Port Forwarding Xbox Live Services to Xbox One Results 'Strict NAT'.

Just create a bypass rule for your Xbox and use NAT. I did on mine and not sure why this won't work in your situation. Even if you get port forwarding working the way you like, eventually you are going to run into an issue with Netflix and other streaming services not connecting if you are scanning for malware on your default network policy.

Just create a bypass rule for your Xbox and use NAT. I did on mine and not sure why this won't work in your situation. Even if you get port forwarding working the way you like, eventually you are going to run into an issue with Netflix and other streaming services not connecting if you are scanning for malware on your default network policy.

Ah, I see. 2 Xbox One's on the same network. Yeah, I think your only hope is UPnP. I don't think you solve this with port forwarding, at least according to tons of posts on this issue all over the web.

You don't need UPnP for more then one gaming console to work. Please read my post above.

Not sure where the OP stated anything about Netflix but you are correct, All the streaming devices that are not Windows computers or laptops to to be excluded from all the HTTP and HTTPS scanning as well as the 'web filter' set to none and everything works.

Did you test chat, party, and separate xbox live subscriptions? The problem is that 2 consoles need the same ports to be forwarded. If you aren't using these services NAT works great. If you are, it seems like UPnP is the solve. See this: www.isolation.se/.../ and about a million other posts on the interwebs www.google.com/

I am not sure if chat, party works or not all I know is my 3 kids have not complained about something not working. Even if something was not working I would not allow any gaming console to dictate how lax my network security has to be, That said I would simply put the consoles on there own separate network so my important network stays secure.

Correct. uPNP is REQUIRED for multiple Consoles (regardless if Xbox or PlayStation) to support multiplayer gaming and game chat.

I am sorry but I don't understand what your saying here. I have 3 XBox here behind XG and I don't have any port forwarding rules created and they work fine even 'call of duty' The only thing I did was create a policy for gaming and disable http & https scanning and turn off the 'web filter' and everything seems to be working fine.

Go to your Xbox One, All Settings, select Network then Network Settings. What is the NAT Type on your console? If you aren't doing any Port Forwarding, it will be 'Strict', which both of my consoles report. Which means you will have connectivity problems to Multiplayer (especially if YOU are hosting a match, i.e. you are the leader of the Xbox Live Party) and even with XBL Chat with a party. This is a fact on how connectivity works, especially with multiple consoles on the same network, sharing the same Internet Connection.

Chris, Your request is absolute opposite to XG goals. I don't think they will ever add UPNP to XG.

You can do something different. Buy a router which you will be able to reflash to OpenWRT or is advanced enough to support static routing. Connect the router to the ISP and put XBoxes on that network. Then connect XG to the network but don't use NAT, just static routing. You will end up with two network segments. One for gaming and the second secure where you can put your more valuable resources. This will be a little bit more expensive but I think it is reasonable trade-off.

I agree with everything you say. There is no way Sophos would ever add UPnP and for good reason. Just hang one router off a DMZ of the other router and call it a day. This is what I do with FiOs and it works great however I don't do any VPN and I have heard 'double NAT' can cause problems with 'double NAT' but not for all.