Hey Im trying to not have Strict NAT type on my Xbox One. Plugged directly into my telus modem it is open so I know they aren’t blocking me. Router is a CCR-1016
However ive tried:
UPNP (opens one port in dst-nat)
DMZ (/ip firewall nat add chain=dstnat action=dst-nat in-interface=[WAN INTERFACE] protocol=tcp dst-port=0-65535 to-addresses=[XBOX IP])
and just plain port forwarding /ip firewall nat add chain=dstnat dst-port=(XBOX PORTS) action=dst-nat protocol=tcp to-address=(XBOX IP) to-port=(XBOX Ports)
There is a masquerade rule in Nat
aside from that there are no filter rules, the only other NAT/Mangle rules I have are specific to other IP addresses (not in use by the xbox)
Nothing seems to work and I am at my wits end any suggestions?
Since your Mikrotik is behind NAT you must either use DMZ on your ISPs router or port forward the ports needed to your Mikrotik which will then port forward to your Xbox…
ISP Doesn’t have a router with NAT. its just a modem that my router connects to. ISP has confirmed no NAT on their modem. I am an ISP trying to resolve this for a customer. I was having issues doing it the way i wanted so i figured i would go from the very beginning. i aquired an xbox from a friend plugged it into the CCR (all ports are bridged except the WAN) and attempted port forwarding.
ideally I would give them one of the /24’s global IP’s we have purchased, but i couldn’t figure out how to do that without natting them either… we have a /30 WAN ip and they told us just to route the clients from the 207.x.x.x/24 to the 209.x.x.x/30. but they are clearly still going through the masquerade doing this.
I am not a gamer, but IIRC, to get “open” on the console, it must be directly connected to the Internet.
One way of achieving this I suppose is to route a /29 to the customer, then at customer side, bridge 2 ports for the WAN. One port used for actual WAN and other for the console, then configure one of the /29 addresses on the console, that way it will have “open” NAT type.
A bit of a security risk, but that is customers choice. Else use normal port forwarding, my sons all use this and all games work