This article is not mine. It is from “Da Master Chief” taken from Bungie.net.

Hey Bungie.net Member. Master Chef SC here. Keep the credit to me and you can put this guide anywhere.
This is all about allowing everyone to directly connect to you in games like Halo Reach, so you don’t have to settle for the scraps of Matchmaking. AKA Open NAT. You will not be vulnerable to hackers since you will only be allowing people into programs and games that you select. However, there are some side effects from learning how to get an Open NAT on your computer and xbox:

o - You’ll remove any chance of connection problems with friends
o - You’ll get better pings in all online computer games, because you can connect to everybody and so have more choice in matchmaking.
o - You’ll stream your computer hard drive’s videos, pictures and music onto your Xbox without any stuttering.
o - You’ll maximise the speed of your peer to peer downloading including MSN file transferring
o - You won’t pay an idiot 50 bucks every time something easy goes wrong.

The process is pretty technical but it’ll try to explain it so you can understand it and it will pay back in huge dividends. Face it, you’re living in an age of computers. Know how to -Yoink!- them.

Your Xbox 360’s NAT could already be open without you realising. To check if it is, turn on your Xbox 360 and in the dashboard’s My Xbox area, scroll right all the way to system settings. Select ‘Network Settings.’ Then select ‘Test Xbox Live Connection.’

The Xbox will run a bunch of tests, the last of which is NAT. It could be Strict, Moderate or Open. If it is Open, the test won’t even mention the word NAT. If so, stop reading this guide (either you have a Xbox live certified router or you have your Xbox directly connected to the modem. Please note that some, including my Xbox live certified router don’t do their job of letting xbox live through the firewall). If it reads moderate or strict, then you are ripping yourself off.

To get yourself an open NAT, it’s not quite as simple as ticking a box. That’s why this essay is here. The first thing you have to do is make your Xbox 360’s local IP address ‘static.’ Then you have to open a back door in the router’s software to your Xbox.

If you don’t know what a local IP address is, just think of your home network as a neighbourhood of mostly empty houses, labelled 1 through 255. For the vast majority of neighbourhoods like yours, the mailman lives at house 1 (he is the router) and he’s the only contact with the outside world, which he accesses through the modem. If your computer, Xbox and laptop don’t have a static IP, then they will live in a different house each time they’re turned on and so need to tell the mailman where they live to be in contact with the outside world. If your Xbox or Computer has a static IP, they’re always in the same house.

The second step is to open ports on your router. It’ll make teleporters between the mailman’s house and your Xbox’s. You can see that if the Xbox is always in a different house then the teleporter that goes to house 5 will only work some of time. Further on, each teleporter, or port opened, only works for one certain type of internet traffic AND can only be set to one device, or house.

This number of the houses is the fourth in an “IP Address.” The first three numbers don’t ever change for the whole network. Example: 192.168.1.1 or 10.1.1.1. So change only the last number for different devices on the network, between 1 and 255. Your router will most likely be on 1, but whatever it is on, it will never change.

PART A- STATIC IP

Your computer and Xbox show a static IP as manually entering in IP settings and a non-static as them being set to automatic.

Now you need to know all the technical numbers with three letter acronyms (you gotta love em) necessary- to get the same IP address everytime. The easiest way to get these numbers is to go to your computer’s start menu, click on run, type in “cmd” (for windows 7 users, go to the start menu, click on the box to search for files or folders and type “cmd” and double click on the first result, thanks General Khazard). and then in the black box that pops up type “ipconfig /all”. That’s ipconfig space slash all. A rush of stuff will appear and you’ll feel like a hacker. Look down towards the bottom and write down on paper your IP Address (aka IPv4), Subnet Mask, Default Gateway and DNS Servers. Any typos here would be tragic so triple check that you have them right. I’ll explain what each of these mean:

IP address- What I was talking about at the end of the introduction. This is your computer’s local IP address. For your entire network the first three numbers, say 192.168.1, will be the same. The last identifies to the router what device on the network it is.
Subnet Mask- Scrambles your IP address from outsiders.
Default Gateway- The local IP address of your router.
DNS servers- These are pass codes from your internet service provider. There will most likely be two. The first is called “Preferred/Primary DNS server” and the second is also known as the “Alternate/Secondary DNS server.” Please note there may only be one. In this case please make the Secondary DNS the same number as the primary.

