In a previous post about the Sophos UTM, I’ve received some comments about Xbox Live.
I’ve recently rebuilt my Sophos UTM and found that my backup configuration files were encrypted with a password I couldn’t locate… my bad. So I’m rebuilding all of my firewall rules again.
For the Xbox 360 Live and Kinect, there are some quirks that I hope these steps help you overcome.
- Setup a DHCP reservation for your Xbox so that your UTM will create a network definition and the IP will remain the same.
- Create new service definitions for each of the ports listed in the base article here
- Port 88 (UDP)
- Port 3074 (UDP and TCP)
- Port 53 (UDP and TCP)
- Port 80 (TCP)
- Port 1863 (TCP and UDP)
- In my UTM, I’ve named them Xbox Live UDP 88, Xbox Live TCP & UDP 3074, etc. This helps keep your definitions clean and searchable.
- Create a definition group and call it Xbox Live and Kinect (or whatever helps you keep organized).
- Create a new Firewall rule
- Source Xbox 360 -> Services Xbox Live and Kinect -> Destination Any
- Create a new NAT rule
- Rule Type: DNAT (Destination)
- Matching Condition
- For Traffic from: Any
- Using service: Xbox Live TCP and UDP 3074
- Going to: External (Address)
- Action
- Change the destination to: Xbox 360
- Automatic Firewall rule: Checked!
- Save
Save and don’t forget to turn on your Xbox 360 firewall rule before testing.
Here are some screen captures that may help show you what these all mean.
