UPnP - Multiple Xbox One Gaming Consoles & NAT

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

e38BimmerFN

Very Senior Member
Ya the 4500 has 3 firewall settings. EndPoint Independent was the best setting and using GameFuel configured for global ports 1-65535 (BOTH) and remote IP address range of 0.0.0.1 thru 255.255.255.254.
Theres a FAQ over on the D-Link forums on how to configure QoS and GF.
http://forums.dlink.com/index.php?topic=10435.0
Ya, when it was BO2 and MW3, we saw OPEN NAT in game.

How do you have the asus and the xb1s configured now? Using any IP address reservations ON the router for the consoles and just using uPnP only? Any other items you have configured.

Any info regarding this will be helpful. I'm waiting on a AC5300 to arrive this week so I can help test this out with BiggShooter. Were currently playing BO3.

Yes when I used the dgl4500, I played black ops exclusively. Both in game and in the dashboard i had open nat. My son and i could play in the same lobby with no party chat issues. I had to do some configuration changes in the firewall settings for that router but the asus was pretty straight forward.
 

e38BimmerFN

Very Senior Member
Need to disable "Instant ON" and test again. This feature was known to cause bad NAT status behavior in the beginning and I haven't seen any information if it's been corrected or not. I'm wondering if this maybe BiggShooters problem. I'll be testing the Asus AC5300 out soon on my system
 

RMerlin

Asuswrt-Merlin dev
the only time i had nat issues is on the xb1 when i used the instant on feature.

From what I deduced, the XBox fails to refresh UPNP mapping when leaving that mode, so once they expired on the router, they remain missing until the console is rebooted.
 

e38BimmerFN

Very Senior Member
Have you seen any information if MS ever fixed that? Just wondering. It was a big deal when we first heard about it after the XB1 came out and saw many posts regarding it. Just wondering if anything has changed. I presume since it's MS, probably not.

From what I deduced, the XBox fails to refresh UPNP mapping when leaving that mode, so once they expired on the router, they remain missing until the console is rebooted.
 

XSXS

Regular Contributor
Yeah i helped furry on the dgl forums set up the game fuel configuration on the 4500 back in the day. He is a good guy!
Anyway. Here is my set up. Both xb1 wired directly to the asus rt-ac66r. Xbox one network settings. IP and dns settings set to automatic. Instant mode turned off. In the router, both xb1 set to a static ip.
Wait a second! There WAS a setting in the asus router that i changed to achieve open nat on both xbox 1! In the wan settings make sure the allowed port range for internal and external is set to 1:65535! Before i changed that I would have nat issues! Remember to do a full power cycle reboot on both xboxs and router. Also clear the alternate mac address on the xbox dashboard under network settings.
 
Last edited:

XSXS

Regular Contributor
Screenshot_2016-10-25-07-24-22.png
 

e38BimmerFN

Very Senior Member
Awesome info. Any an all is helpful and appreciated. I'm starting to wonder if the "instant on" is BiggShooters main problem. :rolleyes:
 

RMerlin

Asuswrt-Merlin dev
Have you seen any information if MS ever fixed that?

No idea. A lot might have changed since they migrated it to Windows 10 I suppose, so it's possible. I only have a PS3 myself, and it's been gathering dust for over a year now (I mostly used it for movie rentals on PSN, and one single one-player game).
 

RMerlin

Asuswrt-Merlin dev
Yeah i helped furry on the dgl forums set up the game fuel configuration on the 4500 back in the day. He is a good guy!
Anyway. Here is my set up. Both xb1 wired directly to the asus rt-ac66r. Xbox one network settings. IP and dns settings set to automatic. Instant mode turned off. In the router, both xb1 set to a static ip.
Wait a second! There WAS a setting in the asus router that i changed to achieve open nat on both xbox 1! In the wan settings make sure the allowed port range for internal and external is set to 1:65535! Before i changed that I would have nat issues! Remember to do a full power cycle reboot on both xboxs and router. Also clear the alternate mac address on the xbox dashboard under network settings.

