xBox - Port Forwarding

Networking & Firewalls
1

Hi,
I’ve never owned an Xbox and just helping my Nephew get his Xbox setup, Microsoft website setup highlights port forwarding requirements. So how are people handling this, port forwarding to the Xbox or putting it on a seperate VLAN and turning on UPNP. Either way I’m not a fan of, but needs must.

My steer is for a port forward over uPNP.

I installed a Unifi Ultra there at the beginning of the year and that’s been all good.

2

I run pfsense and used the UPnP service. I was able to specify an ACL to the interface and IP addresses I wanted.

UniFi is a different story. I’m not sure if the UPnP service has that kind of functionality. But if you read up on getting an open NAT to your Xbox, you are exposing your Xbox to the internet. In terms of security that didn’t sit well with me. If you are getting a status of moderate then you shouldn’t have any issues playing games or anything else. I haven’t had issues since I turned it off.

3

Ok makes sense, I use pfsense myself. When I looked at uPNP my original thoughts were seperate vlan on a /30 as it’ll be the only device on that LAN.

We did see NAT moderate under the network info before, so based on what you’re saying is if NAT moderate, we shouldn’t have to port forward and it should be fine.

Lots of security alerts on the UniFi as expected at moment due the port forward. Inclined to do uPNP instead as you mentioned on a dedicated vlan.

Sorry, never owned an Xbox or any console so my knowledge on them is poor. When I used to do a bit of gaming it’d be on the PC. Considering building another soon to have the option again. Otherwise it’s walks with the Mrs and RC etc. must get mountain bike out again, but UK weather has been awful. We don’t have kids sadly :frowning:

Port requirements

https://support.xbox.com/en-US/help/hardware-network/connect-network/network-ports-used-xbox-live

4

If I had to do it over again I would use the port forward method instead of UPnP. I used UPnP back when I was learning pfsense, but I believe it is more of a vulnerability now than when I used it. But again, I don’t want my Xbox exposed to the internet and to be more secure I left it behind a NAT.

I hope one day you are blessed with kids one way or another. :slightly_smiling_face:

5

Many thanks, that time has passed, focus is my wife. She’s battled various health sadly, so we just enjoy seeing the neices and nephews from time to time.

I’ll leave it on port forward for the moment and monitor. Will get some feedback from the nephew later in the week re gaming. He’s not tech fortunately/unfortunately :slight_smile:

Lots of alerts from Unifi due to the open ports though.