Xbox One - Not Connecting for Multi-player games
JPDUBL07
Newbie

All of a sudden (or maybe after a recent firmware upgrade) my Xbox One will not maintain a connection to allow for multi-player or first person shooter games. Have tried multiple games (Overwatch, Modern Warfare, Rainbox Six-Siege) and none of them will allow for this. All was fine until about a week to 10 days ago when Verizon pushed out some updates for what I thought was the TV platform which changed the guide, and other on screen experiences, and now wondering if they also pushed something for the router as well like a firmware upgrade. I also have a PS4, which continues to work flawlessly and is lightning fast with no lag, no trouble connecting, etc. along with multiple other devices connecting both via ethernet and wireless and they all appear to be working just fine. I get error in Xbox Settings stating that NAT type is Moderate (when it's always been Open) and that uPnP is working. I've logged into myfiosgateway and ensured that in fact uPnP is toggled on. I have a G1100 Quantum Gateway. Things I've tried are below: - Hard Boot XBox Console - No Change - Tried Ethernet with Xbox as well as Wireless. Xbox detects the wireless connections and connects to the wi-fi, but still unable to play multiplayer games Toggled uPnP on/off, rebooted router, rebooted console attempted again, no change Factory Reset the Router, hard boot console, re-connected, no change. So I wondered if it was actually an Xbox issue, so I used my Verizon Cell Hot Spot as an alternate Wi-Fi network, Xbox connects to that just fine, and multi-player games work just fine, no issues. Which tells me that it's something with my Verizon G1100. I have read all sorts of blogs, posts about Port Forwarding, MAC filtering, etc., but that doesn't explain why this just happened all of a sudden. I find it hard to believe that evvvvvvveryone who got a firmware push/upgrade that's using a G1100 and has an Xbox is having these same issues. Is it possible that I need a replacement router? Is there some other setting I should have enabled? I would assume that since other devices are OK the router is still OK? At this point, I just want Xbox to work like it was 10 days ago when it mysteriously began to NOT work which happened to be when FiOS put out an updated all services rebooted and I saw a change to the TV Guide and other TV interfaces. Help!

0 Likes
16 Replies
Cang_Household
Community Leader
Community Leader

The new firmware for G1100 is 02.03.00.04, reported to be loaded on G1100 automatically around September 18, 2020.

It seems like G1100 tightens security measures to disallow certain Xbox inbound traffic. To resolve this problem, while not compromising the security of your home network, you need to contact Microsoft X-Box support to ask which outbound ports are used by X-box for triggering inbound ports (I doubt normal technical support would know for certain). Then you need to configure port triggering (not port forwarding) entries on the router.

The other unsafe solution is to place the X-Box's IP in the DeMilitarized Zone (DMZ). This setup essentially let X-box bypass all firewall restrictions and be completely exposed to the public internet (as well as hackers.)

UPnP just sounds unsafe to me. I disabled UPnP on my Cisco router.

JPDUBL07
Newbie

According to Xbox Support the following must be Open for Xbox Live to work.  Is this what you're referring to?

UDP: 88, 3074, 53, 500, 3544, and 4500

TCP: 3074, 53, 80

So these are what needs to be open, but having this info isn't sufficient to make a configuration change on the router?  I still need to know what outbound ports are use by Xbox to triggering inbound?

Also, I am able to get to the Port Triggering portion of my router, but once there, not entirely sure what to click on, and the user guide, although extensive, isn't entirely helpful. 

I see that I can click on ADD, then I can give it a Service Name (assume I can just say XboxOne).  Then I have 2 sections.  One is Outgoing Trigger Ports, which gives me a "New Trigger Ports" button, the other is Incoming Trigger Ports to Open, which gives me a "New Opened Ports" button.  If I chose New Trigger Ports, I can then select the protocol (UDP or TCP), then I am asked to enter a Source Port and Destination Port both of which give me the option of Any, Single, or Range.

But again, not sure what I should be clicking on, or if I am even in the right area...any additional assistance you can provide would be great (and make my kids super happy).

0 Likes
Cang_Household
Community Leader
Community Leader

In order for Port Triggering and Port Forwarding to work, you need both inbound and outbound source and destination ports, a total of four ports per configuration entry.

For example, for the UDP 88 port,

Outgoing Triggering Ports: UDP, Source port 88 -> Destination port 88

Incoming Ports to Open: UDP, Any -> Same as Initiating port

Then repeat this for every port. For the TCP 80 port, that is reserved for your router's remote GUI access, I don't think you can setup port triggering for this one.


@JPDUBL07 wrote:

...make my kids super happy


Oh, I see. They should learn some networking to help their parents in the future 🙂

JPDUBL07
Newbie

Protocol Outgoing Trigger Ports Incoming Ports to Open Action

XBoxOne
UDP 88 -> 88
UDP 500 -> 500
UDP 3544 -> 3544
UDP 4500 -> 4500
UDP 53 -> 53
UDP 3074 -> 3074
TCP 3074 -> 3074
TCP 53 -> 53
UDP Any -> 88
UDP Any -> 500
UDP Any -> 3544
UDP Any -> 4500
UDP Any -> 53
UDP Any -> 3074
TCP Any -> 3074
TCP Any -> 53
Edit/Remove

So hopefully this is what you're stating for me to do.  Assuming it is, does this require a router re-start in order for it to take effect or simply apply the changes in the router interface and then try the Xbox again?

0 Likes
Cang_Household
Community Leader
Community Leader

I am not sure if this will work. It is very hard to tell because I don't have the exact equipment on my hands.

You don't need to reboot the router. If this does not work, I want you to go to the Firewall Advanced Log to see exactly which traffic the G1100 blocks.