Is Microsoft using (or testing) any port forward with a privileged port (meaning a port below 1024)? If so, that could explain some of the issues. Ports 1-1023 on *IX systems (such as the router) are considered privileged, and should normally only be used by system services (such as a web server), not by end users.

If really Microsoft is using these ports for a gaming console, then the default might need to be updated.
 

e38BimmerFN

Very Senior Member
Roger that.

Windows 10 introduced it's own issues with networking devices. :mad:

No idea. A lot might have changed since they migrated it to Windows 10 I suppose, so it's possible. I only have a PS3 myself, and it's been gathering dust for over a year now (I mostly used it for movie rentals on PSN, and one single one-player game).
 

XSXS

Regular Contributor
Is Microsoft using (or testing) any port forward with a privileged port (meaning a port below 1024)? If so, that could explain some of the issues. Ports 1-1023 on *IX systems (such as the router) are considered privileged, and should normally only be used by system services (such as a web server), not by end users.

If really Microsoft is using these ports for a gaming console, then the default might need to be updated.
Ports required to use Xbox Live
These ports must be open for Xbox Live to work:

  • Port 88 (UDP)
  • Port 3074 (UDP and TCP)
  • Port 53 (UDP and TCP)
  • Port 80 (TCP)
  • Port 500 (UDP)
  • Port 3544 (UDP)
  • Port 4500 (UDP)
NoteSome game developers require you to open additional ports. You should always check the game developer's website to see if the game you're playing needs additional ports to work. We've gathered some ports you might need and have added them to the Additional Network Ports for Multiplayer Gaming forum.
 

RMerlin

Asuswrt-Merlin dev
Ports required to use Xbox Live
These ports must be open for Xbox Live to work:

  • Port 88 (UDP)
  • Port 3074 (UDP and TCP)
  • Port 53 (UDP and TCP)
  • Port 80 (TCP)
  • Port 500 (UDP)
  • Port 3544 (UDP)
  • Port 4500 (UDP)
NoteSome game developers require you to open additional ports. You should always check the game developer's website to see if the game you're playing needs additional ports to work. We've gathered some ports you might need and have added them to the Additional Network Ports for Multiplayer Gaming forum.

That's one of my pet peeves right there: those guys don't specify if those ports must be inbound (meaning forwarded) or outbound (meaning just DNAT/masquerading - no special configuration involved). 80 and 53 are obviously outbound. No clue about the other ports.

A lot of console users can't distinguish "open" from "forwarded", so they start forwarding ports 80 and 53 - which makes zero sense.
 

e38BimmerFN

Very Senior Member
I agree, From my experience using the DIR-655 and DGL-4500, back in the day I only used port 3074 in QoS and there UI users can specify the protocol, UDP, TCP Any or Both. I never configured any other ports. Then along came two game consoles on line at the same time. I found that using 1-65535 in place of 3074 resolved the multi game console and OPEN NAT issue if uPnP was enabled and seem to do what it needed. No port forwarding configurations what so ever. I see that Asus has uPnP port ranging features which seems to be nice to specify how it works.

Now with XB1 and these additional ports of 500, 3544 and 4500, here's what IANA is listing there uses for: https://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.txt
https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
500 TCP UDP Internet Security Association and Key Management Protocol (ISAKMP) / Internet Key Exchange (IKE)
I presume security and authentication handling here. Would or should not need any router configurations. I presume maybe some XBL store authentication maybe here for making purchases and such with live transactions using the console come to mind?

3074 TCP UDP Xbox LIVE and Games for Windows – Live
This is the main gaming port for XBL services and does need some forum of router configuration when using two or more game consoles. I believe that if there's only one game console connected, uPnP would be the only thing needed for OPEN NAT if ISP and host router meet a single nat condition configuration.

Ya, we don't know how MS implements this port as RMerlin stated. Anyone care to try to find out?

3544 UDP Teredo tunneling
I presume is is for IPv6? Which would not need any configuration on the router depending if ISP and Mfr fully supports native IPv6.

