So this is something many people have had to deal with since the inception of online gaming (generally on consoles).
If you were to go through the NAT error solution troubleshooting steps on xbox.com, you would get recommendations to:

  1. Enable UPnP on your router….on the WAN side…NOPE. This is a security risk. Don’t do it.
    1. Utilize a DMZ setup. No. This is stupid and unnecessary. Although it is the easy way out…
    2. Forward some ports? Hell yeah! Plus most people know how to do this already as they’ve probably tried hosting online games etc..
      Really, its all about ensuring the service can connect back to you (and other players for that matter if your selected as a host(open nat)). Hence opening ports is generally your best and most sane (and safest) option.

So without further ado, these are the ports that you need to forward to your xbox IP address (I recommend setting it statically if you haven’t already):

Port 88 (UDP) Port 3074 (UDP and TCP) Port 53 (UDP and TCP) Port 80 (TCP) Port 500 (UDP) Port 3544 (UDP) Port 4500 (UDP)

NOTE these are the ports Microsoft says to forward after you spend 10 minutes going through their troubleshooting pages….

Mario Loria is a builder of diverse infrastructure with modern workloads on both bare-metal and cloud platforms. He's traversed roles in system administration, network engineering, and DevOps. You can learn more about him here.