How to get OPEN NAT with Xbox or Xbox One and PFSENSE firewall

Here is my quick & easy guide to getting OPEN NAT inside your network for multiple XBOX’s and inside a PFSENSE FIREWALLED network.

  1. all Xboxes must be configured with a STATIC IP.
    1. under the Xbox Settings, Network, Advanced settings, I use MANUAL IP address setting.
      1. put a static IP inside the range of your network.
      2. as an example:
        1. IP: 192.168.100.20
        2. Subnet: 255.255.255.0
        3. Gateway: 192.168.100.1
        4. DNS: Point it at your PFSENSE box.  192.168.100.1
        5. Secondary DNS: Use Google:  8.8.8.8
      3. Alternate PORT:  not needed // leave at default
      4. clear any alternate MAC addresses.
    2. Save these settings and SHUT DOWN your XBOX.
    3. Pull the plug
  2. Go log into your PFSENSE firewall
  3. I am using a beta version of PFSENSE 2.5.0.a.20200401.1515
  4. You should try to be using as current a version as possible to avoid any issues with outdated PFSENSE code.
  5. Inside PFSENSE, go to Services/ UPnP & NAT-PMP
    1. Setup your settings like this (click image for larger version):
      Notes:

      1. under ACL ENTRIES, each XBOX’s STATIC IP address must be on it’s own line here.  If you have multiple XBOX’s, create one line entry for each XBOX and edit the IP ADDRESS
      2. HIT SAVE to save your settings here.
  6. Go to Firewall / NAT / Outbound
    1. Make sure that the MODE is set to Hybrid Outbound NAT rule generation.
    2. Add a mapping (see below, click for larger image)
    3. NOTES:
      1. under SOURCE, you must put the IP address for your XBOX here.
      2. Repeat and add mappings for EACH XBOX (and IP ADDRESS) inside your LAN
      3. SAVE CHANGES
  7. Plug the power back into your Xbox
  8. Power it on
  9. Once it is booted, go to NETWORK / SETTINGS.
  10. RE-RUN NAT TYPE test
  11. RE-RUN MULTIPLAYER test
  12. you should now have “OPEN” NAT

 

Leave a Reply

Your email address will not be published. Required fields are marked *