4500 UDP IPSec NAT Traversal
More network security here. I presume this would not need any router configuration if main host router was the only NAT.

Ports 53, 80 and 88 are Authentication and the main internet connections and most devices including xbox consoles don't need any router configurations for these ports as well. I've never had to configure them and uPnP seems to handle this IMO.

My 2 cents
 
Last edited:

BiggShooter

Regular Contributor
Yeah i helped furry on the dgl forums set up the game fuel configuration on the 4500 back in the day. He is a good guy!
Anyway. Here is my set up. Both xb1 wired directly to the asus rt-ac66r. Xbox one network settings. IP and dns settings set to automatic. Instant mode turned off. In the router, both xb1 set to a static ip.
Wait a second! There WAS a setting in the asus router that i changed to achieve open nat on both xbox 1! In the wan settings make sure the allowed port range for internal and external is set to 1:65535! Before i changed that I would have nat issues! Remember to do a full power cycle reboot on both xboxs and router. Also clear the alternate mac address on the xbox dashboard under network settings.

The setting for PORT RANGE for INTERNAL and EXTERNAL was not available in the "official" ASUS RT-AC5300 firmware (OEM). After I updated my firmware to Asuswrt-Merlin 380.62, it was then that I was able to see PORT RANGE for INTERNAL and EXTERNAL under the WAN - INTERNET CONNECTION tab settings.

I do have a quick question regarding the "reboot" process / order. Does it matter what gets "power cycled" first? Router / Xbox One S / Xbox One Elite? I just want to be sure if there is a specific device (router / xbox one) that should be "power cycled" / "rebooted" first that I do that.

Thanks for the clarification. I'll report back with my experience / findings regarding OPEN NAT on both Xbox One gaming consoles.
 

XSXS

Regular Contributor
When I was ocd about ports and xbl this what I found a while back.
"there are three NAT options within the Xbox One configuration. Each of these are specific to your particular router and network setup.

Open – Your network is behind a cone NAT.
Moderate – Your network is behind a port-restricted NAT.
Strict – Your network is behind a port-preserving port-symmetric NAT."

That's the best explanation i can find on nat type.

For port usage, b4 Xbox one . I would think this still applies. Since in my port forward usage in the asus gui only has port 3074 and the random port forwarded.

The only ports you are supposed to forward for XBL are 3074 TCP/UDP and port 88 UDP. The other ports should be opened but not forwarded.


This is the info I found on the ports awhile back.
Port 88 (UDP) Kerberos
Port 3074 (UDP and TCP) xBox <- most important!
Port 53 (UDP and TCP) DNS
Port 80 (TCP) HTTP
 

e38BimmerFN

Very Senior Member
Yes the nat status is what applies here and has been discussed up the thread. RMerlin is more curious about the actual way port 3074 and other port number behaviors are actually being handled by the router and uPnP.

Ya those ports I've never forwarded however have been opened and are open to use if the ISP modem and main host router in in a single NAT condition and uPnP is enabled. I presume if you disabled uPnP, Port Fowarding configuration on the host router would be needed. Back in the day, I only used 3047 and uPnP.

I suppose one can test this on XB1 using one game console to see if only 3074 is needed and check behavior.
 

My_dogs_White

Regular Contributor
I was able to find the sure fire solution for getting two open nats on two Xbox one’s in the same house.

I tried it all! I couldn’t even guess how many hours I spent trying to achieve two open nats. I would get both open and a few days later one or both would be moderate or strict.

The 100% sure fire solution is (and it may not be popular) two static IP’s and two routers! My set up is:

ISP modem ---> Switch---> RT AC 3100(static IP) Switch---> Asus RT AC 68U(static IP)

I've had open nats on both consoles since the day I did this. It’s not the easiest (need to set up Static IP's with your ISP) or cheapest solution but as far as I’m concerned it’s the only true solution. Two Xbox’s on one network just don’t play well together..

Hope this helps.
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top