I'm just getting on the Xbox 360 bandwagon here, so forgive this post being "late" for most people. But, if you're like me and you're just getting your console, you may have noticed that not everything is going to work properly. To fix this is real simple, and it just following the instructions I posted a while back for port forwarding on 8.3. You'll need to start this off by giving your Xbox 360 a static IP address. This can be done under settings. You'll also need the 3 ports that you're going to have to forward. That's tcp:3074, udp:3074 and udp:88.
Step 1: Create a new object group for your Xbox 360.
asa5505(config)# object network xbox
Step 2: Add the static IP of the Xbox to the network group.
asa5505(config-network-object)# host 10.11.12.13
Step 3: Forward the ports via the NAT command.
asa5505(config-network-object)# nat (inside,outside) static interface service tcp 3074 3074 asa5505(config-network-object)# nat (inside,outside) static interface service udp 3074 3074 asa5505(config-network-object)# nat (inside,outside) static interface service udp 88 88
Step 4: Exit back to the root and add the access lists
asa5505(config)# access-list outside_access_in extended permit tcp any object xbox eq 3074 asa5505(config)# access-list outside_access_in extended permit udp any object xbox eq 3074 asa5505(config)# access-list outside_access_in extended permit udp any object xbox eq 88
That's it! If need to know exactly what's going on here, please check my previous post on port forwarding. If you do your work through the ASDM, just use my post on port forwarding via the ASDM and make the necessary changes to ports, IP addresses and names. Now you just need to go to your Xbox 360 and retest the connection. You'll see that no longer does it say that you are using restricted NAT! Also, if you're having issues with voice over Xbox Live, this should solve those problems.
After further review, I realize that I'm an idiot. You can't add more than one NAT statement to a network object. Create 3 seperate objects (I called them xbox1, xbox2 and xbox3) and add one NAT statement per object. Once you do that, adjust the ACL accordingly.