This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Windows 10 Xbox Play Anywhere not working. Server connectivity: Blocked!

Anyone know if it's possible to play a Play Anywhere game behind a Sophos UTM?  I'm getting server connectivity blocked.  I've gone through the teredo troubleshooting/uninstalling steps and have created a NAT rule as well as IPS exception and Web filtering changes.   Here are the screenshots of what I'm seeing and have in the UTM.   Let me know if anyone has steps to get this working as it's extremely frustrating.  I don't have     any issues playing online from the Xbox itself. 

Thanks,

Gary



This thread was automatically locked due to age.
Parents
  • Hey Gary,

     

    please check the corresponding logs (firewall, webfilter, ips) for any block entries regarding xbox play anywhere. This way you can pinpoint which module is actually blocking the connection and check the specific configuration. Feel free to post the entries if you need more help regarding the issue.

     

     Regards

  • I'm attaching all 3 logs.  The ips log has nothing really in it and the other two have no traces of the IP of my machine (192.168.0.46).   I guess it begs the question is the system logging what it's supposed to?   Let me know what you see though or any changes I may need to make.  

    Gary

  • Gary, I had read your post - did you thoroughly read #1 in Rulz?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Thanks naiP.  This was very helpful.   I did have a desktop pc -- any -- any rule set up on top to troubleshoot and it was there before I gathered the log.   I removed it and then watched the firewall log and I can see the connections from x.46 going green so there are connections being made.  The Xbox app for Win 10 when it checks is showing NAT Open and I'm not getting a teredo error.   However, it still says blocked for server connectivity and there weren't any red drop lines for x.46 in the firewall log.  I'll check it tonight.   Is it safe to say since the Any Any rule didn't do the trick that the issue more than likely lies outside of that section?

    Gary

  • yes but wasn't seeing anything in the logs.  I'm seeing green lines now from x.46 after removing the desktop pc - any - any rule at position 1 but still seeing blocked.  I don't see any x.46 lines in IPS, application control, web filter logs. 

     

    Gary

  • So we're down to a routing issue, as #1 says - check the other Rulz suggestions it makes.  If you get no joy with any of those, I think you're stuck doing packet captures.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hey Gary,

    if possible I would try to deactivate the web proxy for a moment while your Any FW Rule is still active and test again. But in generell you are now down to packet captures or searching for connection specifics of xbox play anywhere and of course check the Rulz.

     

    Regards

  • Ok I'll give this a try tonight.  I completely turned off web filtering and intrusion detection and a game in particular still won't connect on Xbox or the PC.  I don't have that any rule active anymore though so will check later.   Thanks.  Gary

  • already tried a couple of things at lunch...   Now the Xbox doesn't connect to the game in particular at the present time (Sea of Thieves) Xbox says NAT Open but upnp not working.    I can connect to Xbox Live but when trying to connect to a game session it bombs out.  

    - turned off web filtering

    - turned off IPS

    - turned off advanced threat protection

    - added xbox one (0.34) any any rule as #3 in the list (1 and 2 weren't an option)

    - verified my dnat rule was there to send xbox live data to my xbox one.  (I'm not sure if this is correct).

    Opened up firewall port logging and saw the green lines for all connections 192.168.0.34.

     

    Still no go...

     

    Connected my cable modem directly to the xbox and NAT Open and upnp error went away.   

    All worked perfectly and I was able to connect to the sea of thieves servers. 

     

  • well just found this port to try to add to a DNAT rule.    I'll try this one when I get home. 

    Port Forward Sea of Thieves on Xbox One

    In order to play Sea of Thieves on Xbox One you need to set up a static IP address for your console as well as forward the standard Xbox Live port of 3074.

     

    portforward.com/.../

  • Ok all.  This is now solved.  The issue was the MTU size on the wan interface detected by the ISP.  It was 576.  Support showed me how to log into the shell and turn this autodetection off.  Then changed it in the gui to 1500.   That solved the issues I was having and explains why nothing was in any of the logs.   Crazy.  

    Gary

     

    https://martinsblog.dk/sophos-utm-how-to-fix-the-mtu-576-issue/

  • Gary...I made an account here just to say thank you. You have no idea how much headache you have lifted from me. I have spent hours upon hours over the past few days trying everything to get my server connectivity unblocked. I have logged six hours with Microsoft support over this issue. You are my hero, Gary. I love you in the manly way.

Reply
  • Gary...I made an account here just to say thank you. You have no idea how much headache you have lifted from me. I have spent hours upon hours over the past few days trying everything to get my server connectivity unblocked. I have logged six hours with Microsoft support over this issue. You are my hero, Gary. I love you in the manly way.

Children
No Data