JPDUBL07
Newbie

Appears it did not work:  Security Log of course has many entries, but this is the one that shows as blocked:  

Blocked IN=eth1 OUT= MAC=c8:a7:0a:c3:55:7f:de:38:e1:fb:81:1d:08:00 src=23.56.9.75 DST=173.71.203.175 LEN=76 TOS=00 PREC=0x00 TTL=61 ID=22335 DF PROTO=TCP SPT=443 DPT=53722 SEQ=3974813219 ACK=4104423278 WINDOW=332 ACK PSH URGP=0 MARK=0

0 Likes
JPDUBL07
Newbie

Blocked Events

All Blocked Connection Attempts
Winnuke
Multicast/Broadcast
ICMP Replay
Defragmentation Error
Spoofed Connection
ICMP Redirect
Blocked Fragments
Packet Illegal Options
ICMP Multicast
Syn Flood
UDP Flood
ICMP Flood
Echo Chargen

All of the above are set to Blocked as well....again, nothing I've ever touched/configured...and even did a factory reset on the router last eve..

0 Likes
Cang_Household
Community Leader
Community Leader

At this point, if you do not want to spend more time exploring the firewall, I would recommend you to place the XBox in DMZ with potential adverse effects.

If your kids can wait until we figure it out here, then we can continue to research the solutions.

JPDUBL07
Newbie

Yea, well they can entertain themselves outside.  As long as you don't mind continuing to help, I'm all ears.  I placed the Xbox in the DMZ, then powered on the Xbox and attempted to play one of the games that was having issues.  I was still receiving error messages about not being able to connect.

So I guess back to square one...not sure what to try next.  I'd like to think that if it doesn't even work in the DMZ then I am not sure anything we try on Forwarding or Triggering would work either, right??  Maybe I am wrong.  I even threw in an HTTPS 443 port forward, and that had no impact either.

0 Likes
JPDUBL07
Newbie

Any other suggestions??

0 Likes
Cang_Household
Community Leader
Community Leader

If the DMZ does not work, then this issue is kind of unsolvable.

Can you make sure you have the correct IP for the X-Box? I would plug an ethernet cable and disable its WiFi completely. Sometimes, when G1100 reboots, it reassigns all DHCP clients to different IP addresses without promptly updating the NetBios name entry.

jeffwkbos
Newbie

This problem seems to extend to Xbox on PC.  Just bought a new Asus ROG laptop and hoped to explore gaming but I am unable to connect through Fios.  I guess since I see no Verizon response here and there doesn't seem there is a solution I have only two options:  1) buy my own router and MoCa for TV  (not sure this will work) or 2) leave Fios for another provider.  

0 Likes
Cang_Household
Community Leader
Community Leader

Can you provide more information? What error messages are you seeing on XBox? What error entries are you seeing in router's Firewall logs?

Without more information, we can hardly troubleshoot the problem.

Do you know what ports are required to be forwarded to the WAN side? If not, could you find out with the developers of the games?

SilverS1
Newbie

Placing the Xbox into the DMZ doesn't work. Xbox error messages are related to security issues with the profile and seem to occur at the WAN gateway, which seems to do an alias login (on port 3074) as seen in the Microsoft security pages. Router's Firewall security logs are virtually unreadable and can't really see what device they are associated with - also, I've not seen a correlation in log times and actual times of disconnection. Furthermore, I can't find logs from when everything was functioning correctly to compare them to. It also seems that if you are in the DMZ, it wouldn't make any sense that the Security Logs for the home router would have anything; if they did, you really aren't in the DMZ and that needs to be fixed by Verizon.

As for forwarding ports (which you don't use in a DMZ setup): Xbox has ports as previously stated (53, 80, 88, 1863 [Kinect only, I think], 3074, 16000 [Chat], 500, 3544,4500, 3075, 3076). There are also ports for individual games, see:  https://portforward.com/ports/a/

But, it seems the issue is at the WAN Gateway Router and not at the Home Fios Quantum Router because putting the console into the DMZ should negate any of the "what ports do you need" and "can you find out from the developers" questions.

Why is the WAN Router not supporting a LAN DMZ setup, which is supposed to put the console in direct contact with the internet.

If the Fios Quantum Gateway G1100 cannot handle gaming consoles, I need to know which ISP does. A 1 GB connection is worthless if you can't play the game.

0 Likes
Cang_Household
Community Leader
Community Leader

@SilverS wrote:

If the Fios Quantum Gateway G1100 cannot handle gaming consoles, I need to know which ISP does. 


Ok. If G1100 cannot play nicely with multiplayer gaming consoles (which have yet to confirm), you can try a different router (G3100, CR1000A, or a third-part router of your choice). ISP by its name only provides an Internet connection, so you can use whatever router you want. NAT is a function on the router, not an intrinsic part of delivering the Internet connection to you (at least VZ does not use Carrier-Grade NAT because of abundance of IPv4 addresses).

If you dislike VZ routers and find off-the-shelf consumer routers don't satisfy your need, you can build a router yourself with two network interface cards and configure nftables for highly customizable NAT.

dslr595148
Community Leader
Community Leader

@SilverS wrote:

Why is the WAN Router not supporting a LAN DMZ setup, which is supposed to put the console in direct contact with the internet.

If the Fios Quantum Gateway G1100 cannot handle gaming consoles, I need to know which ISP does. A 1 GB connection is worthless if you can't play the game.


#1 While we get that you hav FIOS Internet, do you also have FIOS TV One?

#2 Before you tried to use the DMZ:

a) You set the Xbox one to use a Static IP?

b) You turned off UPnP in the NAT router?