Hello. I already port forward Xbox LIVE ports 3074 and 3544 on OpenWRT but in Windows Settings > Gaming > Xbox Networking, it always report as Moderate NAT. What am i doing wrong?
You may need to open other ports too
Open the following ports, making sure to utilize the correct protocol:
- UDP: 88, 500, 3544, 4500
- TCP & UDP: 3074
In my (sons) case it was sufficient to add this port forwarding rule:
config redirect option target 'DNAT' option src 'wan' option dest 'lan' option dest_ip '192.168.1.126' option name 'XBox360' option proto 'tcp udp' option dest_port '3074' option src_dport '3074'
Older Xbox's use a fixed port (3074). On newer ones you can pick a specific port.
I don't have an Xbox. I'm specifically talking about the Xbox LIVE functionality built into Windows 10. Games that uses Xbox LIVE like Halo: MCC will be utilizing this.
Yeah, I already tried all the ports that peternikolow posted above. Windows still says that the NAT type is Moderate.
EDIT: Here's the config for my firewall rules for Xbox LIVE
config redirect option name 'Xbox LIVE' option src_dport '3074' option target 'DNAT' option dest_port '3074' option dest 'lan' option src 'wan' list proto 'tcp' list proto 'udp' option dest_ip '192.168.1.102'
Maybe you suffer from double-NAT. Did you check your ISP if they NAT you?
I don't think so. My connection isn't under CGNAT by any means. The WAN IP being reported on OpenWRT is the same when I check on ipmonkey. What is strange is that I can see some of the ports that I have opened like qbittorent but Xbox Live still reports as Moderate NAT. I'm having trouble hosting custom games because of this.
Both reports the public IP, so how can you be sure?.. The only way for you to see your ISP side local IP when they indeed CGNAT (like 10.x.x.x or 172.x.x.x private ranges) if they have a web portal that they let you see your private IP on their end.
Try pinging your public IP, if it pings normal, you are fine. If you see "Destination host unreachable" etc. very likely you are behind ISP's NAT.
Try this site to ping remotely: https://www.ipaddressguide.com/ping
Our ISP typically starts with 100.x.x.x if under CGNAT. Checking on the WAN interface on OpenWRT, it shows the public IP which matches exactly what I see on IP Monkey.
I tried that site and it is able to ping my network just fine
You can tell them to DMZ you. However, make sure you have good firewall.
I'll try configuring my router to DMZ my PC to test this. Thanks
Just a thought; what happens if you temporarily enable upnp? Do you get an open-nat then?
Are you aware of this thread:
This is curious, because I am running Openwrt on an Edgerouter ER-X (same verison as OP). I had moderate NAT until I installed Luci-App-Upnp from the software panel and let it install its dependencies.
Both Upnp works for my xbox1 and all my versions of windows 10.
Enabling the IGDv1 mode allows them to work.