<html><body><div style="font-family: arial, helvetica, sans-serif; font-size: 12pt; color: #000000"><div><br></div><div><br></div><hr id="zwchr" data-marker="__DIVIDER__"><div data-marker="__HEADERS__"><blockquote style="border-left: 2px solid #1010FF; margin-left: 5px; padding-left: 5px; color: #000; font-weight: normal; font-style: normal; text-decoration: none; font-family: Helvetica,Arial,sans-serif; font-size: 12pt;" data-mce-style="border-left: 2px solid #1010FF; margin-left: 5px; padding-left: 5px; color: #000; font-weight: normal; font-style: normal; text-decoration: none; font-family: Helvetica,Arial,sans-serif; font-size: 12pt;"><b>From: </b>"James Sumners" <james.sumners@gmail.com><br><b>To: </b>"Atlanta Linux Enthusiasts" <ale@ale.org><br><b>Sent: </b>Thursday, August 18, 2016 11:17:26 AM<br><b>Subject: </b>Re: [ale] Miniupnpd + Xbox 1<br></blockquote></div><div data-marker="__QUOTED_TEXT__"><blockquote style="border-left: 2px solid #1010FF; margin-left: 5px; padding-left: 5px; color: #000; font-weight: normal; font-style: normal; text-decoration: none; font-family: Helvetica,Arial,sans-serif; font-size: 12pt;" data-mce-style="border-left: 2px solid #1010FF; margin-left: 5px; padding-left: 5px; color: #000; font-weight: normal; font-style: normal; text-decoration: none; font-family: Helvetica,Arial,sans-serif; font-size: 12pt;"><div dir="ltr"><br><br><div>If you go by MS's documentation then you'll have a very open firewall -- <a href="https://support.xbox.com/en-US/xbox-one/networking/network-ports-used-xbox-live" target="_blank" data-mce-href="https://support.xbox.com/en-US/xbox-one/networking/network-ports-used-xbox-live">https://support.xbox.com/en-US/xbox-one/networking/network-ports-used-xbox-live</a><br></div></div><div class="gmail_extra"><br></div></blockquote><div><br></div><div>Yea, I saw that earlier and I'm hesitant. I already lock many devices here via dhcpd by MAC. I could try the 3074 and 88.</div><div><br data-mce-bogus="1"></div><div>OpenVPN on the XB1 would be nice, but a dream. I could just give it a public IP.</div><div><br data-mce-bogus="1"></div><div>Using iptables to simply route 88 and 2074, etc down to 192.168.1.3 24x7 may have be a problem since we have so many other devices.</div><div><br data-mce-bogus="1"></div><div>We have many tools we could use. I do have an ipvanish account and openvpn on my router. Maybe I could use that and then map that public down to 192.168.1.3? Downside is that ipvanish only allows one profile running and Netflix will stop. I've been working on the latter. I'm routing subs that belong to them outside the VPN and out eth1. I'm routing Google DNS out eth1. dnsmask is using Google dns for *.netflix.com. To test I simply randomly start up and night and wait for complaints.</div><div><br data-mce-bogus="1"></div><div><br data-mce-bogus="1"></div><div><br data-mce-bogus="1"></div><div><br data-mce-bogus="1"></div></div></div></body></html>