FightingChance
Member
I finally found out what was stopping me from signing into Xbox Live on a 360 - my 3com router's anti-DoS protection was hanging the signal during the handshake. Unfortunately, while I can deactivate the DoS protection, it also turns off the SPI firewall, which is neccesary to leave on for protection. Putting the 360 in the DMZ doesn't work, either.
I am afforded several changeable variables with the DoS protection, however as I am versed in computer wizardry all this stuff escapes me, and I'm not sure what I can safely set it to (I'm not worried about DoS attacks, but I don't want to inhibit the functionality of the router, either.)
Here's a readout of what I can change:
DoS Detect Criteria
Total incomplete TCP/UDP sessions HIGH : 500 session
Total incomplete TCP/UDP sessions LOW : 400 session
Incomplete TCP/UDP sessions (per min) HIGH : 500 session
Incomplete TCP/UDP sessions (per min) LOW : 400 session
Maximum incomplete TCP/UDP sessions number from same host : 50 session
Incomplete TCP/UDP sessions detect sensitive time period : 500 msecs
Maximum half-open fragmentation packet number from same host : 150 packet
Half-open fragmentation detect sensitive time period : 30000 msecs
Flooding cracker block time : 75 secs
There is also a section for 'Connection Policy'; I'm not sure if any of these could have an effect but I might as well list them:
Connection Policy
Fragmentation half-open wait : 10 secs
TCP SYN wait : 30 secs
TCP FIN wait : 5 secs
TCP connection idle timeout : 3600 secs
UDP session idle timeout : 30 secs
H.323 data channel idle timeout : 180 secs
If anyone could assist I'd be very greatful; I don't feel like changing one thing at a time and re-trying Live to see what the magic combination is. I know I need to pull the logs from the router; I haven't done that yet. Any advice is appreciated.
I am afforded several changeable variables with the DoS protection, however as I am versed in computer wizardry all this stuff escapes me, and I'm not sure what I can safely set it to (I'm not worried about DoS attacks, but I don't want to inhibit the functionality of the router, either.)
Here's a readout of what I can change:
DoS Detect Criteria
Total incomplete TCP/UDP sessions HIGH : 500 session
Total incomplete TCP/UDP sessions LOW : 400 session
Incomplete TCP/UDP sessions (per min) HIGH : 500 session
Incomplete TCP/UDP sessions (per min) LOW : 400 session
Maximum incomplete TCP/UDP sessions number from same host : 50 session
Incomplete TCP/UDP sessions detect sensitive time period : 500 msecs
Maximum half-open fragmentation packet number from same host : 150 packet
Half-open fragmentation detect sensitive time period : 30000 msecs
Flooding cracker block time : 75 secs
There is also a section for 'Connection Policy'; I'm not sure if any of these could have an effect but I might as well list them:
Connection Policy
Fragmentation half-open wait : 10 secs
TCP SYN wait : 30 secs
TCP FIN wait : 5 secs
TCP connection idle timeout : 3600 secs
UDP session idle timeout : 30 secs
H.323 data channel idle timeout : 180 secs
If anyone could assist I'd be very greatful; I don't feel like changing one thing at a time and re-trying Live to see what the magic combination is. I know I need to pull the logs from the router; I haven't done that yet. Any advice is appreciated.
