Xbox Live and "STRICT NAT"

V

Vaan

Newcomer
Hi everybody.

I know the strict nat problem is a worldwide common issue when connecting with xbox live, and I'm getting quite desperate, so here i come...


My local network composes of two computers (One of them is a P3 machine with WinXP/Linux and the other one is an iMac G5), a Thompson Speedtouch 510i DSL router with the last firmware, an 8 port switch and the xbox 360.

The P3 connects to the router, the switch connects also to the router, and the iMac and the Xbox 360 connect to the switch.

Everything works fine, but the ***king xbox live ¬¬


I always get the "STRICT NAT" status on my connection. There's nothing else I can do, apparently.

My router supports uPnP, and it is enabled. I also have routed the 53, 88 and 3074 ports in both UDP and TCP protocols to the statically asigned IP of the Xbox 360 (192.168.1.102)

I got "STRICT NAT" before, meanwhile and after opening those ports. Nothing changed.

I also disabled the router firewall. Nothing changed.




Everything I try to connect to some online race in PGR3, the "Could not connect to all users" (Or something like that) pops up. Its absolutely exasperating.

The only solution microsoft gaves me is to buy one of the several routers labeled as "Xbox live compatible". The problem is that as an "Strict NAT" user I can only connect to "Open NAT" users.

"Open NAT" users can connect with everybody. "Moderate NAT" ones can connect to both moderate and open, but strict ones can only connect to open ones.


Is there any kind of solution, like modifying some NAT rules on the router (I'd need also the way to do it on my own...) or opening some port I've missed????
 
I don't have a Xbox360 but does your router have a DMZ function? If you put your 360 as DMZ'ed all the ports would be open (its as if your 360 is outside your router).
 
BlueTsunami said:
I don't have a Xbox360 but does your router have a DMZ function? If you put your 360 as DMZ'ed all the ports would be open (its as if your 360 is outside your router).
Click to expand...
If he does then that would put his PC wide open. Use caution.
 
No, he said to put the xbox in the DMZ, not the pc. It should fix the problem I think most routers assign a/the public IP to the unit in the DMZ. Of course, if the xbox has security issues then you're quite right.

EDIT: Had a look at the manual and I saw no reference to a DMZ function in it. You ought to check the menu just incase the manual doesn't cover all the functions.
 
Last edited by a moderator:
maaoouud said:
No, he said to put the xbox in the DMZ, not the pc. It should fix the problem I think most routers assign a/the public IP to the unit in the DMZ. Of course, if the xbox has security issues then you're quite right.
Click to expand...

Your quite right. Sorry about that. Damn wheres my head..Need lunch lol. Yeah all he has to do is look at the # the router assigned to his Xbox and put the last three digits in DMZ.
 
Having seen several pieces of code that attempt to connect two machines behind a firewall peer to peer, I am stunned it ever works without a central server. It's a surprisingly difficult problem.
 
About DMZ...

On the LAST firmware I had, I could put an ip as the default for all the port forwardings, but on this firmware I can't find the option.

Shit...
 
Vaan said:
About DMZ...

On the LAST firmware I had, I could put an ip as the default for all the port forwardings, but on this firmware I can't find the option.

Shit...
Click to expand...


can you not roll back?


either way i'm sure the option is still there... it's very rare not to have such an option
 
I know it MUST BE there!!

Via telnet I haven't been able to find it, and via http...




router said:
Assign the public IP address of a connection to a LAN device
This page allows you to assign the public IP address of your Internet Connection(s) to a specific device on your local network...

You might want to do this if:

You encounter issues with some applications through the Network Address Translation engine of your SpeedTouch.
This device is running server applications (web server, ...) and you want it to be accessible from the internet.
This device has to be considered as the unique entry to your local network (DMZ).


Internet Service Device

Internet Not assigned and no compatible device found
Click to expand...


I tried everything, but it does not recognise my xbox as a "compatible device". WTF, just let me set it as the default server moth...
 
On the old version of the firmware, it was as easy as tipping on a telnet terminal:

nat defserver="IP OF THE XBOX 360"


But on this revision of the firmware it is no longer working. DAMN.
 
Maybe if you let people know what router it is you have, someone could help you.

And why do you use some cruddy old model that uses telnet to change settings? That's like, stoneage tech. :p
 
Guden, on my first post...

