What's new

Solved Xbox Live - Firewall and Network questions

Sean_J

Sean_J

Enthusiast
Messages
344
Reaction score
18
Hey all, one of my friends asked me to help with getting an xbox online behind an overkill firewall (corp network) - he clarified that it is approved but needs to be locked down hard... So I ran some really short tests and forensics on the xbox live connection. Please feel free to add info or help me out if possible.


I scraped the web and found all sorts for low and high level guides on NATing the Xbox, sharing the connection, ports required for use and many other things but I was not able to find a solid list of IPs or a subnet that is required for access to Xbox Live services. The hardened network in question is using BlueCoat as a transparent proxy and has (hilariously) a text doc of whitelisted IPv4 addresses, but it can only manage 80 and 443 traffic. The rules here in question will be routed to the front-end firewall and whitelisted as well as port managed for ingress and egress needs...

It seems that all of the important Xbox live services are under 65.55.42.0/23 my scan showed all hosts up but some didn't resolve to reverse lookups. I am listing the IPs of traced hits from attempting to sign into xbox live being blocked by the network and reverse dns lookups of IPS in the above subnet referencing xbox live.

#####################################
#####################################
Xbox Live IPv4:
65.55.42.20
65.55.42.44 - ts.waypoint.msgamestudios.com
65.55.42.54
65.55.43.73 - portalservices.xboxlive.com
65.55.42.93 - lesthealthfetch.xboxlive.com
65.55.42.128 - uds-part.xboxlive.com
65.55.42.129 - developer.xboxlive.com
65.55.42.142 - feeds.xbox.com
65.55.42.147 - dante.xbox.com
65.55.42.153 - xlptools.xboxlive.com
65.55.42.183 - tgs.xboxlive.com && as.xboxlive.com
65.55.42.210 - rms.xboxlive.com
65.55.42.221 - liveconnect.xboxlive.com
#####################################
Required ports for Xbox:
53 - UDP and TCP
80 - TCP
88 - UDP
500 - UDP
3074 - UDP and TCP
3544 - UDP
4500 - UDP
#####################################
#####################################

Does it look like I am missing anything or including anything that is not required? Sorry for the slightly clueless/annoying and cryptic post. I'm slightly at a loss here and didn't feel like wasting time due to my lack of google skills. My upfront plan is to request the below and if all is working strip until the break point in my POC environment...


#####################################
#####################################
Xbox Live IPv4:
65.55.42.20
65.55.42.54
65.55.42.183 - tgs.xboxlive.com && as.xboxlive.com
65.55.42.221 - liveconnect.xboxlive.com
#####################################
Required ports for Xbox:
53 - UDP and TCP
80 - TCP
88 - UDP
500 - UDP
3074 - UDP and TCP
3544 - UDP
4500 - UDP
#####################################
#####################################

There is also the chance that I am being clueless about something as well. So advanced apologies if that is the case.

Thanks!
 
Professional

Professional

Administrator
Administrator
Programmer Bug Finder Supreme Bounty Hunter
Messages
6,077
Reaction score
4,927
Yeah, 65.55.42.179 is supposedly the main login for 360, the 183 for Xbox One. And 65.55.42.23 or 123, I'm forgetting which is the upstream or something like that. You will for sure need the 179. I believe 65.55.42.100-65.55.42.255 is allocated all for Xbox. Don't quote me for this.
 
Sean_J

Sean_J

Enthusiast
Messages
344
Reaction score
18
Thanks m8. Looks like ill have to set up a monitor because there is no postings on exact ip requirements for live services.
 
Top Bottom