Hello, Everyone! It’s Echo2Niner with some new knowledge I’d like share only after learning by many, many hours of trial and error.
So, I found myself playing around with different types of Check Point firewalls lately, Specifically, a Check Point 730, a 3200 and a 4800. I’m now definitely a huge fan.
The Checkpoint 730, is a smaller model for, in my opinion, SOHO/SMB to host 100 nodes or less . It is managed by a web based only GUI which I find very easy to use.
The Check Point 3200 is a more robust model for SMB that has a web based GUI specifically to perform, in my opinion, the initial networking setup and later for more in-depth network aspects. To manage firewall rules, one uses the SmartConsole application which connects and let;s you configure software aspects as well as firewall policy and NAT rules.
The Check Point 4800 is like the 3200 in terms of software management but it’s more of a datacenter device. Although it is still sold and supported currently, it has a successor model which is the 5800.
I’m a Windows Systems Engineer by trade so I normally don’t wade into the networking field much. I know subnetting and that’s about it so I like to leave the networking stuff to the professionals.
Now on to Xbox. Any firewall I use at home must be able to, at minimum, run port forwarding to my Xbox One X. Whether it be at worst, UPnP v2 with Secure UPnP where I can make the Xbox the only node that can use UPnP. Or standard port forwarding.
With the Check Point 730, The port forwarding was an easy affair in the web GUI for the most part but I had to add a specific outbound NAT rule that when the Xbox left the LAN going to the internet it did so via the WAN IP not your standard hide NAT.
On the Check Point 3200 and 4800. It was a different story, It’s all the same ports to be forwarded but two were to be notated as protocols with ports as opposed to just ports. And the specific outbound NAT rule I spoke of above was also needed.
After that, my Xbox One X enjoyed open NAT on every session. I’ve documented what I did specifically on the 3200 so others having difficulties can get theirs working. I am no an networking professional nor do I claim to be. Use this .pdf at your own risk.