is a necessary evil in some situations.

So unlike what Greg said do not remove all the ports that are forwarded. You will need to them get it so you have a NAT Open status with xbox live. I ran into this same issue with my Airport Extreme since it doesn't support UPnP but a variant NAT-PMP.

However do need to ensure that you have all the right ports forwarded.
This MS page lists all the ports that you need to forward for UDP and TCP.
http://support.xbox.com/en-US/xbox-live/connecting/network-ports-used-xbox-live

Also make sure that you have these forwarding to the correct IP for the xbox. You may want to setup your xbox with a static ip to ensure it doesn't happen to change later.

Give that a shot first and see how it works out for you.
Message 3 of 46
Anonymous
N/A

Re: XBox Live problem - 2wire NAT is not open

nephlpower, you do not need to open any ports on the 2-wire or NVG510 for the game systems to work. The firewall will open those ports as it sees need to. Otherwise they stay stealth closed, and even opened, they still remain in stealth mode.

Placing them open all of the time, leaves you for huge security breaches in your network.
Message 4 of 46
Scholar

Re: XBox Live problem - 2wire NAT is not open

No greg you are wrong. That is why the OP posted. SOME of the functionality of xbox may work but situations like he posted about not being able to join a game a friend is hosting is a problem you run into when your NAT status on Xbox Live is Moderate.

I have personally run into the same situation above and Microsoft also specifically warns that you will loose functionality if your NAT status is not Open. Just because your Son hasn't run into the problems with having a moderate NAT status and hasn't bugged you about it doesn't mean the problem doesn't exist.
Message 5 of 46
Anonymous
N/A

Re: XBox Live problem - 2wire NAT is not open

Sorry, but if you follow Microsoft's instructions, it will leave you open for open ports on your firewall. I have hooked up hundreds of systems, and never had a issue with leaving it as is, and they work.

All you have to do is disregard the whole NAT "Moderate" issue, and you will be fine. The games will work just fine with leaving them as is.
Message 6 of 46
Mentor

Re: XBox Live problem - 2wire NAT is not open


gregzoll_1 wrote:
Sorry, but if you follow Microsoft's instructions, it will leave you open for open ports on your firewall. I have hooked up hundreds of systems, and never had a issue with leaving it as is, and they work.

All you have to do is disregard the whole NAT "Moderate" issue, and you will be fine. The games will work just fine with leaving them as is.

If Microsoft believed opening ports for the Xbox were a security issue, they wouldn't tell you to do it. Here's a post from a guy on the Xbox forums that explains why you should open up just the ports Microsoft identifies (and forward to the Xbox only), and why it's not a security risk. He also explains why you may sometimes be able to play with others on Xbox Live even if your NAT is set to strict or moderate.

 

http://forums.xbox.com/xbox_forums/xbox_support/f/9/t/157383.aspx

Message 7 of 46
Anonymous
N/A

Re: XBox Live problem - 2wire NAT is not open

That info is dated, and is no longer valid, since the changes that have been made in the firmware for the xbox-360 platform, and the firmware for routers have been updated, due to changes that have happened since 2011.
Message 8 of 46
Scholar

Re: XBox Live problem - 2wire NAT is not open


gregzoll_1 wrote:
That info is dated, and is no longer valid, since the changes that have been made in the firmware for the xbox-360 platform, and the firmware for routers have been updated, due to changes that have happened since 2011.

Ponzi obviously we are all wrong because it if gregzoll doesn't agree with us then we must be wrong Smiley Happy 

 

Despite having evidence to show the contrary he just can't seem to understand the concept of Xbox Live various levels of NAT and how that could conceiveable make it so you can't use some functionality on some online games.

Message 9 of 46
Anonymous
N/A

Re: XBox Live problem - 2wire NAT is not open

I fully understand the concept of NAT more than you probably do. With the gaming systems, you do not need to open ports, unless, unless you are running something like Smoothwall third party router software, due to that is about the only one out there that you would have to open ports, and stealth them.

