[Firewall] TCP / UPD port forwarding to multiple xBox's behind the firewall

Gustin Johnson gustin at meganerd.ca
Sun Jul 21 13:55:58 CEST 2013


You cannot port forward the same ports to more than one IP on the LAN side.

What you probably want to do is look into UPnP which is what the other
Xboxes support when they need ports forwarded.  UPnP auto negotiates the
port forwarding so you do not need to add the other xboxes anyway.

In addition to what you already have, you will need to install and
configure a UPnP daemon on the router.

Hth,


On Sun, Jul 21, 2013 at 1:00 AM, <cmr at uniserve.com> wrote:

> A couple of weeks back I asked about a nat issue and port forwarding to an
> xbox.
>
> I found my answer in the firewall.conf file, something several of you
> pointed out. Other than the fact my ISP blocks inbound port 80, that
> solution worked flawlessly.
>
> it was these to lines and the UPnP IGD plugin that solved my problem:
> NAT_FORWARD_TCP="53,80,2869,**3074,5000>192.168.1.15"
> NAT_FORWARD_UDP="53,88,1900,**3074>192.168.1.15"
>
> ... now for today's problem ...
>
> I'm fortunate enough to have a wired house with several large tv's located
> in several areas of the house. One of my kids wants to host an xbox live
> tourney on the lan. Specifically, his friends bring over their own
> equipment, my dhcp server assigns addresses as needed and nat needs to be
> open for each xbox.
>
> The server will assign static dhcp addresses in the range of 192.168.1.85
> to 192.168.1.95 based on each machines mac address.
>
> would I use the NAT_STATIC_IP="" because if I use multiple lines similar
> to the following it does not work for any unit other than the first one.
>
> NAT_FORWARD_TCP="53,80,2869,**3074,5000>192.168.1.15"
> NAT_FORWARD_TCP="53,80,2869,**3074,5000>192.168.1.85"
> NAT_FORWARD_TCP="53,80,2869,**3074,5000>192.168.1.86"
> ...
>
> NAT_FORWARD_UDP="53,88,1900,**3074>192.168.1.15"
> NAT_FORWARD_UDP="53,88,1900,**3074>192.168.1.85"
> NAT_FORWARD_UDP="53,88,1900,**3074>192.168.1.86"
> ...
>
> I currently use two plugins, the UPnP IGD and the mac address plugins.
>
> Something tells me this has an easy solution, I'm just unsure of where to
> look or start looking!
>
> Chris
>
>
>
> ______________________________**_________________
> Firewall mailing list
> Firewall at rocky.eld.leidenuniv.**nl <Firewall at rocky.eld.leidenuniv.nl>
> http://rocky.eld.leidenuniv.**nl/mailman/listinfo/firewall<http://rocky.eld.leidenuniv.nl/mailman/listinfo/firewall>
> Arno's (Linux IPTABLES Firewall) Homepage:
> http://rocky.eld.leidenuniv.nl
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://rocky.eld.leidenuniv.nl/pipermail/firewall/attachments/20130721/1906945a/attachment.html>


More information about the Firewall mailing list