1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

2 Xbox 360's with Tomato 1.11 on wrt54gl

Discussion in 'Tomato Firmware' started by outflying, Nov 13, 2007.

  1. outflying

    outflying Network Guru Member

    Hello all.

    I've googled and searched for hours but I'm having trouble. A friend moved in and now there are 2 360's on my home network. I've set them both up with static adresses (one at .245 the other at .246) and I've forwarded udp 88, udp 3074 and tcp 3074 for both of the static ips of the 360's.

    Now every time either 360 is powered up we have to go through the test connection routine before it will log on to live.

    Also the one at .245 shows as NAT open but the one at .246 usually shows strict or moderate.

    Is it posible to have them both open nat?
    Why do I have to run the diagnostics on the 360 Everytime.

  2. Toxic

    Toxic Administrator Staff Member

    the reason both wont work at the same time is you cannot port forward the same port to different IPs at the same time. have you tried enabling upnp and remove the port forward entries?
  3. GhaladReam

    GhaladReam Network Guru Member

    The only other solution, would be to buy a 2nd external IP address from your ISP, this would get you a 2nd set of ports, eliminating this problem. However this isn't a very logical solution.. Try what Toxic suggested. The 360 shouldn't need any port forwards to get on Live.
  4. outflying

    outflying Network Guru Member

    Thank you both for the responses! I didn't know that a port couldn't be "shared" so that makes sense.

    Without the ports forwarded and only running upnp the 360's seem to reply as moderate most of the time.

    Would it work to forward the ports on one and then dmz the other one?

    Thanks again!
  5. roadkill

    roadkill Super Moderator Staff Member Member

    you can dmz both of them it'll work but it's not secure...
  6. outflying

    outflying Network Guru Member

    So if a port is forwarded does that make it COMPLETELY unavailable to any other machines???

    I.E. if I port forward machine A and dmz machine B, machine B still wouldn’t have access to those ports?

    Or if I port forward machine A and upnp machine B, machine B still wouldn’t have access to those ports?

    Thanks again!
  7. roadkill

    roadkill Super Moderator Staff Member Member

    you should try because it depends on the order of things at the router level but true dmz should work regardless of existing port forwarding.
    upnp is a fancy port forwarding which does exactly the same but the machine/device which uses the port has some control over it,
    it does not closes the port after each packet which will probably cause the same problem.
  8. GhaladReam

    GhaladReam Network Guru Member

    Who cares though? It's just an Xbox 360. Most people aren't going to keep sensitive data on their 360's anyway.. Plus, it doesn't have Windows on it, which makes it far less vulnerable to any type of hack.
  9. roadkill

    roadkill Super Moderator Staff Member Member

    hacking an xbox that is in dmz on your lan could allow access to your lan via the xbox 360...
  10. GhaladReam

    GhaladReam Network Guru Member

    I suppose, I never thought of that. I figured that having the 360 on DMZ would open ONLY the 360 to attacks... Now that I think of it, if a hacker got in via the 360, they can then see everything else internally.
  11. outflying

    outflying Network Guru Member

    Thanks again everyone!
  12. BassKozz

    BassKozz Network Guru Member

    Who is gonna hack a 360, really?

    But how would one go about hacking a 360 in the first place?
    I'd like to think M$ doesn't leave these open to vulnerabilities (cough, yea right... but at least they try, and make it difficult for hackers to get in), especially with the fact that it updates the system every quarter (LIVE updates), they can simply patch any vulnerabilities.

    Besides all the above, how many "hackers" (and by hackers I mean blackhat, lets not get into a discussion on the term) are really trying to go after people via the 360 anyways? Who would want to hack a LAN w/ a 360 on it? Chances are there ain't much valuable there, if there is a 360 on the LAN... I don't think major companies keep 360's laying around the office connected to their networks :p
  13. lyme

    lyme LI Guru Member

    I'd suggest keeping the static ip addresses, removing all the port forwards that you have setup for either box, and make sure that under 'port forwarding' you have 'enable upnp' checked.

    You are unfortunately going to have some difficulties as both 360's want to use some of the same inbound ports, without getting multiple ip addresses from your internet provider that is something you'll have to live with. The next best thing is let the router automatically try to assign things on the fly, of which at times you will have one 360 set to moderate.

Share This Page