"a Thompson Speedtouch 510i DSL router with the last firmware"


It has html interface, but I don't find the option to put an ip on the DMZ, nor to set it as the default server like in the older firmwares.
 
Do you have a command that lists all commands available to you. Usually routers with telnet ability have this function. But, this is also speaking from someone who has only used cisco routers for this function. I doubt they would get rid of a DMZ command in the router, unless they thought it was too high of a security risk. I am guessing they probably renamed the command to something they thought would be more intuitive, or ;) check your spelling.

Guden, there are plenty of routers out there that have telnet capabilities, and *gasp* their actually new models. I prefer telnet, but I don't have a router with such capabilities at home. The cisco wireless routers are way too much so I opted for a netgear with a "user friendly" interface :rolleyes:
 
I'd like to point out that in many cases your home network is NAT'd and your ISP's network is NAT'd as well. For example, my wireless shot (MMDS licensed spectrum, not 2.4 or 5.8) to my ISP runs on an internal private network. Fortunately, they have statically assigned my modem a NAT address that is always the same and maps to their external pool correctly. Some ISPs aren't so good about this, but they seem to be getting better as time goes on.
 
If you can telnet into you DSL router and port forward the required Live ports to you X360, then this might/should address your issue.
 
Vaan said:
Guden, on my first post...

"a Thompson Speedtouch 510i DSL router with the last firmware"


It has html interface, but I don't find the option to put an ip on the DMZ, nor to set it as the default server like in the older firmwares.
Click to expand...

Putting a device (Xbox or PC) in a DMZ does not automatically address the problem. You have apply rules directing the require ports/traffic to the DMZ.

DMZ is for exposing services (POP, Web, etc) to the Internet and given this is not the case I advise not to bother. If you can NAT/PAT/NAPT your xDSL router to get Live working, then it doesn't require to have a DMZ configuration.
 
DMZ generally means that any traffic headed for the ip is actually sent to that ip (actually MAC adress I think).
This would be the easiest solution to his problem since it would be roughly equivalent to connecting the xbox directly to the net (there can of course be NAT issues).

As in this case if his router has trouble sensing that the device is present (or something like that) a DMZ status on that adress would mean that the router still sends the traffic there even if it thinks that there is no such device. As Vaan stated in his original post he seems to have forwarded the ports correctly but it is still not working (router bug? not updating rules?), hence the DMZ recommendation.
 
maaoouud said:
DMZ generally means that any traffic headed for the ip is actually sent to that ip (actually MAC adress I think).
This would be the easiest solution to his problem since it would be roughly equivalent to connecting the xbox directly to the net (there can of course be NAT issues).

As in this case if his router has trouble sensing that the device is present (or something like that) a DMZ status on that adress would mean that the router still sends the traffic there even if it thinks that there is no such device. As Vaan stated in his original post he seems to have forwarded the ports correctly but it is still not working (router bug? not updating rules?), hence the DMZ recommendation.
Click to expand...

The traditional (enterprise) DMZ setup, the servers in the DMZ will have public IP address, thus traffic destined to those DMZ IP address should (if configured correct) will hit those servers.

From my experience with 4 or 5 xDSL router/modems, their DMZ setup usually NATs the only public IP address assigned to you by your ISP to another set of private IP subnet. e.g. internal subnet 192.168.0.0 with DMZ 192.168.1.0.

You usually only get 1 IP address (unless you request/purchase more from you ISP) and the only way to separate internal and DMZ traffic is by utilising Port Address Translation, PAT and/or Port Forwarding.

Best way to test connectivity for Live is to use the xDSL router in bridge mode and only have the Xbox attached to it. This way the Xbox will be assigned the public IP address by the ISP.
 
You must log in or register to reply here.

Similar threads

E
Xbox June Showcase 2024 (June 9th 10am PT / 1pm ET / 6pm BST)
10 11 12
Replies
220
Views
15K
Liandry
L
B
Xbox leadership and the Xbox brand evaluation *spawn
10 11 12
Replies
223
Views
20K
cheapchips
C
D
AI Desktop Tools - Training and Inferencing
2
Replies
37
Views
6K
Deleted member 2197
D
J
The Life Cycle of a Gamer - is gaming changing forever, or eternal?
2
Replies
21
Views
2K
Tkumpathenurple
T
L
Xbox 360 and PS3 top graphics
4 5 6
Replies
100
Views
14K
XboxKING
X
Back
Top