Enable Open NAT on your Mikrotik router for Xbox Series X|S

There are many posts online about Xbox NAT issues, the forums have many examples and solutions most suggest UPnP, but it is not secure!

We have a simple way to enable Open NAT, in this example we are using a Mikrotik router (this applies to all Mikrotik routers running Router OS).

First assign a static IP to your Xbox Series X|S (internal LAN / Network IP), go to: Settings / General / Network settings / IP settings / Manual.
i.e.
IP: 192.168.1.10 in this example. (NB! You need to make sure you use an IP within your LAN / Internal networks subnet!)

On your Xbox Series X|S setup a port manually then adapt the script “dst-port=” to match your selected port: Settings / General / Network settings / Advanced settings / Alternative port selection.
i.e. dst-port=52702 (NB! remember to change this to match your Manual port.)

This script assumes your WAN interface is ether1, if not adapt the script to match which port you are using for WAN on your Mikrotik.

SSH into your Mikrotik or via WinBox and open “New Terminal” and run:

/ip firewall nat
add action=dst-nat chain=dstnat comment=”PF to XBOX” dst-port=52702 in-interface=ether1 protocol=udp to-addresses=192.168.1.10

/ip firewall filter
add action=accept chain=input comment=”XBOX port for Open NAT” dst-port=52702 in-interface=ether1 protocol=udp
add action=accept chain=forward dst-port=52702 in-interface=ether1 protocol=udp

It is important to move the new rules you created to above any block rules on the Mikrotik under the IP / Firewall / Filter Rules section.

For any other Firewall or Router the logic is the same: allow the port you manually selected and then create a UDP Port forward to the Xbox’s static IP that you created.

Fin!