With the 2-wire gateways, you cannot stealth ports after opening, but when the rig is connected to the RG, it will actually open and close ports as needed, regardless that it does not have UPnP.

You have to understand, there are some of us out there that know a little more about this stuff, and when we state that you do not have to open ports for the Xbox-360 or PS3 on the RG, in order to use it. Only if you have made some really obscure changes to the firewall on the RG beforehand, or have some weird hookup between the xbox-360 & ps3 back to the RG, then you are going to have problems.

Believe it or not, the standard ports are already listed in the firewall, and only way that you would have to go back and add them back in, is if you or someone else deleted them out of the firewall, then yes you would have problems.
Message 10 of 46
Mentor

Re: XBox Live problem - 2wire NAT is not open


gregzoll_1 wrote:
That info is dated, and is no longer valid, since the changes that have been made in the firmware for the xbox-360 platform, and the firmware for routers have been updated, due to changes that have happened since 2011.

Greg, exactly what firmware changes did Microsoft make since 2011 that would have rendered this info outdated? I've checked all of the system software update descriptions for updates that Microsoft released in 2011 and afterwards, and I didn't see any that would pertain to the port-forwarding issue. In general, very few of the Xbox 360 system software updates include firmware updates, and if they do they may just apply to updating the firmware on the DVD drive. Here's a quote from Wikipedia on the subject: "While the system software updates may sometimes provide updates to the system's firmware, it is unlikely that this occurs with many, if any, updates."

 

As of today, Microsoft still includes the port forwarding recommendations mentioned in the post I linked above. If Microsoft released a firmware update that would have rendered this info obsolete, it's unlikely their Xbox support site would still make this recommendation.

 

Only a little off topic: I recently had a hardware problem with my Xbox that was solved on the phone with Microsoft technical support. The tech was U.S. based and spent almost an hour with me to narrow the issue down and identify the culprit. I was very impressed with the level of service. If the original poster is still monitoring this thread, he might try giving Microsoft support a call.

Message 11 of 46
Anonymous
N/A

Re: XBox Live problem - 2wire NAT is not open

They have updated a lot due to kinect, and because technology has changed over the past couple years.
Message 12 of 46
Highlighted
Mentor

Re: XBox Live problem - 2wire NAT is not open


gregzoll_1 wrote:
They have updated a lot due to kinect, and because technology has changed over the past couple years.

OK, that's a generally true statement. But you didn't answer the question I posed.

 

Exactly which Xbox updates released since 2011 would have rendered Microsoft's current recommendations about port-forwarding outdated? That's your claim. If you can't support the claim you made with any specificity, then you shouldn't discourage people from following Microsoft's own recommendations to solve NAT problems.

Message 13 of 46

Re: XBox Live problem - 2wire NAT is not open


Ponzi wrote:

gregzoll_1 wrote:
They have updated a lot due to kinect, and because technology has changed over the past couple years.

OK, that's a generally true statement. But you didn't answer the question I posed.

 

Exactly which Xbox updates released since 2011 would have rendered Microsoft's current recommendations about port-forwarding outdated? That's your claim. If you can't support the claim you made with any specificity, then you shouldn't discourage people from following Microsoft's own recommendations to solve NAT problems.


I don't have an XBox, but I would definately follow microsoft's recommendation since it's their product.

” Auto racing, bull fighting, and mountain climbing are the only real sports … all others are games.”- Ernest Hemingway
Message 14 of 46
Anonymous
N/A

Re: XBox Live problem - 2wire NAT is not open

I wouldn't, because first it is not Microsoft's recommendation, and two it is Microsoft. Nothing really more to say, than itheir products are no more secure than leaving food out on the table, when you are in an area that is known for bear attacks. Pretty much the same concept, called common sense.
Message 15 of 46
Share this topic
Announcements

Welcome to the internet boards! Check out our troubleshooting articles below and don’t forget to search the forums - your question may have been answered already!

Service acting up? Click here to troubleshoot now!

For DSL related issues. We highly recommend chatting with our teams to address this as quickly as possible.

Additional Support