One more update: I opened up the tcpdump traffic in Wireshark and it appears that the Xbox is failing on Kerberos. I see an AS_REQ, then AS_REP, then the traffic alternates between TGS_REQ and TGS_REP then fails. It seems like the xbox is failing to successfully get the ticket from the TGS.
Are there special rules I need in order to ensure Kerberos works properly? -Walt On Fri, Dec 6, 2013 at 4:13 PM, Walt Elam <wre...@gmail.com> wrote: > Thanks Teemu, I gave some similar rules a shot but was unable to get it > working. > > I'm still tweaking things and trying them, I'll update if I get it figured > out. > > Thanks, > > -Walt > > > On Thu, Dec 5, 2013 at 4:47 AM, Teemu Rinta-aho <te...@rinta-aho.org>wrote: > >> On 5.12.2013 3:16, Walt Elam wrote: >> >>> I need to forward ports 88 (UDP), 3074 (UDP/TCP), 53 (UDP,TCP), and 80 >>> (TCP) to the xbox360. This seems simple enough but I have been >>> unsuccessful. >>> >> >> Hi Walt, >> >> I don't do exactly the same, but almost. Check out my pf.conf at >> >> http://www.rinta-aho.org/blog/?p=364 >> >> There you can see that I forward certain ports to machine named "core7". >> >> I also use 3 separate VLANs to the cable modem to get 3 (out of 5 that >> I pay for) different IP addresses from the ISP. 1 is mapped to PS3, one >> to a PC "core7", and the rest share the third IP address. So, there >> is some extra complexity in my pf.conf. >> >> Hope it helps. >> >> Teemu >> >> >> >> >> >> >> >> >> >> >> >> >
