Xbox 360 Live tutorial

Xbox 360 Live Tutorial

If you use your pc as a gateway for xbox 360 and want to connect to xbox Live follow these instructions:

First define your trusted zone. For doing this go at “Security”->Define a New Trusted Network"

Then create a network rule. Go at “Network Monitor”, select “Add rule” and create the following rules:

Rule 1:

Action = Allow
Protocol = UDP
Direction = In
Source IP = Any
Destination IP = Any
Source port = Any
Destination port = 88

Rule 2:

Action = Allow
Protocol = TCP or UDP
Direction = In
Source IP = Any
Destination IP = Any
Source port = Any
Destination port = 3074

After that move those two rules up, over the default “Block rule”

by pandlouk

Edit on 07 May 2007

For Windows Media Center-based computers
You must add the following rules for MediaCenter pcs

Action = Allow
Protocol = UDP
Direction = In
Source IP = Any
Destination IP = Any
Source port = Any
Destination port = A set of ports = 1900,3776,7777

Action = Allow
Protocol = TCP
Direction = In
Source IP = Any
Destination IP = Any
Source port = Any
Destination port = A set of ports = 3390,3932,5555

For more information

If beside all the above you still have connectivity problems check out


My 360 is connected wireless to/thru my router. Is your post applicable to my scenario and/or do I need to do anything special to make sure that it works ok while the firewall is active on the PC?


Yes. I made it by following the instructions of microsoft about XBOX connectivity.

ps. maybe you will have to disable the option “do protocol analysis” on CFP too.

I have made the rule as stated in the first post, but when I go to my Xbox360 and test the connection it gets to the the part IP Address and the test fails. How can I remedy this.


have you defined your trusted zone?
Can you please describe the network rules you have under network monitor?

I defined the trusted zone and set up a rule exactly as it is in the first post.


I am afraid I do not understand, for internet is your Xbox connected at all to your PC, or is it just wireless through your router.

If it is wireless through your router then you may need to assign your Xbox a static IP, for it may be your router blocking the specific ports needed.

Yes my Xbox is connected to my PC and I have ICS set up with my connection. It used to work fine when I had the Norton Firewall.

Which version of CFP do you have? Another user reported that could not make it work with the version 2.3 but it worked fine with the beta 2.4.

Could you please pm me your network configuration? (the Ips of the router, computer and xbox)


Just looked and I have version 2.3. Should I just uninstall and get version 2.4?

The ip of the pc is
ip of Ethernet NIC is
ip of Xbox360 is

I don’t have a router as I connect from my Xbox directly to the ethernet port on my PC woth a crossover cable and use Internet Connection Sharing.

I tested the Xbox Live connection again this time it said Network Adapter is wired. Ip Address confirmed, and then the DNS test failed. Yet when I turn off Comodo it connects it passes all the tests.

Yes you should install version 2.4. (the stable version 2.4 will be released on 4th January)
ps.I modified your internet IP for protecting your privacy

If you’re using Windows ICS, it has come to my attention that you may have to allow IGMP on the “network” in order for the connection sharing to work.

Even though it would be covered as an Internet Protocol under the Trusted Zone used for ICS, it may need some separate rules - this will depend entirely on the idiosyncrasies of the individual system. If it’s working fine without the additional rules, that’s great; no need to create more.


Ok thanks for the help guys. I will get the new version in a few days.

I sincerely apologize for bringing this post back out, as I see it has not been active for around a month or so…

I’ve been trying to figure this out for awhile now and I just came across this post.

I am quite unfamiliar with firewalls and networking, so I apologize for my ignorance…But what exactly do I need to do to define a new trusted network zone…I mean what IP Addresses do I need to use?

Thanks for any input, and once again I apologize for my late joining of this thread…

I have installed version 2.4 and set up the rule as stated in the first post and I still can’t connect my Xbox 360 to Xbox Live, it fails during the test connection at the IP Address.

How do I allow IGMP on the ‘network’?


Do you remember setting up your “trusted zone” prior to creating the rules for XBox? That “trusted zone” is your “network”.

You’ll need to add another two rules (one In, one Out) to your Network Monitor, virtually identical to those two trusted zone rules. Here’s where they will vary:

The “Protocol” on both will be “IP.”

Under the “IP Details” tab, you will select “IGMP.”

That will allow IGMP between those connection points; ie, your “network.”


PS: If you need more specifics for those rules, just ask, and I will provide… :wink:

It’s not too difficult, and we can help you with that. First, can you explain a little about your situation?

How many computers do you have connected together?

Do you use a router, etc?

Are you on dial-up, or a high-speed connection (DSL, cable, etc)?

What operating systems are used on the computer(s)?

And lastly, what version of CPF do you have?

There may be some more questions, but that will get us started. That way we can walk you through the process, step by step, in a way that doesn’t confuse… :wink:


So the two new rules should read?:



Aspie, the Source/Destination positions need to switch, dependent on whether the traffic is In or Out.

Thus, your rule for In is fine; the Out rule needs to change to the following:

Action: Allow
Protocol: IP
Direction: Out
Source: Any (or your computer’s IP address)
Destination: Zone: [Xbox]
IP Details: IGMP

OK. Reboot.

Also, if your two rules to allow traffic on the network are in the same order as the two you posted above, that may be your problem… I’ll explain about the Source/Destination thing.

When traffic is going Out from your computer, your computer is the Source (local), and where the traffic is going is the Destination (remote).

When unsolicited traffic is coming In to your computer, the location it is coming from is the Source (remote), and your computer is the Destination (local).

I recommend m0ng0d’s excellent tutorial on how to understand Network Control Rules. It was written for an earlier version of CPF, so some of the wording is different; but the concept is the same.

Hope that helps,


I set up the rule like you said. First time I tried Xbox Live and it connected fine. Second time I tried it again failed at the IP Address test. I tried switching the rule around and put the OUT rule before the In rule and it still won’t connect.

I think I may have to just give it up as a bad job and just resort to turning off the firewall while I connect to Xbox Live and then turning it back on again.