I am not sure if it is problem of ports, but you can do port forward of all these ports
- Port 88 (UDP)
- Port 3074 (UDP and TCP)
- Port 53 (UDP and TCP)
- Port 80 (TCP)
- Port 500 (UDP)
- Port 3544 (UDP)
- Port 4500 (UDP)
53, 80 is used for DNS and http, not sure why these will be used. Pls port forward other ports first.
The Xbox is using Tredo, a tunnel for IPv6 over IPv4 … A huge security problem and a lot of providers are not happy with it.
Unfortunately the Xbox help pages are not helpful at all. As @alzhao wrote, they write about forward totally not related ports (DNS, HTTP). This is not needed.
I wrote something, that can work, see Gl mt300 v2 nat problem xbox - #8 by LupusE. But no guarantee, if your provider is blocking Tredo.
As far as I know the Xbox is using IPv6 native. With the Tredo protocol it will tunneling IPv6 over IPv4, if no IPv6 is available. A very huge security issue, because you have no chance to configure/secure this tunnel, am attacker who claims to be Microsoft is able to use the Xbox as hopper to your network … In theory, this for another day. Back to topic:
The Xbox indeed needs some open ports. Put the Xbox in DMZ, as ‘Exposed Host’ or whatever you’ll call it could work. But I strongly recommend to forward only the needed ports.
88 UDP 3074 TCP/UDP 3544 UDP [Alternate Port]* TCP/UDP
(* The ‘Alternate Port’ that depends on the user. Regular the Xbox will negotiate a Port itself and use it for Multiplayer or Chat and so on. But you can set it to a fixed port per user.
On the Xbox Settings: Network Settings - Advanced Settings - Alternate port selection. Here you can select one from a bunch of port numbers. It needs to be forwarded in TCP and UDP. One port per Xbox-User)
Upnp never worked for me, with different routers. Maybe one time during setup/testing, but never reliable.