Hi Walt,

unfortunately I don't have specific knowledge either on Xbox or Kerberos... I can only wish you good luck! (Or switch to Playstation ;-))


7.12.2013 3:02, Walt Elam kirjoitti:
One more update:

I opened up the tcpdump traffic in Wireshark and it appears that the
Xbox is failing on Kerberos. I see an AS_REQ, then AS_REP, then the
traffic alternates between TGS_REQ and TGS_REP then fails. It seems like
the xbox is failing to successfully get the ticket from the TGS.

Are there special rules I need in order to ensure Kerberos works properly?


On Fri, Dec 6, 2013 at 4:13 PM, Walt Elam <wre...@gmail.com
<mailto:wre...@gmail.com>> wrote:

    Thanks Teemu, I gave some similar rules a shot but was unable to get
    it working.

    I'm still tweaking things and trying them, I'll update if I get it
    figured out.



    On Thu, Dec 5, 2013 at 4:47 AM, Teemu Rinta-aho <te...@rinta-aho.org
    <mailto:te...@rinta-aho.org>> wrote:

        On 5.12.2013 3:16, Walt Elam wrote:

            I need to forward ports 88 (UDP), 3074 (UDP/TCP), 53
            (UDP,TCP), and 80
            (TCP) to the xbox360. This seems simple enough but I have
            been unsuccessful.

        Hi Walt,

        I don't do exactly the same, but almost. Check out my pf.conf at


        There you can see that I forward certain ports to machine named

        I also use 3 separate VLANs to the cable modem to get 3 (out of
        5 that
        I pay for) different IP addresses from the ISP. 1 is mapped to
        PS3, one
        to a PC "core7", and the rest share the third IP address. So, there
        is some extra complexity in my pf.conf.

        Hope it helps.


Teemu Rinta-aho                    Tel:    +358 40 562 3066
Langenintie 9 as. 3                E-mail: te...@rinta-aho.org
28400 Ulvila, Finland                      teemu.rinta...@gmail.com

Reply via email to