Firewall causing NAT error with XBox Live

I am connected to XBox Live through my laptop via ICS, but keep getting NAT errors when I run the XBL connection test. It’s usually a Moderate NAT error, but occasionally comes back as Strict. I’ve confirmed that Comodo seems to be the cause of the problem, as when I disable the firewall the test is able to complete without errors.

My configuration is as follows:

OS: Windows XP SP3
Comodo Firewall v3.10, currently set to Safe Mode

TCP Destination Ports Open: 3074, 3390, 3932, and 5555
UDP Destination Ports Open: 88, 3074, 1900, 3776, and 7777

As I said, I’m able to connect to XBL and have no problem downloading anything. I just really want to figure out what’s causing this NAT error.

Thanks ahead of time for any help you can offer.

You need to open ports in CIS for incoming traffic. Do as follows in the example beneath and do this for each port.

To open the port TCP 1723

Firewall → Advanced → Network Security policy → Global Rules → Add → fill in the following:
Action: Allow
Protocol: TCP
Direction: In
Description: Incoming Port

Source address: Any
Destination Address: Choose MAC or Single IP address (only when it is fixed) or Host Name
Source Port: Any
Destination Port: 1723

Then push Apply → Ok.

Now make sure the rule is somewhere above the basic block rule(s), they have a red icon, at the bottom.

All of the ports I mentioned were already opened in CIS, so I’m not sure I understand what you were asking.

Interestingly enough, I did find a solution of sorts. As mentioned, I was using Internet Connection Sharing, but did not enable the option to allow computers I was sharing the connection with to modify it. After I enabled the option, the XBox would automatically create a rule for whatever IP it had so the ICS settings would let the appropriate traffic through. As far as I can tell, this has fixed the problem; I tested the connection three different times last night but did not get any NAT errors.