Trac to the router we can do mangle (packet-mark) specically on chain=input Simple queue is a specic process, located aher global. No more global-in and global-out, replaced by a "global" located aher the "input" and at global-out posi8on. Queue tree PCQ on parent interface - naged network, queue for uplink trac does not work perfectly, because PCQ done aher src-nat src-address already changed to router ip address in src-nat.
Two 8mes queue processing (Global in and global out) for trac through the router. No specic queue for trac to the router, global-in will process the trac into the router and the trac through the router Queue Tree queue on interface, or in global-in, global-out or global-total Simple Queue queue will be done in global-in, global-out or global-total MikroTik Training Center The rst MikroTik Training Center in Asia Pasic, has taught at least 1600 par8cipants (94 classes). MikroTik Cer8ed Trainer & Consultant MikroTik Academy Coordinator WISP CEO Manager for IDNIC (Indonesia Na8onal Internet Registry) IT Expert on Disaster Relief
Valens Riyadi, Citraweb (ID) MikroTik Cer8ed Engineer (MTCNA, MTCWE, MTCRE, MTCTCE, MTCUME, MTCINE) I just tested with my son's XboxOne, tested NAT and it said moderate, then only enabled DST NAT to the XboxOne IP for both protocols TCP and UDP destination port 3074, now NAT says Open.Valens Riyadi (Citraweb)
Not a gamer myself, but I reckon the description of the ports to opened as listed on that URL is confusing, they are not explaining which direction these ports needs to be opened, and I suspect that 99% of these ports listed are required for outgoing should you have configured firewall as a "statefull" firewall, which default config does. Port 3074 (UDP and TCP) (I assigned this port manually) xbox-live, the following ports should be open: I have been trying to resolve this issue for the past 15 days, reading through forums but no luck at allĪs you may know, in order for XBOX to work properly, it needs an Open NAT - so far it is only StrictĪccording to the Microsoft XBOX's website. Regarding your UPnP rules look good but when it comes to Xbox and Mikrotik my experience is that sometimes it works and sometimes it does notĪnd last I did all this during a online meeting so please read trough as I might have made mistakes :-)Ĭould you please clarify what you mean by "ote that these rules has to be above drop rules so you will have to move them after them being added."? For example UDP 500 is used for some VPN tunnel and so on. Note that these rules has to be above drop rules so you will have to move them after them being added.Īlso note that if you want to use any of these ports in the future this NAT rule will break that. Now I'm not sure about this but here are the rules:Īdd action=accept chain=input dst-port=3074 in-interface=ether1 protocol=tcpĪdd action=accept chain=input dst-port=88,500,3074,3544,4500,5730-5731,5739 in-interface=ether1 protocol=udpĪdd action=accept chain=forward dst-port=3074 in-interface=ether1 protocol=tcpĪdd action=accept chain=forward dst-port=88,500,3074,3544,4500,5730-5731,5739 in-interface=ether1 protocol=udp I think you need rules in both input and forward. So now comes the point I'm unsure of but I think you need firewall rules as well. This will take all inbound traffic to the router on these ports and dest-nat (port forward) to IP 192.168.88.246 which I assume is the Xbox