Now that we’ve got these numbers, we can go and make all of the computers and Xboxes that you want to open ports for static.

How to make your Xbox 360’s IP address Static:
Now you are ready to go back to your Xbox 360’s dashboard. In My Xbox, scroll right and select system settings, network settings, edit settings. There are two options- IP settings and DNS settings. Go into either, change the setting to manual and then enter all of the codes you have written down on your paper, with one difference. The last digit of the IP address needs to be changed to a number preferably between 50 and 250. Choose your favourite and write it down on the paper as your Xbox’s Local IP address. While you’re at it choose the numbers of your computer/s too, the houses that they will live in.

If can reconnect to Xbox live, you have successfully made your Xbox IP’s static.

Making your computer’s IP address Static:
(For this section, If you don’t have WIndows XP or prefer pretty pictures over a wall of text, check this out)
Go to your computer, click start, control panel, network connections (classic view). You now have some icons that probably say “local area connection” and “wireless network connection.” Ignore the “Internet Gateway Internet Connection” icon up further up. You need to select the one of local or wireless or otherwise that you use to connect to the internet. IF you don’t know which one it is, go ahead and right click on one and ‘disable’ it.

If your -blam!- stops downloading and you can’t load up Google, it’s probably the right one.

Right click on the icon that gives you life, go ‘properties’, within the ‘this connection uses the following items’ embedded list scroll down to Internet Protocol (TCP/IP) and then click on properties, just a little down and right. You will now see a window similar to how you entered in your codes on your xbox, except its all compact and lacks style.

Here you will find if your IP address is static or roaming. If all the numbers are already filled in, its static and you should right down that computer’s fourth number in its local IP address. This is old hat for you isn’t it! If no numbers are filled in then do that yourself using all the numbers you wrote down on paper. Type in the DNS, Subnet, Gateway… it’s all as easy as shooting a whale in barrel. If you’re still connected to the internet then you haven’t made any mistakes, because I sure didn’t.

PART B- PORT FORWARDING OR DMZ IF YOU’RE CHICKEN

Now we are going to go into your router’s software, which is located inside the router, not the computer. You can access it from any computer that’s connected to the internet, even a PS3. (By the way if you have a PS3, pick up an oversized mallet and accurately but firmly connect with the device to extract the greatest entertainment value.) Grab that piece of paper with all the numbers on it and type in the local IP address of your router/default gateway, whatever the kids these day call it, and type it into where you usually type www.google.com

A login box will pop up, asking you for a login and a password. If you or anyone else have never accessed your router’s settings before, these will be set to their default of login= admin and password=password/admin or nothing at all, depending on whether you have a netgear, linksys or a D-link router. If you have another brand, a good place to look for the default login and password is printed on the router itself or if all else fails, a manual! Select your router from this list if you have any more problems; it has a specific guide for each router.

Have a browse around the settings and check out all the stuff your router can do. That said, don’t touch anything if you don’t know what it does or you won’t even be able to visit this site

Skip this whole bit til i say so if you aren’t 1337. Seriously, it will go over networking -Yoink!-’s heads. Its about having fun with your router including a firmware upgrade (if your router is buggy this will fix your NAT, given that you’ve opened ports as I cover later on) and wireless passwording.
The first thing you do with a new router if you know what you’re doing is to get new firmware for it. Firmware is it’s the router’s software so download the latest if you want melee and other bugs to be fixed. Google your router’s serial number that’s on its packaging to find its official site. Within it look for your exact router’s download section and download the latest non-beta firmware for it.
Then you’ll need to go into a menu of the router settings to find a place where you can upload the firmware onto your router. It’ll have a browse button for you to select the firmware so you can upload it. When it’s done the router will most likely go back to default settings on everything, so that’s why we’re doing it first before we change anything.

If you have a wireless router, one thing to do in here is to change the router login access password from the default, so that laptop hackers in black vans on the side of the road can’t get in really easily. You can make it damn near impossible if you activate “WPA-PSK”, found in setup- wireless settings for netgear users and in ‘be patient and find it yourself’ for others. Turn it on by clicking on whatever box you need and enter in a wireless password, which also has another useless three letter acronym - PSK. This will make it so that you have to enter a password to access your internet wirelessly. If you’re a paranoid schizophrenic make this “ri32o5fsl3” and make it your dog’s name if you expect mum to remember it for her laptop. When you next connect to the internet wirelessly you will be asked for this, so write it the -blam!- down on your paper. Also hit an apply settings button or equivalent, and with some routers, like my new D-link, you even need to go to the system menu and click on “save and reboot.”

