The xbox needs these ports
- Port 88 (UDP)
- Port 3074 (UDP and TCP)
- Port 53 (UDP and TCP)
- Port 80 (TCP)
- Port 500 (UDP)
- Port 3544 (UDP)
- Port 4500 (UDP)
If the customers router is bridged and your ePMP is doing DHCP / NAT then something you can do:
(1) On the radio Monitor > Network > DHCP Assigned IP Address Table find his xbox and copy the MAC address and note the IP address. (if the DHCP client table is empty, as happens with this crappy interface , look in the ARP table, which does not show Device Name so you will have to look up the MAC addresses on the LAN until you find the one that tracks back to Microsoft OR just reboot the radio, and as soon as it comes back up go watch the DHCP table and try to catch the xbox before it vanishes from the DHCP table)
(2) Configuration > Network > Ethernet Interface > DHCP Clients > Add
- Past the MAC address of the Xbox in the MAC field
- Enter the IP address you noted in the previous step in the IP field
- Enter Xbox or whatever you want in the Name field.
(3) Same page > Port Forwarding > Disable uPnP IGD
(4) Same page > De-Militarized Zone (DMZ) > Enable
- enter the IP address you noted initially and entered on the DHCP clients for the Xbox in the IP address field.
Save / Reboot
The radio should always hand the Xbox that same IP address and all ports should be forwarded to it.
Another way would be on step 4 to enable Data Port Forwarding instead of DMZ and just forward all the above ports to the ip of the xbox.
The downside is now you have a customer with a custom config that you have to remember / keep track of. As stated, the ePMP radios are bad about port forwarding breaking and requiring a reboot to fix so may want to make sure customer is made aware of how to power cycle the radio from time to time.
Edit: Oh I forgot, unless they changed it in recent firmware you can’t Forward or DMZ Port 80 if the Management interface/GUI is using Port 80 Configuration > System > General > Web Access > HTTP port change it to something besides 80 (even if you aren’t using HTTP unless, again, that was fixed recently)