We do our absolute best to allow every service possible to our students. Obviously, in housing students, we have a demographic that is in the sweet spot for gamers. Being a smaller University, and our IT predecessors not having the foresight to get their class B from ARIN, we're stuck using NAT to provide access to the Internet for Faculty, Staff, and Students alike. Because of this, this throws wrinkles into supporting online services such as Xbox Live, Playstation Network, etc. I've pretty much thrown up my hands at being able to do anything other than Strict NAT, and am curious (short of having public addresses everywhere) if anyone else has tackled this problem and solved it. I'd love to be able to grant a better gaming experience to our students living on campus
Edit: not need to answer that question since Xbox don't allow you connect using 802.1x .
One thing you could do is a combination of mac auth matching the OUI based on the type of device and placing those in a particular role that allows you to access everything but some of the insecure protocols , this a method we are using today