Dummies can start reading again
Now here’s where it gets harder for me to explain. You see, every company that makes routers makes their router settings look different. That’s why I’m gonna show you a site that has a picture guide for nearly ever router in existence.

Following that link will make it really easy to enter in ports. I’ll describe the process here anyway in case it doesn’t work for your router. What you are looking for is in the router settings and it calls itself “Port Forwarding/Virtual Server”

DMZ
or an easy fix that the impatient will enjoy, “DMZ.” Your router may not have DMZ, but it’s gotta have port forwarding. These’ll probably be in the advanced tab. Now while DMZ is an easy fix it is not without risk. It stands for demilitarised zone and has the same effect as plugging your xbox directly into the modem- it will have no firewall and so will accept any incoming connection. Do not, I repeat, do not do this for your computer, as hackers can have a field day accessing it. Hackers can’t do much with your Xbox but they can get in if you set this. To turn on DMZ, find DMZ in your router settings without touching any other settings and enter in your Xbox 360’s static local IP address and hit OK or equivalent. NAT Open on Xbox. When you’re ready for round two, keep reading to find out the holy way. Please note that when you activate both port forwarding and DMZ strangely neither will work.

Port Forwarding
Every brand does it differently. But you will be adding ‘ports’, also known as ‘numbers’ to a list and assigning them to the static IP address that you have set for your xbox or computer. Click “Add Custom Service”, add port, to go to the screen where you can enter in the details of the port you’re opening.

In some way shape or form you will see:

Description of what port does: Enter in Xbox_live1 and so on.
Starting Port: If I say open 3074, enter 3074. if I say open 200-210, enter 200.
Ending Port: If I say open 3074, enter 3074. if I say open 200-210, enter 210.
Some routers also have ‘port map’ and ‘port map end.’ Don’t try to understand this, trust me, just enter in the same numbers as the other start and end ports.
UDP/TCP: Just set every port to UDP and TCP, “UDP/TCP.” Usually it is specified which is needed, but this will open the port for both kinds of protocols. Don’t bother understanding this, just enter in both every time to simplify it.
IP address: This was the whole point of doing the whole static IP shizzle. Enter in your Xbox 360’s static IP. If you’re opening the port for your computer and the computer has a static IP, enter in the computer’s static IP. Easy.

Now, open these ports.

80
88
3074
53

There is a list of the ports that are open. Check this to see that to see that they are all in. Then turn on your Xbox, down/up to my xbox, right to settings, network connections, test xbox live connection. One minute later if no error pops up, that means you were successful in getting an open NAT. If you weren’t, check for typos in your ports and then use the first question in the FAQ.

If you’ve followed everything in the guide you now know how to open ports for anything, not just xbox live. It maximises the speed of everything that’s peer to peer. Here is the ultimate list of ports.

Also- more information on streaming from your computer’s harddrive. Your version of windows must be genuine to do this. Open up Windows Media Player. You all have it. If it isn’t version 11 or greater, go for the help menu, and then search for updates. It will say that WMP 11 is out. Download the 25 mb. When it loads up, hit the arrow underneath ‘library,’ then media sharing. Select the xbox symbol and click allow. Then click the library arrow again and go for add to library. Add in the folders that have your photos, movies and music that you want. You can also select the entire harddrive. In the meantime, apply these ports to your Xbox’s IP address: 1900, 2869, 10243, 10280-10284. When the library is finally completed, you can follow the simple prompts on the xbox when you try to access media off the computer. Note that the computer must be on to access the harddrive, but windows media player doesn’t need to be on.

That’s it! Cya on Xbox Live

PART C- FAQ

I did it all and its not getting an open NAT! Lier!
o - If you’ve used both Port Forwarding and DMZ on the same xbox, the bad news is they cancel each other out. Turn off one. Also UPnP must be turned off.
o - If your cable from your xbox plugs into your computer and not your router, it will never work. Buy a longer one.
o - Try also opening the ports 77, 3330.
o - Connect your xbox directly to the modem. If it’s still not open and it’s not the router’s fault. Ring your ISP and they’ll flip a switch to make it work.
o - If it’s the router’s fault and you’ve done the open nat deed, download new software from the router. This is covered at the very start of the 1337 section in part 2. If that still doesn’t work or something seems wrong, try a total router reboot by hitting the physical reset button on the back of the router. Take down all details that keep you connected to the net first of course, especially the ISP login and password.

The Dashboard tells me I have an Open NAT, but in Halo 3 it tells me I’m moderate or strict. Which am I?

The Dashboard is the more reliable test, as it tests you on the spot. Games like halo and cod show what you’ve had over time.

I don’t have a router, I’ve only got a modem

Is it a modem or a modem and router in one? Just a modem would only have one ethernet output and you’d have to change cables everytime you changed between the xbox and the computer. A router typically has 4 outputs.

If you’re using just a modem, whatever device is connected to it can accept connections from anything, just like DMZ. Not good for a computer, but would produce a open NAT for an xbox. If it doesn’t, It’s your ISP’s fault and an irate phone call should remedy the situation.

I’d like to connect more than one xbox on my network to xbox live.

I see that you’ve noticed that your router won’t allow you to open the same port for two different xboxes. We can’t work around this at all. Only one xbox per Internet connection can possibly be forwarded the xbox live ports, or inserted directly into a modem.

What? I’m not going to do that. I want a quick fix, what can i do?/I’m going to screw something up, i can’t risk doing this. My dad’ll kill me if i screw my router!
Some people are stupid enough to go and buy another router that gets an Open NAT by default. There’s a list of such routers here. If you don’t have a router yet, you could consider getting one of these. I cannot stress enough how stupid it is to buy a router especially. Its fifty bucks versus an hour if you follow this guide step by step and you will maintain your ignorance of how your network works, so you’ll have to call in help everytime something tiny goes wrong, plus you will continue getting -blam!- speeds on everything peer to peer. Sort this out now.

First i was open, now i’m strict. I can never live without open NAT by my side
If you’ve spent so many nights thinking how your router went wrong, you’ve got to be strong and go into the bloody router settings and see what the problem is.
-Did one of the ports you entered spontaneously disappear?
Type in a dummy port to take the place of the one that is being removed at the router’s whim (lowest numbered port, first entered) and then enter the ones you actually want next. Or DMZ it. It can’t remove that on a whim. Unless…
-Does the router need to be saved and rebooted when changes are made?
If you skip this step, the next time the router’s power is disconnected it will come back with more memory problems than Wolverine.

This guide is for noobies. I want a guide for something a little more complicated than just port forwarding my router. I want to run 16 Xboxen off the one network!

There are heaps of guides for everything networking here. Check it out. Also here is a very detailed guide for everything networking and xbox

Why are you so awesome, Master Chef?

Cos i’m actually NPH.

This is going to let hackers in, won’t it?

First of all, you are opening a port for your xbox specifically, not your computer or anything else on the network.

Secondly the numbers of ports, like a library’s Dewey system, are specific to certain tasks. The most malicious is ‘FTP’, File Transfer Protocol. This is them typing in your external IP address, connecting to your computer and sending you crap and taking crap off your hard drive. Not good. Why i’ve been telling people here not to DMZ your computer OR connect it directly to the modem, because that effectively opens all ports and leave you as exposed as a russian hookey player.

excellent thread op.
I also find that if you have high upstream bandwith and a wired connection it automatically opens.

> excellent thread op.
> I also find that if you have high upstream bandwith and a wired connection it automatically opens.

Indeed! I think what you say is true!

Well explained. Nice job!

Enable UPnP on your router and xbox = Open NAT.

Yes it’s very helpful especially for guys with closed NAT…

> Now, open these ports.
>
> 80
> 88
> 3074
> 53

Every time I read this darn thread, that is where they lose me…

Am I doing
Start 80 End 88

Or am I doing
Start 0 End 80
Start 0 End 88

My Router looks like this… http://img822.imageshack.us/img822/2026/cw41.png

Do I click Enable when I am done on each one, or what?

So I usually end up frustrated and just switch to DMZ

Your router is giving you the option to enter in a range of ports. For example, if you enter in Start 80 End 83, your router will forward ports 80, 81, 82, and 83. If you want to forward only ports 80 and 88, you will need to enter:

Start 80 End 80
Start 88 End 88

That will forward only ports 80 and 88 and no others.

This is the first time I’ve seen this thread, so I’m seeing that the OP has some minor inaccuracies. Nothing that would impact the adjusting of NAT though.

Magic!