09-26-2007 08:24 AM - edited 02-21-2020 01:42 AM
Hello,
I have a PIX501 at my house with the following setup:
Motorola Cable Modem connect to my PIX 501.
Pix 501 connected to my Linksys WRT350N wireless router.
My XBOX360 connected wireless to my router
The PIX is handing out IPs DHCP. The router is set not to not issue IPs. So its acting more like an access point.
Im trying to play Halo 3 online and its telling me I need to change my NAT settings because they are set to Moderate and need to be set to open.
I am going to make sure that the router is set to NAT disabled and Dynamic Routing Enabled.
But what do I need to put in the PIX so that it does NAT Open and not Moderate?
I have the following NAT command in it now:
nat (inside) 1 192.168.1.0 255.255.255.0 0 0
Thanks
09-27-2007 06:14 AM
Our University campus is having the same issue with Halo 3. Many students are getting "moderate network" error messages and can't connect to any Halo 3 servers.
Our NAT device is an ASA 5500 series appliance.
Any feedback would be appreciated.
09-27-2007 07:11 AM
I just switched from a Pix 501 to an ASA 5505 on my home network a few weeks ago, but haven't been having any problems playing Halo 3. Using standard outbound dynamic PAT, with no special application filtering rules other than the global defaults. Perhaps you could post a sanitized version of your config and that will shed some light?
09-27-2007 09:36 AM
I got some clarification on the problem. It looks like students are able to connect to Halo 3 servers on the Internet. However, They cannot connect to servers on the local network. I'm using a Clean Access in-band appliance as the default router. I added policy to their role to allow all TCP/UDP/and ICMP traffic, but they still can't connect.
10-03-2007 08:30 AM
I emailed Cisco to see if they had any ideas on how to fix this problem.
Has anyone else gotten any information on this and/or a fix?
10-04-2007 11:40 AM
I found a fix, Im still looking into how to put it into my PIX, but on a router you put in the following:
XBOX Live uses the following ports:
TCP: 3074
UDP: 88 & 3074
Therefore you have to do a port forwarding for TCP 3074 and UDP 88 & 3074.
11-19-2007 03:00 PM
This is what I have on my Pix 501
Note: I have my 360 hard coded on my network as 192.168.11.10
static (inside,outside) tcp interface 3074 192.168.11.10 3074 netmask 255.255.255.255 0 0
static (inside,outside) udp interface 3074 192.168.11.10 3074 netmask 255.255.255.255 0 0
static (inside,outside) udp interface 88 192.168.11.10 88 netmask 255.255.255.255 0 0
access-list outside permit tcp any interface outside eq 3074
access-list outside permit udp any interface outside eq 3074
access-list outside permit udp any interface outside eq 88
Hope this helps.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide