PDA

View Full Version : FG Knowledge Base - Firewalls



Pages : [1] 2

Crusader
April 9th, 2006, 11:16
I've had in my mind to make a community-driven knowledge database to help people to configure their firewalls for Fantasy Grounds. This is not a complete tutorial on networking for Fantasy Grounds, but it's a start. My hopes are that the devs make this thread sticky so that new users can find it easy, and that all other users in this community make similar entries about their firewalls. Also, please keep this thread as clean a possible, thank you!

I'll start by making the first entry, to show what I had in mind and to set a template for other entries.

Step 1: Setting a static IP-address

**NOTE: The screenshots in this section are from a swedish OS. If someone could provide me with similar screenshots but from an english OS that would be greatly appreciated. Mail the screenshots to: crusader (a) harn (dot) se. Thanks!

This is writen from the perspective of using a hardware firewall/router, and it is something that only the DM/GM need to do. The reason to set a static IP is that the firewall needs to know what IP it should forward the incoming requests from the players to.

If you do not have a hardware firewall/router, or a xDSL- or cable-modem that also acts as a firewall, then you shouldn't set a static IP.

Open a DOS-prompt and type


ipconfig /all

This will show you your current IP-configuration, and it will give you most of the information that you need:

http://www.harn.se/img/fgdb/0_1_dos_prompt.jpg

What you need to configure on your PC is:


IP-address
Subnet mask
Default gateway
DNS-server


The ipconfig-command gives you all this information except the IP-address. To know what IP-address to use you need to look at the subnet mask. This shows which of the octets in the IP-address identifies the subnet, and those octets are fixed.

So in the example above, the subnet mask is 255.255.255.0 which means that 192.168.1 is fixed and 3 is the part that we can change. To know what we can change to we need to find the DHCP-scope of the firewall. Find out how to do this in the firewall-tutorials below. The scope consists of those addresses that the firewall can hand out dynamically, so you shouldn't use any of those addresses.

Example:

The DHCP-scope of the firewall is 192.168.1.3 to 192.168.1.51. When we choose an address, given that the subnet mask is 255.255.255.0 and the default gateway (the IP-address of the firewall) is 192.168.1.1 - it means that we can use 192.168.1.2 or 192.168.1.52 to 192.168.1.254.

Say for instance that we choose the address 192.168.1.200. Open up the setting for the network interface:

http://www.harn.se/img/fgdb/0_2_nic_properties.jpg

Select the 'Internet Protocol (TCP/IP)' entry and click properties:

http://www.harn.se/img/fgdb/0_3_ipaddress.jpg

Instead of assigning the address dynamically, configure the PC of using the IP-address that you have chosen as static IP. Make sure that the netmask, gateway and DNS-server is exactly the same as listed by the ipconfig-command above. Click OK and OK, and make sure that you still can connect to the Internet.

Step 2: Configuring the firewall

NOTE: If you don't find your particular brand of firewall below, look at the examples here and see if you can figure it out. Otherwise, post a new thread about it and we'll try to sort things out. If you have a working configuration, please add to this thread following the same format as below to show others how you configure that particular firewall.

Crusader
April 9th, 2006, 11:18
Netgear WGT634U

For the DM

Finding out the DHCP-scope

This information is to find what IP-addresses to avoid when you set a static IP-address in the step above.

To find out the DHCP-scope on the WGT634U, click on LAN IP Setup in the menu to the left:

http://www.harn.se/img/fgdb/1_dhcp.jpg

In the screen above, we can see that the scope is 192.168.1.3 - 192.168.1.51. This means that you shouldn't use any of those addresses for your static IP-address.

Configuring Portforwarding

Under Advanced, there's a menu entry for Port Forwarding/Port Triggering, click it to get the following screen:

http://www.harn.se/img/fgdb/2_portforward.jpg

Click 'Add Custom Service':

http://www.harn.se/img/fgdb/3_customservice.jpg

The service name is just a name to make it easier for your reference, so a good idea is to name it FantasyGrounds. Service type is TCP, and both the starting port and the ending port should be 1802. The Server IP Address should be the same address as you chose as static IP for your PC earlier. For my example i chose 192.168.1.200, so that is why I've entered it in the screenshot above.

You should end up with an entry looking like this:

http://www.harn.se/img/fgdb/4_finished.jpg

Time to start up Fantasy Grounds and have someone connect to you to see that it works. Note that the player should connect to the external IP of your firewall, which is shown under Basic Settings.

For the player

The WGT634U is open for all outgoing traffic, so there's no need to configure anything to use Fantasy Grounds as a player.

lokiare
June 26th, 2008, 06:36
One thing that may come up is if you have a router/modem with a firewall connected to a router with a firewall which is then connected to your computer. In this case you would need to forward the router/modem to the IP of your router which can be gotten with start->run->cmd ipconfig (default gateway) on windows XP (not sure about vista). Then from there you go into your router and forward your port to the computer you are using. Which is the ip address from ipconfig.The port that is used by default is 1802.

Nedellion
January 27th, 2009, 09:05
Excellent post! I don't have the same router that you used in your example, but I configured mine without a problem. Thanks for the help!

King Joey
January 21st, 2010, 12:27
I have an Actiontec MI424WR router from Verizon FiOS, and the screens are absolutely unlike anything in this thread. However, if I was able to follow the idea correctly, it seems my router has "occupied" the IP addresses 192.68.1.2 through 192.68.1.254, which would be all of the available ones. Any idea how to proceed, or any idea how any of this works with the Actiontec?

Griogre
January 22nd, 2010, 20:55
I have this router. If you are like me the manual doesn’t conform to the latest firmware so there are differences between it and the actual menus.

This router is suppose to be “friendly” in you don’t need to change the range of dynamic addresses to make a local IP static - thus it is fine that all addresses are listed in the dynamic range. This is because you can check any assigned address and tell it to be static and the router does this even if you address falls in the dynamic address range. This is suppose to make it easy, but – of course – what it really does is make it confusing as hell until you realize the DNS server’s dynamic range doesn’t matter. :p

To set up this (and any other router) to host FG you need to do three things - open the port, forward the port and make the local IP of the server static. On this router do the following:

1) Make the local IP address of the computer that you are going to host the FG server a static IP. You want to do this so that local IP is never assigned to a different computer which will break port forwarding. You need to boot up the computer that is going to host so it is assigned a lease.

Hopefully we have firmware that is about the same version so the steps are identical. The first thing to do is log into your router with your browser using the router’s local IP address. Click Advanced at the top and say yes to the “cover your butt” warning. Click “IP Address Distribution”. On the next screen you should see a button that says “Connection List”. Click the button. You should see a list of computers connected to the local network. Click on the name of the computer you want to run the FG server. This should open a window with the name, local IP and MAC address of the computer. At the bottom is a check box to make this a Static Lease Type. Check the box then click the Apply Button. That computer now has a static lease so it’s local IP address will never change.

2) Next you need to port forward anything that comes in to your router’s external IP address on port 1802 to your computer that hosts FG. Because this is “friendly” router it will automatically handle the third step of opening the port too - once you set up the port forward.

Click Firewall Settings, then say yes to the “cover your butt” warning. On the left side menu click Port Forwarding to go to the port forwarding screen. Underneath the Networked Computer / Device colum you should see “Add” in red. Click it. This will bring up the Add Port Forwarding Rule screen. On the Networked Computer / Device line click the Specify Address drop down and select the name of the computer you setup for the static lease. On the Protocol line next to the Specify Protocol dropdown is “Add” in red letters. Click Add. This brings up the Edit Service Screen. For the Service name Type in FG Server or something similar. Under server ports in the last column called “Action” click the graphic with the “New” tooltip.

This should bring up the Edit Service Server Ports. On the Protocol line click the drop down and select TCP. This adds another line to the screen. For Source Ports click the drop down and select Single. Then fill in the empty box that appears on the same line with 1802 which is the port FG uses. Do the same thing to Destination Ports – selecting single and 1802 and then click the Apply button at the bottom. This brings you back to Edit service. Click that Apply Button. This will bring you to Add Port Forwarding Rule. Make sure the “When should this rule occur?” line says “Always” on the drop down. Click that Apply Button. This should take you to the Port Forwarding screen you started in. Make sure your new rule is checked. That should be it. Good luck. :)

Valarian
January 23rd, 2010, 13:34
I have an Actiontec MI424WR router from Verizon FiOS, and the screens are absolutely unlike anything in this thread.
The FAQ includes a link to a very good website on port forwarding, giving instructions for several routers.
The link for your router is: http://www.portforward.com/english/routers/port_forwarding/Actiontec/MI-424-WR/default.htm

jafty
August 23rd, 2010, 02:44
This post got me up and running for the first time since I've owned the software. Thank you!

Gakarak
September 11th, 2010, 16:26
Maybe that was just explained but I didn't get it straight...
The problem is the following: I am using windows 7 64 bit but I am not able to connect, how do I do it?
:confused:

Griogre
September 13th, 2010, 09:55
You need to be a player in a game to connect to a server. The GM of the game will normally tell you how to connect by giving you a server alias. You can only connect when the GM's server is up.

Specifically you need to start FG, click the Join Game button, input your user name for the game and the alias or server's external IP address. If your GM is on the same local LAN as your computer then instead of an alias or external IP address, you need to connect to his server by using the server's *local* IP address which he will have to tell you.

Antonio Martorell Ferriol
November 15th, 2010, 10:55
Hi !

I'm in the case that have 2 routers...

Line - R1.Cable Modem (Atlanta) - Wan - R2. SMC Wireless 192.168.2.1 - The rest of the Machines (192.168.2.1xx)

I've configured the SMC to send the port 1802 to my machine (192.168.2.104) and when I make the test of FG it gives me ok... but my colleague couldn't connect to my... If I try to his machine then it worked ok... So I belive the problem is that I should forward also the R1... but where ? to the SMC address (192.168.2.1) or mine also (192.168.2.104)

Thanks for all !

Arlanthe
November 20th, 2010, 05:36
Hello, I just bought a GM license and five player licenses in a bundle (I have the GM license). We haven't gotten up and running yet due to the network issues.

I have a cable modem, which goes into a router, and that router goes off to several computers. Does that mean I have a "two router" scenario? As far as my security settings, I turned Windows firewall completely off (no other security software is running), I have a static IP and have assigned my router to forward 1802 to my box IP.

I have even disabled my cable modem and router firewalls to no avail. The Fantasy Grounds test always results in "Failed" and a port check of my external IP for port 1802 at CanYouSeeMe.org always times out. Any thoughts?

Griogre
November 21st, 2010, 02:16
Yes, you have a two hardware firewall setup. You need to open 1802 on both and on the cable modem forward 1802 to the router which needs forward the port on to the local IP address of the computer hosting FG. Then you need to open the port on your software firewall which you can't usually do if the software is turned off.

Arlanthe
November 21st, 2010, 16:46
Ok, I am certain I have no problems with my Windows firewall and have no anti-virus running right now. I am also certain my router forwarding to my static IP is correct (I have port forwarded many times on the router for gaming applications). I did try again with software on- no dice.

Maybe the issue then, is with the modem (though it hasn't given me problems with port forwarding before). In forwarding in the modem software, I can only forward to 192.168.0.X (X > 2 but < 256)- the first thee bytes are fixed, I can only change the last. My router lives at 192.168.1.1.

Moon Wizard
November 21st, 2010, 21:05
You need to find the external address for your router, which should be in the 192.168.0.x range, if your modem is at 192.168.0.1. Then, you need to set up port forwarding on your modem to the router IP for 1802.

Cheers,
JPG

netgremlin69
December 30th, 2010, 18:14
I found the solution for the Belkin Wireless G Router, my model is f5sd7230-4. type "http://192.168.2.1/" to access your settings. Under the firewall tab on the left hand side, click on "virtual servers". You have to create a server with the IP address that you want followed by the port number that you want open.

Hope this helps

Carlos Luzzi
February 11th, 2011, 01:35
I&#180;m using a Belking to model sis 900, It seems I can&#180;t access the adress "http://192.168.2.1/" in my browser. I bought FG this weel and cant Host games yet. I allready disabled my Fire Wall, and set up the 1802 port to FG... Can some one help me out? Thanks.

Phystus
February 11th, 2011, 02:47
Go to the Start menu, select 'Run'. In the Run window, type cmd.exe. This will open a DOS window. Type ipconfig and press enter. Note the default gateway. You can then close the cmd.exe window.

Now put the default gateway number into your browser and try again.

~P

Carlos Luzzi
February 11th, 2011, 14:05
Phystus, Thanks it worked!
But when I get to the router address I can’t get to the step where I set up a forwarding port...

Edit: Never Mind, I just saw the poster above, and I went to the Virtual Server and opened a port for FG2. It worked! Finally my Status is connected! thanks a lot guys!

Here is the image for future reference for user that might have the same problem:


http://img607.imageshack.us/img607/6650/15250953.jpg (http://img607.imageshack.us/i/15250953.jpg/)

Uploaded with ImageShack.us (http://imageshack.us)

Carlos Luzzi
February 12th, 2011, 14:14
One more question: After setting up the router, FG is working fine, but the other computer on my net work lost the internet conection. Anybody knows how to get this fixed?

Thanks again

Claybot
July 29th, 2012, 20:33
ohmawgods! You're awesome, I'm not very adept at computers but I followed your tutorial and had success! I feel like a champ and so should you!

Emrak
September 15th, 2012, 18:14
This is not nearly so awesome as the original post and I do repeat some of the things the OP said, but this is how I set up FG2 to work on my new box running Windows 7. NOTE: this does not cover Windows 7 Firewall set up. This assume all that is already good-to-go.

1) Go to your router's homepage (for most routers, it's http://192.168.1.1/ and login.

2) In your router, set port forwarding for TCP, ports 1801-1803. Make sure it's "enabled" (if applicable) and make sure it's forwarding to an IP address of your choosing (use "192.168.1.19" for this example). Make sure you hit the "save" or "submit" button to save your work thus far. If you need extra help with this step, go to http://portforward.com/ and try to locate the walk-through for your specific router type.

3) Back on your PC, go to start->all programs->accessories->command prompt

4) In the console window type "ipconfig /all" and hit enter.

5) You should see something like this:

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : abcd.ny.comcast.net.
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 1C-34-B5-19-2A-CD
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : ge81::ad97:2a61:715e:b2d6%22(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.108(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, September 15, 2012 12:16:37 PM
Lease Expires . . . . . . . . . . : Sunday, September 16, 2012 12:16:37 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 244091301
DHCPv6 Client DUID. . . . . . . . : 00-01-02-03-19-6D-7A-41-8D-99-B5-25-4D-AD

DNS Servers . . . . . . . . . . . : 75.75.75.75
75.75.76.76
192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled


What you're most interested in here is the "Subnet Mask," "Default Gateway," and "DNS Servers." Just leave that window open for now and move along to step 6.


6) Go to control panel->network and internet->network connections and right-click on local area connection, then go to "properties"

7) Uncheck "internet protocol version 6" if it is checked.

8) Highlight "internet protocol version 4" and then click "properties" button.

9) Select "use the following ip address" and enter in the IP address you entered into the port forwarding part of step 2 ("192.168.1.19" in this example).

10) Insure your "Subnet Mask" is the same as what you see in the console window (the window you opened in step 5).

11) Type in your "Default Gateway" using the entry you see in the console window (the window you opened in step 5).

12) Type in your two "DNS Server" entries. You should see them in your console window from step 5 as well.

13) Check "validate settings upon exit" and hit OK, then hit Close. You may get a pop-up asking you if you want Windows to try to fix your network or some-such. Disregard it and hit Cancel.

14) If all has gone well, you should still be on the internet. Open Fantasy Grounds and go to Create New Campaign and hit the "Run test" button. Again, if all has gone well, it should say "Success."

At this point, you should have one of your players try to connect to your FG to see if they can get in. Best of luck! :D

Markus Feldmann
October 9th, 2012, 19:19
Running FG2 as CLIENT:

from client to server sourceport:1024-65535 destinationport:1802 (tcp)
from server to client sourceport:1802 destinationport:1024-65535 (tcp)

Running FG2 as SERVER:
It seems that a FG2-client sends many packages to my FG2-server, so that my firewall think it is an attack. Can some developer test this under linux with iptables? My rule which block this communication looks like this:


iptables -A attacksinput -p tcp -m conntrack --ctstate NEW -m multiport --dports 1:79,81:442,444:65535 -m hashlimit --hashlimit-name attacksinnot_80 --hashlimit-upto 6/hour --hashlimit-burst 20 --hashlimit-mode srcip -j LOG --log-level info --log-prefix "attacksinput(!80): " && \

regards Markus

Moon Wizard
October 9th, 2012, 20:12
We only have one developer (me), and I do not have have a Linux machine to test with.

I do know that Fantasy Grounds will send hundreds of packets during the initial synchronization, since each database node is transferred as a packet.

Regards,
JPG

Markus Feldmann
October 9th, 2012, 21:18
We only have one developer (me), and I do not have have a Linux machine to test with.

I do know that Fantasy Grounds will send hundreds of packets during the initial synchronization, since each database node is transferred as a packet.

Regards,
JPG
That is the problem, there are to many packages during the initial synchronization. Is there a chance that the network communication changes in the future. My firewall rule is important, because it blocks senders which flooding my router/network. And this does your FG2-client. I will try to fit my firewal to your FG2 a bit.

@admin
Is it possible to change my username afterwards?

regards Markus

Griogre
October 9th, 2012, 21:31
Regarding the username change try sending an e-mail to [email protected]

damned
October 9th, 2012, 22:21
iptables -A attacksinput -p tcp -m conntrack --ctstate NEW -m multiport --dports 1:79,81:442,444:65535 -m hashlimit --hashlimit-name attacksinnot_80 --hashlimit-upto 6/hour --hashlimit-burst 20 --hashlimit-mode srcip -j LOG --log-level info --log-prefix "attacksinput(!80): " && \

markus - you have an exception to your rule for HTTP and HTTPS (80 and 443) you could modify your rule to also scan all other ports other than 1802...


iptables -A attacksinput -p tcp -m conntrack --ctstate NEW -m multiport --dports 1:79,81:442,444:1801,1803:65535 -m hashlimit --hashlimit-name attacksinnot_80 --hashlimit-upto 6/hour --hashlimit-burst 20 --hashlimit-mode srcip -j LOG --log-level info --log-prefix "attacksinput(!80): " && \

i also assuming that this is only affecting you whne hosting a game - this rule shouldnt affect you playing/joining a game.

Markus Feldmann
October 10th, 2012, 18:43
i also assuming that this is only affecting you whne hosting a game - this rule shouldnt affect you playing/joining a game.
Thats right, this problem is only affecting me when i am hosting a game. Yes i have an exception for port 80 and 443, but i have a second flooding protection for these two ports only if i am hosting a web side, so these ports are no problem. All my ports have flooding protection.

regards Markus

damned
October 10th, 2012, 22:13
ahhh but your firewall is not accurately measuring what is a flood. the amazon river discharges 200,000 tonnes of water a second - but it can cope with that. the traffic you are receiving on port 1802 is no more than what FG is designed to be able to receive.

Markus Feldmann
October 11th, 2012, 00:13
ahhh but your firewall is not accurately measuring what is a flood. the amazon river discharges 200,000 tonnes of water a second - but it can cope with that. the traffic you are receiving on port 1802 is no more than what FG is designed to be able to receive.
The flood attack beginns, when it reaches this limits:

--hashlimit-upto 6/hour --hashlimit-burst 20 --hashlimit-mode srcip
The queue of initial packages has a volume of 20 and it forgets 6/hour. If i can remember this firewall rule correctly. So after a burst of 20 initial packages it needs to be cleared first to take new packages. This queue will be cleared with a speed of 6/hours. I can setup these values, but i need to know how many initial packages this may be from a client maximal. And i dont want to setup these value to big.

damned
October 11th, 2012, 00:47
you might need to turn off your firewall and run wireshark or other software to determine your own appropriate limits. i dont know (and have never had need to look) at what is going on at this level. i am guessing that the number of packets will vary greatly dependig on the size of your campaign and its associated ruleset data.

what is a package? if it is packets then this number is massively inadequaqte. if you have a player connecting to your campaign for the first time and you campaign data is 5MB (not at all large) then you could easily be sending 5000 packets in the first 10mins. i have no idea how many packets would be being received by your computer but again i would suggest that it would likely be at least 5% of that being sent(requests and posssibly acknowlegements and then also the local player data being sent back).
if you have 2 players connecting you would need double that.
then you have plenty of data transfer as the game is played - certainly more than 6 packets per hour... probably, safely hundreds of times that number.
when you are hosting a game you are acting as a server. its like at home you might get 3 visitors a day while at work at grand central station you get 250,000 people come by.

JohnD
September 14th, 2013, 02:47
OK so interesting problem.

A few days ago I was able to host players and connect to myself, no problem.

Then I had to change my modem and the internet connection works fine. Now players can't connect to me, but I can connect to myself.

The static IP setup hasn't changed and the port forwarding for 1802 is still in place on my router. This new modem is a Cisco DPC3825 Docsis 3.0 Gateway but I did not enable any wireless functions.

I can also connect to one of the people who are unable to connect to me.

Any ideas?

Moon Wizard
September 14th, 2013, 02:59
I bet the modem has it's own router/firewall capability built-in. You should see if you can log in to the modem administration screen, or contact your ISP if they didn't provide a login for the modem.

Cheers,
JPG

JohnD
September 14th, 2013, 03:00
Crap... yeah I didn't even think of that when I was getting it. I wonder if they can even give me that information.

JohnD
September 14th, 2013, 03:28
If I can connect to myself from the same computer, is that still using port 1802?

JohnD
September 14th, 2013, 03:59
Hmm... just a 20 minute wait on hold... now getting a Success message from FG.

KevinVolt
September 17th, 2013, 00:53
Which Kind of Service do I need to use?
5094
Then after I have a service what do I put here
5095

Thanks in advance I'm really clueless here guys and hope you can help
its a router and a cable modem it may even have a built in fire wall

KevinVolt

damned
September 17th, 2013, 01:08
it wont be a predefined service.
it will need to be manually defined.
tcp
destination port 1802
source port any (usually leave blank)

[sorry cant see your images until they are approved]

KevinVolt
September 17th, 2013, 13:33
Hello,
I'm sorry but that doesn't help me at all did you look at the pictures I need 4 port numbers of 5 or less one port just wont work.

KevinVolt
September 17th, 2013, 13:42
Just realized you cant see the pictures but I need two external ports and two internal ports I can set the tcp on and I have the local ip address thanks to the software in FG. I believe the name it asks for is just a referance name and have been using the name Fantasy Grounds. I tried putting in 1802 for all four ports and it took that but it still doesn't let me make connection for the fantasy grounds software to work.

damned
September 17th, 2013, 13:46
dear KevinVolt.
Name: FG2
Start: 1802
End: 1802
Start: 1802
End: 1802
protocol: TCP
Local IP: your PC IP Address. Turn off SoftwareFW on PC at least for testing.
PM me if you want me to fix it for you.

KevinVolt
September 17th, 2013, 13:47
Do I maybe need port triggering insted of actual port forwarding?

KevinVolt
September 17th, 2013, 13:55
Thank you very much that was it. It works great now.
I found two things where wrong the name FG2 and the local port had changed sense my modem was reset thank you from the bottom of my heart.

damned
September 17th, 2013, 14:33
youre welcome.
welcome aboard - i hope you enjoy using FG2.
if you get stuck or cant work something out or you think something shoudl be there but you can find it - ask away in here (not this thread though) and there will be plenty of ppl to help.
if you cant find something try right clicking first...
drag your players portraits into combat tracker and drag them from combat tracker to maps to keep links between them all intact
drag monsters from modules (monster manual etc) into personalities where you can edit them - eg change "weapon" to "battle axe (1d8)" etc and then drag these into combat tracker and from ct onto map - or drag multiple personalities into a new Encounter which you can easily add wholesale into CT...
thats enough tips for now :)

enygma
November 12th, 2013, 01:58
Hello I have been trying to log in with a mortorola sbg6580 router with time warner cable internet. I have gotten the port addy to ping my router and it comes back as open. For some reason I cannot get it to connect to your guys server. I try testing it and it just keeps staying in the " in progress" cycle. I have followed all the above steps to the letter and everything is set up correctly. I am not sure what to do from here. I have an ultimate lic to use and am stuck not allowing people to hop on to my table.

damned
November 12th, 2013, 02:03
send me a PM enygma.

enygma
November 12th, 2013, 02:22
pm sent thanks

damned
November 12th, 2013, 04:54
hey moon_wizard - the test connection failed to complete - would just hang but I was able to connect from a remote host.
using 2.9.4 on W7x64 at host end.

Feris
July 5th, 2014, 03:12
I'm having the same issue as enygma. Through http://www.canyouseeme.org/ and through PFPortChecker 1802 is open. Originally I had both my modem and router doing that "NAT thing or stuff," but I called my ISP and they put the modem in bridge mode. I was really excited when both of the above resources said that the port was open. FG just won't finish a connection test, though. I even opened another instance and tried to connect and it will eventually time out.

Moon Wizard
July 5th, 2014, 03:19
Have you verified that you can connect to yourself by starting 2 instances of FG already? Use one instance to create/load a campaign, and the other to join a game at "localhost".

Also, you can try connecting from a different machine on same local network using local IP address.

These 2 scenarios test whether a security program (firewall, etc) is blocking network hosting for FG, even if ports are open from Internet.

Also, you need to verify that port 1802 is being forwarded to your local IP if your FG machine, or turn on UPnP on your router and let FG attempt to configure automatically.

Regards,
JPG

damned
July 5th, 2014, 03:28
@Feris - sent you a PM.

Craftzero
August 31st, 2014, 21:18
Hi there,

I recently purchased Fantasy Grounds, and in my attempt to get it going I've realized I'm having a problem with connecting (my connection test is failing). I'm fairly computer savvy, but no matter what I've done it doesn't seem to help. I do (obviously) have connection to fantasy grounds, as well as the internet at large.

* I've set a static IP for this specific IP under my router settings
* I've opened the port 1802 for that IP under my router settings
* I've both tried turning off the Windows 8 firewall, as well as telling it specifically to allow fantasy grounds to use 1802
* Under the router settings for DHCP, it uses 192.168.1.2 from 192.168.1.201 - and my static is outside of that rnage
* When I visit canyouvisitme.com, it states that it can't see 1802.
* I started two instances of fantasy grounds on my PC for testing purposes, and I could communicate between the two.

So any suggestions, folks?

Trenloe
August 31st, 2014, 21:21
When you say "opened port 1802 for that IP under my router settings" what have you actually done?

You need to set up port forwarding to forward incoming TCP communications on post 1802 to port 1802 on your FG computer.

As an FYI: when you're using canyouseeme.org to test for 1802 being reachable you need to have Fantasy Grounds running and hosting a session waiting for players to connect.

Craftzero
August 31st, 2014, 21:43
Hopefully this explains it, Trenloe:

7363

Zeus
August 31st, 2014, 21:47
Hopefully this explains it, Trenloe:

7363

Try setting the port forwarding entry start port and end port to both 1802. Also, double check and confirm the IP your forwarding to is the LAN IP of the PC running FG.

Craftzero
August 31st, 2014, 22:27
Set to only pointing at 1802, and here is the ipconfig /all on the PC I want to run FG on:

7364

damned
September 1st, 2014, 01:15
Sent you a PM.

Craftzero
September 4th, 2014, 19:28
Damned, thank you so much. I'm now up and working on FG!

Apparently - and I did not know this - you can have a firewall blocking 1802 on Windows, your router, *or* your modem. It was the modem, and once I modified it - everything started working.

Again, thank you!

damned
September 5th, 2014, 03:18
Damned, thank you so much. I'm now up and working on FG!

Apparently - and I did not know this - you can have a firewall blocking 1802 on Windows, your router, *or* your modem. It was the modem, and once I modified it - everything started working.

Again, thank you!

Slight ammendent to your comment:
you can have a firewall blocking 1802 on Windows, your router, *AND* your modem

Craftzeros setup was like this:

Internet – modem (router) – router – computer – fantasy grounds

Working backwards –
you have allowed tcp 1802 inbound on all windows firewall profiles – done
you (now) have on router (192.168.1.1) a port forward of tcp 1802 1802 to your computer 192.168.1.210
you now need a port forward on modem (192.168.0.1) of tcp 1802 1802 to your router 192.168.0.2

Nex_addo
September 6th, 2014, 04:24
Okay I've given up trying to do this by myself.

I've opened the ports 1802
I've allowed inbound connections to my firewall
I've created a static ip

Still no joy, Any suggestions?
My router is a NF4V


Cheers

Alex

damned
September 6th, 2014, 04:51
Sent you a PM.

Gooch72
January 12th, 2015, 02:42
I need help. I have FG on my PC and it works fine, both as a player and a GM. My wife is taking over the GM job. We are both on the same router/modem. I have setup port forwarding on her IP and I still cannot get a connection. Port forwarding was setup on my IP a while ago, but I set it up the same, only the IP is different. I have verified that her IP is correct. We are both running Norton, and I have those set up the same as well. I don't know what else to try.

dulux-oz
January 12th, 2015, 05:13
Hi Gooch,

A couple of things: did you disable port forwarding on your IP address - port forwarding is for one IP Address/Port combination, and won't work correctly if its set up for two different IP addresses (well, you can do it commercially, but the equipment costs a fortune).

I also assume you set things up on the Router/Modem (which would be common to both PCs).

Get back to me and we'll see what we can do to help

Cheers

damned
January 12th, 2015, 05:34
check also from YOUR PC that you can connect to the BOSS PC via the INTERNAL IP Address when she has a game loaded.
if you cant connect on the INTERNAL IP then you have something (Norton or WIndows Firewall) blocking incoming TCP 1802 connections.

still stuck - send me a PM and we can work something out.

Gooch72
January 12th, 2015, 14:17
Thanks Guys. Oz, the issue was I was trying to forward it to both IPs as soon as I deleted mine, hers started working. Thanks for the help and education. And thank you damned for the offer of assistance, you guys were fast. Much appreciated.

dulux-oz
January 12th, 2015, 14:29
Your welcome.

I'm glad we got you sorted without too much trouble.

Cheers

GM BK
February 6th, 2015, 22:51
Ok, before I go messing with things and get myself in trouble... and anger everyone else in the house by turning off the internet :) Here is my info... if someone could kind of guide me through what exactly I'm suppose to do, that would be awesome :)

Here is what I got when i entered "ipconfig /all"...
9033

Here is where i think i need to go on my router...
9034

Any guidance would be much appreciated :)

damned
February 7th, 2015, 03:13
Unfortunately we cant see the images until they get approved.
If you want some help Im online right now.
Check your PM here: https://www.fantasygrounds.com/forums/private.php


http://www.fg-con.com/wp-content/uploads/2015/02/fg-con-6-150-15.jpg (http://www.fg-con.com/events/)
FG Con 6 – April 17-19th 2015 - register at www.fg-con.com (http://www.fg-con.com/) for all the latest info.

Trenloe
February 7th, 2015, 17:40
Ok, before I go messing with things and get myself in trouble... and anger everyone else in the house by turning off the internet :) Here is my info... if someone could kind of guide me through what exactly I'm suppose to do, that would be awesome :)

Here is what I got when i entered "ipconfig /all"...
9033

Here is where i think i need to go on my router...
9034

Any guidance would be much appreciated :)
In case you haven't got this organised already, try this:

Application name: Fantasy Grounds
External Port: 1802
Internal Port: 1802
Protocol: TCP
To IP Address: 192.168.1.123
Enabled: Yes.

GM BK
February 7th, 2015, 19:30
Currently working on it with damned. Thanks for chiming in though :)

damned
February 8th, 2015, 12:05
So :{ BK }: 's issue was another case of double NAT.

From his ISP he has a cable router/modem and then internally he has another Wireless Router. All the devices are behind the wireless router. So in this case we needed to NAT TCP:1802 on the cable modem/router to the WAN IP of the Wireless Router, and then NAT TCP:1802 there to his PC.

Rondor
April 22nd, 2015, 18:53
If I spring the $40 for PortForward software will it solve my issue?

The frustration is too much

damned
April 22nd, 2015, 22:42
Hi Rondor - I posted after your last message:
https://www.fantasygrounds.com/forums/showthread.php?23878-Lfg-5e&p=208333&viewfull=1#post208333

GM BK
April 22nd, 2015, 23:07
Trust in the damned... his Net Fu is strong! :)

Rondor
April 22nd, 2015, 23:07
Thanks ever so much, damned. Perhaps we can set up a time to skype or teamspeak?

I appreciate it.

damned
April 22nd, 2015, 23:34
If you are free now join me...

philleverson
May 2nd, 2015, 20:06
Fixed it myself:

See http://download.parallels.com/desktop/v6/docs/en/Parallels_Desktop_Users_Guide/31974.htm



I have a connectivity issue:

Situation:
Running Latest Fantasy Grounds on windows 7 emulated on parallels on Mac Yosemite on my MacBookAir

On fantasy grounds the 'internal address' is 10.211.55.3

I have enabled 8102 port forwarding on the external router.
Also enabled the windows7 firewall for port 8102.

When one of my players enabled the demo campaign I was able to successfully connect from fg on win7 on parallels on the mac to it. As a result I believe that the issue is in routing traffic to the correct port on the mac.

Doe anyone have any ideas?

Phill

Trenloe
May 2nd, 2015, 20:59
I have enabled 8102 port forwarding on the external router.
Also enabled the windows7 firewall for port 8102.
Try 1802

gandred
May 4th, 2015, 13:28
Hi guys, Ilove fg but I have some problem to open 1802 port. I've tp-link TL-WR841N (fowarding virtual server configured on tcp and udp). Internal IP changed from dynamic to static (192.198.0.14) but it doesn't works. I try to deactivate windows fw and avira, and test but still doesn't works.

Any ideas? I'm a little frustrated...:(

P.S. when ip was dynamic try an internal connection works, but now it remains in "connecting..." status.

damned
May 4th, 2015, 13:52
you only need to forward 1802tcp.
sent you a PM.

gandred
May 5th, 2015, 06:05
you only need to forward 1802tcp.
sent you a PM.

Thanks damned! Just for info: my isp had to set something like "NAT" on my connection configuration.

Now it works fine! And now I can start mastering!! :)

Delm74
May 8th, 2015, 01:36
Trying to connect to a game tonight for the first time as a player. Getting the red Failure notification on the FG Run Test. Thought that I had set up port forwarding on my router. I've tried Canyouseeme and I get this message:

Error: I could not see your service on 205.164.4.169 on port (1802)
Reason: Connection refused

Any suggestions as to what the problem could be?

Trenloe
May 8th, 2015, 01:42
Trying to connect to a game tonight for the first time as a player. Getting the red Failure notification on the FG Run Test. Thought that I had set up port forwarding on my router.
You don't need any of this to join a game as a player. Click the "join game" button on the first screen, enter your player name and the host address/alias and off you go!

damned
May 8th, 2015, 01:50
Trying to connect to a game tonight for the first time as a player. Getting the red Failure notification on the FG Run Test. Thought that I had set up port forwarding on my router. I've tried Canyouseeme and I get this message:

Error: I could not see your service on 205.164.4.169 on port (1802)
Reason: Connection refused

Any suggestions as to what the problem could be?

See Trenloes post above!
But to also test if you have got the stuff working with canyouseeme - you need to actually have a campaign loaded in FG. But also if the connection test fails - canyouseeme should also fail.
You might have a local software firewall (AV product or Windows Firewall) and you might actually have some double NAT going on - eg you are connecting via a router/wifi that is plugged into another router/modem and both are doing NAT. If that is the case you need to on the router/modem port-forward tcp1802 to the WAN interface of the router/wifi device and on that device port-forward tcp1802 to the PC/laptop IP address....

Delm74
May 8th, 2015, 01:54
You don't need any of this to join a game as a player. Click the "join game" button on the first screen, enter your player name and the host address/alias and off you go!

Good to know that at least - I'm still not able to connect to the host. The GM asked to connect through OpenVPN which I assume I have open (PrivateTunnel open and connected), gave us a host address - getting the Error stop sign message.

thanks again

damned
May 8th, 2015, 01:59
Good to know that at least - I'm still not able to connect to the host. The GM asked to connect through OpenVPN which I assume I have open (PrivateTunnel open and connected), gave us a host address - getting the Error stop sign message.

thanks again

The GM might have an issue at their end. Are you in TeamSpeak or other with the GM? Are other players connected?

Delm74
May 8th, 2015, 02:03
He's currently engaged in the session prior to the one I signed up for, so I'm trying to figure out what needs to be done on my end in the meantime. Having used roll20 previously I hadn't anticipated the connection issues here and it feels like it's beyond my technical know-how :)

damned
May 8th, 2015, 02:33
Hi Delm74 - the GM does need to do some additional setup. This is a downside to the GM Host vs Cloud Host design that FG uses. On the plus side - it is not dependent on someone elses servers and all your data etc stays on your systems and you dont have to worry about losing access to it. Players dont normally have to do anything else unless the GM needs to use a VPN - in that case you may also need to use a VPN. You can have the GM contact me directly if he would like some help with his current setup.

Delm74
May 8th, 2015, 02:49
So...progress? I have OpenVPN running and my system indicates that I am connected to the fantasygrounds IP address that the GM set up.
Still can't connect on the fantasy grounds program :(. I'm on teamspeak so hopefully can troubleshoot when the current session wraps up...still trying to futz around with my system/network settings...

Delm74
May 8th, 2015, 03:28
Whatever it was, my GM stepped in and sorted me out so I am good to go! Thanks so much for the input from the community!

damned
May 8th, 2015, 03:28
What TS Server and what is your Nick?

Trenloe
May 8th, 2015, 03:35
What TS Server and what is your Nick?
You need to drink some coffee, mate. You're slow this morning! ;)

damned
May 8th, 2015, 03:55
You need to drink some coffee, mate. You're slow this morning! ;)

I drink COKE - but my wife is making me cut back. Waaaaay back.

Big Daddy Bull
May 18th, 2015, 15:23
Good morning.

I am currently struggling with being able to set up for a game. When I use the run test it fails quickly. Flashes in progress then quickly fails. I have read through this forum and tried most of the options here and was still unable to get mine to work. I have no doubt it is on my end and attempted to trouble shoot with this forum.

What I have tried all at once and separate.
Opened port TCP 1802 in my router
Disabled my firewalls in router and on my computer
Also changed to static
I do not believe I am behind another provider router as it is only a power supply and cable.

I was able to connect locally with another computer but the Run Test always failed. I would love to get this resolved, any help would be great.

Thank you in advance!
BD

damned
May 18th, 2015, 15:55
Welcome Big Daddy Bull. Please check your Private Messages https://www.fantasygrounds.com/forums/private.php

Trenloe
May 18th, 2015, 15:58
Opened port TCP 1802 in my router
Could you expand on what you did here? Just "opening" port 1802 isn't enough - you'll need to use port forwarding to forward TCP communications on port 1802 to the internal IP address of your GM computer where you run Fantasy Grounds.

Also, as first steps to get this working, make sure you only have one network connection active - disable wireless if you're on a wired connection, disable any virtual networks you might have (VPNs, Virtual Machines, etc.).

damned
May 18th, 2015, 16:24
Double NAT and Satellite....
No access to Satellite Router at this stage.
Once he gets access to Satellite router he will need to do this:

Port Forward TCP 1802 to 192.168.0.200 which is external IP on Internal router/wifi.
This is already properly setup to forward tcp 1802 to his PC.

Big Daddy Bull
May 18th, 2015, 18:06
Good morning! Damned you are the best!

After discussing and trouble shooting with Damned (who did an awesome job, FYI) I had to contact my ISP. I contacted them which led to more problems for me. I asked for credentials to log into the router which was shot down. I asked if they could forward TCP Port 1802 through their router and they explained that they did not block ports on their side. They questioned me about hosting and I explained that to my knowledge I am connecting to FG's server and they are hosting but I could not say for sure. Sorry for my ignorance. If someone could clarify if I will be hosting through my network or not. If I am hosting they will disconnect my service as it is a violation of the residential service agreement. He proceeded to explain they will be monitoring.

Long story short he explained all kinds of network I.T. stuff that I don't understand and said I needed to set up a something dedicated( WAN I think he said) and gave me a list of IP, subnet mask stuff. Way beyond my capabilities.

Damned mentioned a work around maybe? But if I will be hosting on my network I will not be able to do that. Need to clarify that to see if I even need to change things on my end.

Any ideas would be greatly appreciated.

Trenloe
May 18th, 2015, 18:26
In theory you are "hosting" - but you are just hosting a game that a few of your friends will occasionally connect to, and you won't be permanently running a game (i.e. people won't be connecting all of the time). You aren't hosting a website, nor are you hosting permanent library/data/downloads, etc.. Your upload to your friends computers will be in the area of 10's of MB per game session, nothing more.

Point them to the FG website and the networking FAQ for more info: http://www.fantasygrounds.com/forums/faq.php?faq=fantasy_grounds_faq#faq_networking

damned
May 18th, 2015, 18:28
Big Daddy Bull - you are hosting the game - but you are not hosting a web server or email server or even a public game server. Its a server for a couple of hours a week for 3-6 friends.

2 suggestions - https://www.fantasygrounds.com/forums/showthread.php?20309-GM-Connection-Issues-Tried-Everything-Try-Hamachi
and this: https://www.fantasygrounds.com/forums/showthread.php?20160-Using-a-VPN-Service-Provider-to-get-around-port-forwarding-issues

The first is no cost but you AND your players need to do the Hamachi thing.
The other way only YOU need to do the VPN.

Ill help you with one or the other - later.... its now 330am and I still have to get up at 5am....

evilmouse
June 1st, 2015, 07:05
still no one is able to log in i need he;lp on connection test success
tcp 1802

damned
June 1st, 2015, 07:08
Im here - send me a PM with your email address please.

dustem
June 16th, 2015, 22:57
While trying to run a host game I'm getting a failure when running the test. I'm on a Mac running Yosemite using Wineskin. I've noticed most of the suggestions on here are for Windows machines, so I was hoping someone had experience with hosting on a Mac could help me out.

I'm using a Netgear ADSL2+ and a Time Capsule. While I do have Little Snitch, its currently set to allow all connections.

I'll look through some of the Windows suggestions to see if any of them can help. I did try the canyouseeme link and it timed out.

Nylanfs
June 17th, 2015, 00:11
Heya, this looks promising

https://store.boingboing.net/sales/vpn-unlimited-lifetime-subscription?utm_source=boingboing.net&utm_medium=referral&utm_campaign=vpn-unlimited-lifetime-subscription

Trenloe
June 17th, 2015, 13:17
Heya, this looks promising

https://store.boingboing.net/sales/vpn-unlimited-lifetime-subscription?utm_source=boingboing.net&utm_medium=referral&utm_campaign=vpn-unlimited-lifetime-subscription
Interesting... lifetime at $39 is very good if it works (and they stay around for more than a year). I've just given it a go (you can get a 10 day trial account) - port 1802 isn't routed as part of the VPN, so can't get a connection to FG. I've sent their support an email to see if it's possible to set the forwarding up.

damned
June 17th, 2015, 13:28
If people are willing to run FG on a non standard port I have a way for people to get thru lots of firewalls...

Trenloe
June 17th, 2015, 13:44
If people are willing to run FG on a non standard port I have a way for people to get thru lots of firewalls...
That can be a bit of a last resort. One of the good things about using a VPN service (rather than something like Hamachi) is that is minimises the impact to the players and they just connect as normal. Having to change port numbers is a pain for non-computer savy users, it's really not much of an option unless you have the exact same players each session and can take the time to set it up on everyone's computer.

Trenloe
June 17th, 2015, 13:47
Interesting... lifetime at $39 is very good if it works (and they stay around for more than a year). I've just given it a go (you can get a 10 day trial account) - port 1802 isn't routed as part of the VPN, so can't get a connection to FG. I've sent their support an email to see if it's possible to set the forwarding up.
Quick response:
"Unfortunately, we don't provide port forwarding. You can't use 1802 port with VPN Unlimited. "

Case closed. Stick with a tried and tested VPN provider - I've used HMA and PureVPN successfully - these give you your own IP address when you connect to the VPN, FG picks that up and you just use your alias as normal. HMA and PureVPN forward most (all?) traffic to your PC (which is why it works with Fantasy Grounds) so just make sure you have an up-to-date AV/firewall running (which you should be anyway).

FendorRules
June 21st, 2015, 02:18
Hey team, I just purchased the Ultimate GM license and am trying to set it up to host a game. I even bought a port forwarding utility to set-up my Verizon router. It seems to have worked but I'm still not able to open port 1802. My test fails.

I have McAfee firewall on too, but it won't let me turn it off. It keeps turning back on.

Any suggestions?

I know it's user error here, so help me out!

damned
June 21st, 2015, 02:53
Fendor - I can give you a hand a little later today.
Quick question - do you have one or more routers / modems on your network?

FendorRules
June 21st, 2015, 03:41
No, I just have the Verizon router. I do have a mcafee firewall that I'm about to delete since it won't turn off

FendorRules
June 21st, 2015, 04:05
Ok, I deleted mcafee and ran the test and it was successful. I'm going to assume that since I have my Verizon firewall, I don't need another one with mcafee. I have no idea how to set it up to let 1802 to open

damned
June 21st, 2015, 05:10
Many routers support UPnP which automatically/dynamically supports various applications.
If your connection test is successful then you are good to go.

chrisiav
July 12th, 2015, 02:58
Trying to set up a game with me running as GM/host and the test just keeps coming up as a fail. I can run with localhost. I've read through a lot of the posts here and quite honestly, it's kind of Greek to me. My computer acumen is very much on the poor side. Was wondering if I could get a little help. I've tried to run one of the suggested utilities called Portforward and below is a screenshot of what came back. At least I hope the screenshot shows up. In any event, I was wondering if I could get a hand using plain English step by step instructions. Any help would be appreciated. Oh, I also did that ipconfig thing and mine didn't look anything like the ones posted. Not sure if that's good or bad.


10491

damned
July 12th, 2015, 03:01
check your PM.

X-baby longshot
August 19th, 2015, 20:26
I need help; I’m not that tech savvy and trying to forward my port on my router. I don’t see port forwarding as an option... http://setuprouter.com/router/huawei/hg530/screenshots.htm is what my router login and each page looks like.

Trenloe
August 19th, 2015, 21:16
I need help; I’m not that tech savvy and trying to forward my port on my router. I don’t see port forwarding as an option... http://setuprouter.com/router/huawei/hg530/screenshots.htm is what my router login and each page looks like.
Try enabling UPnP on the UPnP screen. You may have to restart the router for the change to take effect. FG tries to use UPnP to auto setup the port forwarding on the router.

damned
August 19th, 2015, 23:53
[edit] Advanced -> Port Mapping X Wrong

NAT -> Virtual Server

X-baby longshot
August 20th, 2015, 20:33
so i got it to work last night briefly on my PC using the virtual server setting. however when i got on the computer today i wasn't able to reconnect to the internet for some reason, i had to shutdown the static port in order to get back on the internet, which then means i'm not able to green light due to my IP not being static. Any advice on that issue would be great!

X-baby longshot
August 20th, 2015, 20:41
Looks like my preferred IP changes as I turn my PC on/off. whats the best fix?

Trenloe
August 20th, 2015, 21:00
Looks like my preferred IP changes as I turn my PC on/off. whats the best fix?
Set a static IP on your PC.

http://www.howtogeek.com/howto/19249/how-to-assign-a-static-ip-address-in-xp-vista-or-windows-7/

X-baby longshot
August 21st, 2015, 06:25
Perhaps I didn’t do a good job explaining, I had set a static IP address for my PC, when I started it back up the following day it would not connect to internet. So I changed back to automatic IP address and was able to connect. So I looked at the address that was preferred in my config all file and it changed from the day I set it static. So it appears that each time I reboot my PC I will have reset the static IP and virtual server on my router or is there a way to prevent that from happening?

damned
August 21st, 2015, 06:29
sent you a PM

healdhj
August 23rd, 2015, 16:23
Okay folks, been through 13 pages on this thread and I am still having issues. Not sure why, last time I had this many issues was with the Wii and that had to go outside everything. I'll note that I have a double router setup. However, to avoid issues I've connected directly to my Brighthouse cable modem/router, instead of also through my Neatgear router. I've restarted both the PC, Router, and FG several times in the process as well. Windows firewall is completely off, no AV software enabled. I would love some advice! Even tried using my static IP in a DMZ and that didn't work.

One network connection active.
10768

Static IP set.
10766

Virtual Server (Port Forwarding) set.
10767

FG connection failure :cry:
10769

damned
August 23rd, 2015, 23:44
hi healdhj - very useful supporting images - thanks!
It looks like:
1. You have correctly defined the static ip
2. you have correctly setup the port forward

So the most likely causes here are:
1. Windows/AV/Software firewall is preventing PUBLIC connections to TCP1802 or to FantasyGrounds.exe
2. You are not actually connected to the Cable Modem and are still getting double NAT - please open a cmd prompt and do: tracert 8.8.8.8 and post the first half dozen lines here....
3. If you click the click to retrieve your external IP does it come back with a value? if not you are probably getting blocked at the FG server end... (this looks less likely as you do have an alias showing)

healdhj
August 24th, 2015, 00:45
damned, thanks!


hi healdhj - very useful supporting images - thanks!
It looks like:
1. You have correctly defined the static ip
2. you have correctly setup the port forward

So the most likely causes here are:
1. Windows/AV/Software firewall is preventing PUBLIC connections to TCP1802 or to FantasyGrounds.exe
2. You are not actually connected to the Cable Modem and are still getting double NAT - please open a cmd prompt and do: tracert 8.8.8.8 and post the first half dozen lines here....
3. If you click the click to retrieve your external IP does it come back with a value? if not you are probably getting blocked at the FG server end... (this looks less likely as you do have an alias showing)

1. Any idea how to check that?
2. Image here. 10776
3. External IP shows up in FG with no issue, and has repeatedly throughout the process.

Thanks again and in advance :)

damned
August 24th, 2015, 01:01
damned, thanks!



1. Any idea how to check that?
2. Image here. 10776
3. External IP shows up in FG with no issue, and has repeatedly throughout the process.

Thanks again and in advance :)

1. A good first check is to Load your Campaign and then open a second instance of FG on teh same computer and connect to localhost. This wont tell you if connections are being blocked to public connections but it will tell you if FG is being blocked in general by a local firewall...
2. Its a pity the 2nd hop didnt resolve but it looks like you should be ok on that front
3. Good then its not being blocked at the FG server/license check end

healdhj
August 26th, 2015, 23:15
Good news! I'm not a total idiot :)

Cable company/ISP double checked my work and all was as it should be. They played around on their end - no joy.

Today they replaced the cable modem and put in the same settings and all works! FG says SUCCESS!

Thanks all.

Nylanfs
August 27th, 2015, 01:41
Huzzah!

Fishypeanuts
September 12th, 2015, 13:55
I suspect that FG doesn't play nice with UPNP on Windows 10. I had it going fine on 8.1 but can only make it work with manual port fowarding now. It is possible there is a Windows setting I am missing although I did enable FG in the firewall dialog.

I can manage this way but also prefer to avoid poking holes in my router.

damned
September 12th, 2015, 13:59
It could be a newer UPnP version that isnt being read properly by your Router?

Fishypeanuts
September 12th, 2015, 14:07
It sure could. I did verify latest firmware on the router (WZR-1166DHP Version 2.13) but didn't troubleshoot beyond this point. I knew I was on thin ice when I noticed the router version date was well before Windows 10.

Trenloe
September 12th, 2015, 16:10
Check this setting: http://www.computerhope.com/issues/ch001367.htm

tadkil
October 15th, 2015, 04:06
Need some help accessing port 1802 & connecting to the FG server to host a game. I am not a hardware person at all, but do well with RTFM for most GUI software. I have created rules in my firewall that should allow 1802 to work. That was relatively easy. Completely stumped at this point. Any help would be appreciated.

damned
October 15th, 2015, 04:10
sent you a PM.

Trenloe
October 15th, 2015, 04:11
Need some help accessing port 1802 & connecting to the FG server to host a game. I am not a hardware person at all, but do well with RTFM for most GUI software. I have created rules in my firewall that should allow 1802 to work. That was relatively easy. Completely stumped at this point. Any help would be appreciated.
You don't actually connect to a FG server provided by SmiteWorks - the GM Fantasy Grounds instance is the server running on your computer. Have you logged into your internet router and setup port forwarding to your GM computer IP address? What tests are you doing?

tadkil
October 15th, 2015, 04:20
You don't actually connect to a FG server provided by SmiteWorks - the GM Fantasy Grounds instance is the server running on your computer. Have you logged into your internet router and setup port forwarding to your GM computer IP address? What tests are you doing?

Yeah... non-technical kind of guy. Turned off my firewall and still could not connect. May need to remote in some IT support.

tadkil
October 15th, 2015, 04:53
Brilliant help. Damned is awesome.

warwick
November 2nd, 2015, 03:52
Trying to setup fantasy grounds on new Surface Pro 4 running windows 10. I have a Netgear C6300 cable modem/wireless gateway. I set up the DHCP server on the gateway to always give the surface the same IP address. Then I set up port forwarding for port 1802 (external and internal) to the IP address of the Surface (which I have confirmed matches the address I input in the C6300 port fwding table). I first tried to create a path through windows Firewall by adding an inbound rule to allow FantasyGrounds to receive incoming TCP traffic from any port. Didn't work. So I tried to be more specific and created inbound rule to allow FG to receive incoming TCP from 1802. Didn't work. I created a rule to allow any program to accept TCP on port 1802. That didn't work. So I disabled Windows Firewall altogether and my connection test still failed. In a different thread I saw the netstat -a - p tcp command to check to see if the surface was listening on port 1802. It is not, even with Firewall disabled. Any ideas what might be causing the communication breakdown or how to correct it?

Oh I also tried disabling ipv6 on my network adapter and giving the surface a static ipv4 address (with appropriate subnet mask and DNS servers). That didn't seem to help either and it made my internet access a bit dodgy so currently relying on modem to always give the surface the same IP through DHCP.

damned
November 2nd, 2015, 04:00
heya warwick!
it looks like you are (were!) going about things the right way.
lets roll back to your initial setup -

router gives surface same ip each time = good
port forward tcp 1802 on router to surface = good
create windows firewall rule on surface to allow tcp 1802 from ANYWHERE = good

stop there

now on surface what does FG tell you the External IP address is?
on the router what does it think the WAN/Public/External IP address is?

open a cmd prompt and type:
tracert 8.8.8.8
can you post the first 4 hops?

send me a PM if you like.

damned
November 2nd, 2015, 04:10
...the netstat -a - p tcp command to check to see if the surface was listening on port 1802. It is not, even with Firewall disabled...

FG will only listen once you have the application running with a "campaign" running. As in once you hit Start on Load Game or Create Game. It isnt listening while you are on that Test screen (except for the test packet).

warwick
November 4th, 2015, 02:28
First, thanks damned *tremendously* for the tech support. With your help I am up and running in FG.

Second, to add to the knowledgebase. I have a NETGEAR C6300 Router. To add port forwarding seemed pretty straight forward. In the 'ADVANCED' tab expand the 'Advanced Setup' bar on the left of the screen to reveal a link to among other things 'Port Forwarding / Port Triggering'. Click that link. Click the '+Add Custom Service' button.

Enter a reasonably logical Service Name. In this case FG1802. Select TCP from the Service Type drop down menu. External Starting and Ending Port should both be 1802. The Internal Starting and Ending Port fields will auto populate. Enter the appropriate IP address for your fantasygrounds machine. Leave the External IP address field set to Any. Then click the 'Apply' button. This takes you back to the Port Forwarding Page.

I thought I was done at this point. The Enable checkbox was checked. All of the parameters looked correct. I figured the router automatically enabled it since, you know, the check box in the "Enable" column was still checked, but what it turns out I was missing was the need to actually activate the port forwarding.

So the final step is to click the radial buttons for Port Forwarding/Always/and the FG1802 service we had just set up. Then click the 'Apply' button. The Port Forwarding Portmap Table will reload and appear exactly as it looked before this final step. But now, port forwarding for port 1802 will actually work.

Thanks again damned for the assistance.

WolfJFlywheel
November 10th, 2015, 15:24
Hello all!

I just bought Fantasy Grounds and I am having trouble connecting. I was anticipating this, I'm just not sure what the problem is.

I downloaded Fantasy Grounds Ultimate. I logged on and did the self test and got "Success". Good so far.

Before I went further I turned off all firewalls on the computer I was using.

I had a player log on and I gave him the stated IP address. He put it in but after attempting to connect he got the "unable to connect" message.

I'm guessing this is an IP/port forwarding issue. Here is my question:

My ISP comes into a cable modem
the modem connects to a router (ASUS N66R)which then connects to three computers via Ethernet:
Desktop 1
Desktop 2
Laptop 1 (this is the computer I am running Fantasy Grounds from).

Can I do the static IP/port forwarding procedure for just the computer I am on or do I need to configure the others since they come from the same router?

Also, I disabled the firewall on the Laptop but not on the other computers or the router itself. Could this be an issue?

I would appreciate any help I can get.

Thanks

Andraax
November 10th, 2015, 18:04
Are you giving him the internal IP address or the external one? Also, you can try to "Enable Alias", generate a new alias, then give the player the alias instead of IP address.

WolfJFlywheel
November 10th, 2015, 19:43
Are you giving him the internal IP address or the external one? Also, you can try to "Enable Alias", generate a new alias, then give the player the alias instead of IP address.

I tried both the internal and external IPs but I did not try the alias. I'll try that tonight.

PastorDontPlay
November 11th, 2015, 01:23
Hi all, please help.

I'm trying to get a group on fantasy grounds right now and they can't connect to me.

I am using Windows 10 and tried adding an inbound rule to allow people on Port 1802. Still doesn't work. Any ideas?

damned
November 11th, 2015, 01:41
Sent you a PM.

WolfJFlywheel
November 12th, 2015, 14:04
Are you giving him the internal IP address or the external one? Also, you can try to "Enable Alias", generate a new alias, then give the player the alias instead of IP address.

Well, it looks like that worked. Thanks Andraax

on3moda
November 24th, 2015, 04:05
Too bad this doesn't work with a PfSense firewall. I setup port forwarding with On WAN -> 1802 TCP -> To 1802 To My PC's IP -> Apply. Still nothing.

damned
November 24th, 2015, 04:15
Too bad this doesn't work with a PfSense firewall. I setup port forwarding with On WAN -> 1802 TCP -> To 1802 To My PC's IP -> Apply. Still nothing.

Welcome on3moda. There is no reason why this cant be made to work thru PfSense. Have you any other stateful packet inspection or similar going on. What do your PfSense logs say?

on3moda
November 24th, 2015, 04:35
Welcome on3moda. There is no reason why this cant be made to work thru PfSense. Have you any other stateful packet inspection or similar going on. What do your PfSense logs say?

Got it. I needed to add PASS.

damned
November 24th, 2015, 07:11
Good work on3moda!

Baron28
November 24th, 2015, 15:30
Need some help accessing port 1802 & connecting to the FG server to host a game. I am not a hardware person at all, but do well with RTFM for most GUI software. I have created rules in my firewall that should allow 1802 to work. That was relatively easy. Completely stumped at this point. Any help would be appreciated.

So now Tadkil attempted to connect to my game server last night and was running into connection issues. I configured port forwarding on my router and put in my machine's dynamic ip address. Do I need to setup my machine with a static ip address? Do I need to setup port forwarding on the modem to send the signal to my router's ip address?

midas
November 24th, 2015, 16:20
I always recommend using a static IP address when using port forwarding, as otherwise you're telling your router to forward traffic to an IP address that may change. If you statically assign your IP on your computer--or at the very least set up a DHCP reservation so that your machine always gets the same IP; particularly recommended path if you need to use wifi--then you can be assured that the traffic will aways be forwarded where it needs to go.

damned
November 24th, 2015, 23:33
So now Tadkil attempted to connect to my game server last night and was running into connection issues. I configured port forwarding on my router and put in my machine's dynamic ip address. Do I need to setup my machine with a static ip address? Do I need to setup port forwarding on the modem to send the signal to my router's ip address?

I think that tadkils issue might be at his end. Im trying to work thru that with him.
It looks like FG might still be getting blocked outbound on hos computer.

Baron28
November 25th, 2015, 00:24
I think that tadkils issue might be at his end. Im trying to work thru that with him.
It looks like FG might still be getting blocked outbound on hos computer.

I'm on the FG teamspeak if you need anything from me. Thanks for helping out.

Kefrem
January 1st, 2016, 17:24
i need some help getting my friend to connect..i have a netgear10 and i read thru all this but im not technical savvy with all this modem coding stuff :(

midas
January 1st, 2016, 23:32
Did you get this sorted out? Also, I'm not seeing any results for Netgear10 in their production lineup. Do you have a model number on the label on the back/bottom (like WNR2000 or something)?

crb31
March 14th, 2016, 03:42
I just got a new computer and upgraded my internet speed and after running FG for over a year, I can't connect. Some of the players helped me set up a static ip and I still couldn't connect. I bypassed my router and went straight to my modem and I could connect and the players could connect to me but at about 15 minute intervals I was disconnected from all the players and then reconnected- very frustrating. I have a Arris modem tm822g and Belkin 600n router. I have made sure that the firewall is allowing FG through. thanks in advance.

damned
March 14th, 2016, 03:59
sent you a PM.

Celegar
March 16th, 2016, 00:35
I am now unable to connect FG to enable my players to connect to me. I was always successful in connecting by re-booting my modem and then starting my computer but since I upgraded to Windows 10 at the start of last week this does not seem to work. I was unable to host my players in a game last Friday and this Friday's game is not looking promising. I have checked my router and it still indicating my port is still listed as open for FG. I have checked my anti virus/firewall and it still shows the exceptions I made a 5 or 6 months ago. Is the issue with Windows 10? Is it blocking the connection unbeknownst to me? I am at a loss. What am I missing?

Moon Wizard
March 16th, 2016, 01:04
Some ideas:

Check your Windows Firewall and any other security software (Norton, mcafee, ...) to make FG app is not blocked.

Check to make sure the local IP address on FG launch screen matches the port forwarding rule on your router.

Try having your players connect to external IP address, instead of alias.

JPG

damned
March 16th, 2016, 07:33
After the upgrade to Win10 your local IP address has most likely changed. Check your Port Forward in your router is still pointing to the correct address. Send me a PM if you need more help.

Celegar
March 16th, 2016, 15:14
Thank you I will look at it this evening. Although I am not sure exactly how to check if the ip's are the same and if they are not how to make them the same.

Celegar
March 19th, 2016, 21:48
I want to thank damned for taking a good deal of last night helping me get my router and connection issues sorted out last night. I appreciate it and so do my players. Thank you.

jwrightFANTASYG
April 17th, 2016, 06:25
Good Evening,

Classic issue - I cannot get remote users to connect to my FG campaign.

Window 10 laptop
Use Kapersky
Comcast (XFinity) Modem / Router

I have been able to connect to my own campaign using localhost on a separate instance of FG on my machine.
I have been able to have local players here in my house on my network connect to my campaign using the internal IP address.
I have installed portforward.com and setup a static IP Address through it.
I have tried different port forwarding setting on portforward.com but since my exact modem model does not show up in their list nothing seemed to work (I have reached out to them for support on this).
I am able to connect to other FG campaigns.

Any insight would be appreciated.

Thanks!

John

damned
April 17th, 2016, 09:48
Hi John,

Send me a PM if you dont get this sorted.
If you can connect from another computer on teh same LAN you have a good start.

It is then most likely one of these:

1. Your windows firewall is allowing LAN access to TCP1802 but not Internet/Public access
2. Your Routers Port Forwarding is not setup correctly
3. You actually have two routers/modems and you have not got the forwarding workig correctly between them both.

jwrightFANTASYG
April 18th, 2016, 01:20
Thanks for all the help Damned! Above and beyond my friend. All set from my end now! Woo hoo! Let the Wild Rumpus begin!

ivan-hr
April 20th, 2016, 22:53
Edited: I managed to solve my problem! :bandit:

damned
April 21st, 2016, 00:01
Well done ninja ivan-hr
If you post your "fix" the next person might find its the answer to their challenge!

And welcome!

ivan-hr
April 21st, 2016, 00:09
Thanks and sorry.

I had problems with the port. I am running FG2 thru Steam on OS X.

I am using a FritzBox 6320 and an TL-WR840N Wireless Router. I had to add a port forward in each device to make FG2 use port 1802.

Hope that helps anyone else with the same problem.

damned
April 21st, 2016, 00:34
Well done ivan-hr.
Having a router/modem and a wifi/router crops up a bit and yes you have to do what you did there.
You are also lucky - many Germans dont get an IPv4 address and have to use Hamachi/Tunngle/VPN to get it to work.

Zefflorin
June 8th, 2016, 15:18
Hello all you smart people,

I recently bought a new computer and have successfully merged all our old campaign onto the new machine. The cable modem and router did not change. However the test function keeps giving me a failure. I have Win 10 now. I remember I had to do something internally to the computer to get FG to run but I can not remember what. I have turned off the windows firewall, and tried to do the IP4 static IP address fix still with no luck.

Any ideas?

Zeff

damned
June 8th, 2016, 15:27
sent you a PM.

hamaoka maya
June 13th, 2016, 10:22
A great post :)

Dalamar
June 18th, 2016, 16:23
Hi All,

I recently took a stab at fantasy grounds ultimate and am having some issues with the connection test and can you see me. I keep receiving the failure on the test and connection refused on canyouseeme. I have tried canyouseeme with a session running and without.

I am running an arris modem/router with an asus rt n16. I have forwarded port 1801-1803 on the arris (also have tried just 1802) to the asus and then forwarded the 1802 port on the asus to my pc's static ip address. I have instructed windows firewall to port 1802(TCP) for fantasy grounds. I have tried disabling all firewalls and shutting down antivirus (temporarily for science of course). I tried a direct connection to the arris without a firewall and receive the same connection refused.

Anyone have a bit of time to help me out?

damned
June 19th, 2016, 04:11
Hi All,

I recently took a stab at fantasy grounds ultimate and am having some issues with the connection test and can you see me. I keep receiving the failure on the test and connection refused on canyouseeme. I have tried canyouseeme with a session running and without.

I am running an arris modem/router with an asus rt n16. I have forwarded port 1801-1803 on the arris (also have tried just 1802) to the asus and then forwarded the 1802 port on the asus to my pc's static ip address. I have instructed windows firewall to port 1802(TCP) for fantasy grounds. I have tried disabling all firewalls and shutting down antivirus (temporarily for science of course). I tried a direct connection to the arris without a firewall and receive the same connection refused.

Anyone have a bit of time to help me out?

Hey Dalamar - we are in different timezones but PM me when you are online next and Ill help you out. You sound like you are totally on the right track and may have just messed a step along the way. Its definietly only TCP and 1802. Any other ports and protocols are red herrings. You do need arris -> asus -> pc (if the ASUS WAN is plugged into the ARRIS LAN - if the ASUS LAN is connected to ARRIS LAN then you just do Arris -> PC).
Its TCP1802 at each step and best to have DHCP reservations along the way too.

therealSamael7
July 13th, 2016, 23:15
Hello, all. I've just moved into a new apartment, and I'm now getting connection problems setting up an FG host. Previously, I had a cable modem and router, and single port forwarding worked just fine. My new place uses Webpass as a provider, so no more modem on my end. Just the router.

However, the single port forwarding no longer works for the router. I've tried a few things, including a direct hardwire connection with firewalls off (temporarily), and still the test fails and the canyouseeme.org test also fails. I suspect it's related to this news from Webpass posted in June of last year:


Webpass allocated the final available residential IPv4 address space assigned to us today. All residential buildings coming online after today will receive a private IPv4 address space. Existing residential buildings with public IPv4 assigned will slowly transition to private IPv4 addresses as demand exceeds the currently allocated IPv4 address space. We expect minimal impact for all customers. The entire Internet will still be available when surfing the web from your Webpass connection. However if you wish to connect to your Webpass connection from a remote location (for example you have a web camera in your unit) the connection will only work on the IPv6 protocol.

I could be wrong, but every place I've been able to touch (or remove) from the chain between FG and the internet, I've touched (I've also confirmed localhost connections work, but connections from a second laptop do not). This is the only piece I can't touch, but if anyone has any suggestions or experience, I'd appreciate it.

(I've also downloaded Hamachi in anticipation of having to use it as do satellite-using GMs)

Thanks.

damned
July 13th, 2016, 23:35
therealSamael7 you are out of luck. Hamachi or a VPN (that allows direct access to the public IP address) is required.
FG Next (whatever it will be called) will most likely (it should!) support IPv6 but the current game engine does not.
You can if you like have a look at this doc and build a VPN server for $10/year and a little elbow grease.
https://www.dropbox.com/s/i1mxkdubn8kt46k/Fantasy%20Grounds%20VPN%20Server%20Setup%20-%20draft.docx?dl=0
The only condition on using this is proofing the doco to make sure its right and works as written.

Edit: Hamachi is your easiest option by far - but it will require the players to also use Hamachi (which I dont think is a big deal). The VPN option removes that step for the players but puts more onus on you.

therealSamael7
July 14th, 2016, 01:02
Thanks! I suspected this would be the case. The good news is I've got Hamachi going and had my first player connect. Appreciate your input. Cheers!

antdread
August 23rd, 2016, 02:32
Hi everybody,

I'm running on OSX El Cap. trying to connect with no avail:
15088

Have a ARRIS-4992 Modem/Router with apple Airport Extreme:
15089
15090

Went to the modem 192.168.0.1 and turn off the firewall and all its options:
15091

Then add a Virtual Server with port 1802 as suggested:
15092

Then run a test in FG and FAILURE connection test. What should I do?

Trenloe
August 23rd, 2016, 02:41
You need to forward port 1802 on your router (192.168.0.1) to the Airport extreme (192.168.0.2) and then forward port 1802 on the Airport Extreme to your computer.

antdread
August 23rd, 2016, 02:51
I'm not that network connection proficient, trying my best here. Do you know how?

Trenloe
August 23rd, 2016, 03:05
Change your virtual server setup on your router to go to 192.168.0.2

Info on the airport extreme here: http://foscam.us/blog/foscamipcameras/view-foscam-live-on-the-internet-setting-up-port-forwarding-on-your-airport-extreme-or-time-capsule-for-apple-macmacintosh/ Add a port map with public and private TCP ports of 1802 and a private IP address of your FG computer (assuming 192.168.0.100 based on the info above?).

By-the-way, you probably don't need to disable the first routers firewall. *Usually* virtual servers/port forwarding are exceptions to the firewall. But, leave it off for the moment, get FG working and the turn it on and see if FG still works.

antdread
August 23rd, 2016, 04:44
I appreciate your help, but his is very embarrassing. My airport utility app is more advance because I'm running OSX El Capitan and the options that are present are not the same as the ones in the link above.
I don't understand this language and the concept very well. Its like having my eyes cover trying to cash a fly with a pair of chopsticks. I'm not that bad with computers, but this network stuff is beyond me. Next time I level up, I promise I would select that skill.

Now my Airport Extreme Router is offline, Netflix is gone and my wife is chasing me all over the apartment, in a very menacing way, chopsticks in hand :-)
15093

I feel like a Ranger lost in the woods.

Trenloe
August 23rd, 2016, 05:10
Now my Airport Extreme Router is offline, Netflix is gone ...15093
Well, what change did you make in the airport extreme? ;) Change it back, save it and switch it off and on again.

Then, if it comes back, do an internet search for "airport extreme port forwarding" and find something that matches what you see in your interface. Note: don't do anything to do with IPV6 (newer IP address formats) as FG can't use these. Use IPV4 port forwarding/port map to 192.168.0.100 (assuming that is what your FG computer's IP address is).

damned
August 23rd, 2016, 07:35
and send me a PM if you really are still stuck.

antdread
August 23rd, 2016, 14:11
I have my router in line again :-)
The problem is that there are different options and I don't now for sure where is that I'm screwing things up.

Here is my setup in the modem Arris with the Virtual Servers Configuration:
15096
Its this setup OK?

In Airport Utility there is a option for router mode:
15097

For adding a Port Settings in IPv4 I need to select the DHCP and NAT option:
15098

This is where things start to go offline.

I have another doubt, if I have 2 IP addresses, Ethernet IP and Wi-Fi IP, Which one should I add to the Private IP Address?

GoddTodd
October 10th, 2016, 09:52
So I've got a ATT Uverse 2WIRE 3801 HGV.
I try to allow 1802 port connection for Fantasy Grounds like so.
15591
And then I get a blank screen like this.
15592

Any thoughts?

damned
October 10th, 2016, 10:52
We cant see your attachments... not your fault - they need to be approved... if you are online now send me your email via PM and I will have a look with you.

Trenloe
October 10th, 2016, 15:39
So I've got a ATT Uverse 2WIRE 3801 HGV.
I try to allow 1802 port connection for Fantasy Grounds like so.
15591
And then I get a blank screen like this.
15592

Any thoughts?
Make sure you use 1802, you have 1801 in your screenshot.

For the blank screen: try a different browser.

GoddTodd
October 10th, 2016, 18:46
Submitted in DM as well.


Here's a repost with image links instead.
https://s13.postimg.org/h02kyy97r/router_1.jpg
Then you get a blank screen like this:
https://s15.postimg.org/i8r71n37v/router_2.jpg

Trenloe
October 10th, 2016, 19:26
Submitted in DM as well.
Is that the DM browser for Android?

If so, I'd recommend trying some different browsers on a PC - Internet Explorer, Firefox, Chrome, etc..

GoddTodd
October 10th, 2016, 20:40
So far I've tried Chrome and Explorer on the PC.

Trenloe
October 10th, 2016, 20:56
Try the info provided by a few posts here: https://forums.att.com/t5/AT-T-Internet-Equipment/How-to-open-ports-on-a-3801-HGV-2-wire-router/td-p/2715683

damned
October 11th, 2016, 02:36
Hi GoddTodd im online now if you still need help.

GoddTodd
October 11th, 2016, 10:27
Damned got me pretty far. Thank you.
Eventually it came down to convincing ATT Uverse to update the 2Wire router software.
It would have been nice if they hadn't convinced me to buy the ATT Connec Tech service (who determined also that it was Uverse's problem).
I got FG connecting on one computer.
Looks like I may not be able to connect via the other laptop on the same network.
But that's a problem/decision for tomorrow.
It's 2:25 am and I'm going to bed.
Thanks everyone for the advice. There was a few pertinent nuggets in Trenloe's link as well. Thank you.

damned
October 11th, 2016, 10:35
Hola GoodTodd - note where the connection test is?
Its on the Load Campaign and New Campaign pages.
Its not on the Join Campaign page. Players dont need to pass the connection test.
If you are the GM you can only do it from one computer on the network - or you will have to reconfigure your router each time you switch.
Pick one computer as your GM computer only.

mribeiro
October 20th, 2016, 21:21
Can it be a feature request to just have the software figure it out? I play in a group that switches locations where I don't always have router access to modify. Just know that most modern P2P or hosted games don't have this level of work to make work. Static IP's aren't required, neither is non standard forwarding for anything I've used recently.

damned
October 20th, 2016, 21:29
Welcome mribeiro. Unfortunately the current game engine does not support this. It is very likely that the Unity build will support the current direct connect model as well as a brokered model that doesnt require any firewall setup but that wont happen until next year.
Try Hamachi if you move about a lot: https://www.fantasygrounds.com/forums/showthread.php?20309-GM-Connection-Issues-Tried-Everything-Try-Hamachi
or look at a VPN solution: https://www.fantasygrounds.com/forums/showthread.php?20160-Using-a-VPN-Service-Provider-to-get-around-port-forwarding-issues

JeffKnight
October 29th, 2016, 08:28
If you own your own server (or vps) you can use OpenVPN using TAP interfaces (I haven't tried with TUN) as well with iptables like so:

iptables -t nat -A PREROUTING -d x.x.x.x -p tcp --dport 1802 -j DNAT --to-dest z.z.z.z:1802
iptables -t nat -A POSTROUTING -d z.z.z.z -p tcp --dport 1802 -j SNAT --to-source y.y.y.y

where x.x.x.x is a public ip of your server, y.y.y.y is the vpn ip of the server, and z.z.z.z is the vpn ip of where you are running fantasy grounds

You don't need a huge/powerful vps to do this, some of the $1 a month ones would work fantastically.

Illmirranor
November 20th, 2016, 13:10
Hi, everyone:

I'm trying to get FG set up on my home PC so I can host games but I can't get it to work.

I am virtually certain the problem lies with the Arris CM820 cable modem provided by my cable company, though they swear they are not blocking port 1802. I have a WIRED connection between by PC (running Windows 7) and my Linksys WRT54GL router. I'm confident I've set up a static IP address and port forwarding correctly on my router, but it's not working.

Would anyone be willing to help me troubleshoot? Also wondering if there is an easy way to test whether the modem is blocking the port. I'm wondering if I need to disconnect my router and plug directly into the modem so I can try to access the modem admin. (If the modem doesn't have the default password, I won't be able to get in.) In fairness, the modem does not seem to be blocking any other ports.

FG connection test fails. Also fails when I test port 1802 on canyouseeme.org.

Thank you.

damned
November 20th, 2016, 13:20
Send me your email address via PM and Ill have a look with you.

Varsuuk
November 26th, 2016, 03:18
If you can't get into the modem - do a google but I suspect there is a way to "Reset" to factory state (which is why you need to look at manual to find out what those are... some do admin/admin some admin/<nothing> others just about anything else...sorry) if you needed to go there.
Probably a good idea to reset it to a password your write down - when you have time to deal with the issues. Otherwise a day will come when you NEED to change something and blamo... no time to figure it out.

damned
November 26th, 2016, 05:26
Hi, everyone:

I'm trying to get FG set up on my home PC so I can host games but I can't get it to work.

I am virtually certain the problem lies with the Arris CM820 cable modem provided by my cable company, though they swear they are not blocking port 1802. I have a WIRED connection between by PC (running Windows 7) and my Linksys WRT54GL router. I'm confident I've set up a static IP address and port forwarding correctly on my router, but it's not working.

Would anyone be willing to help me troubleshoot? Also wondering if there is an easy way to test whether the modem is blocking the port. I'm wondering if I need to disconnect my router and plug directly into the modem so I can try to access the modem admin. (If the modem doesn't have the default password, I won't be able to get in.) In fairness, the modem does not seem to be blocking any other ports.

FG connection test fails. Also fails when I test port 1802 on canyouseeme.org.

Thank you.

This one was caused by a VoIP device in between the cable modem and the network router.
Once we moved the VoIP device behind the network router instead it all worked.

Illmirranor
November 26th, 2016, 15:31
Yes, and kudos to damned for helping me figure that out. The VOIP provider wanted their device between the modem and the router, but once we just plugged it into the router, everything worked just fine.

For some reason, though, I have to power cycle my router every time I reboot my computer before players can join. Not sure why that is, but my router is ancient. I'm planning to replace it soon and will post another note to this thread if that doesn't solve the problem.

crankdawg47
December 6th, 2016, 01:26
Alright guys I need help. Pulling my hair out here. Here's the story:

First, up until last week I had everything working while running windows 7 pro. However, I just upgraded my MOBO, CPU, and RAM which required me to install Windows 10 home. Then things stopped working (players can't connect to me)

I have set up static IP and modified the existing port forward on my router to reflect the new IP. (didn't work)
I changed my static IP to what it was before the upgrade and changed the port forward rule again. (didn't work)
Deleted the port forward rule and remade it. (didn't work)
Put my PC in my router's DMZ. (That worked)
Took the PC out of the DMZ and turned the router's firewall off. (didn't work)

At this point I have no idea where to go from here. I discussed this with one of my players who happens to be a network tech but even he is baffled. Below is a screen cap from my router. Any help would be appreciated.
16783

Nylanfs
December 6th, 2016, 04:34
Check your AV and make sure it isn't blocking FG

Also, do you have a cable model AND a router?

Trenloe
December 6th, 2016, 05:09
@crankdawg47 - as it worked OK when your PC was in the router's DMZ, I think that your AV setup is OK - unless the network type changed when you put it in the DMZ. Just make sure that Windows sees the normal network as private (home or work).

Have you tried rebooting your router? Sometimes that's required to get any changes to port forwarding to stick.

crankdawg47
December 6th, 2016, 07:26
@crankdawg47 - as it worked OK when your PC was in the router's DMZ, I think that your AV setup is OK - unless the network type changed when you put it in the DMZ. Just make sure that Windows sees the normal network as private (home or work).

Have you tried rebooting your router? Sometimes that's required to get any changes to port forwarding to stick.

Currently using windows defender since avira was giving me other issues but I did check the network settings and found it to be set to public. I changed that to private (as seen below) but that did not fix the problem.
I did reboot the router after the first set of changes but haven't done so since the network type change on the computer.

16791

damned
December 6th, 2016, 13:02
crankdawg47 my availability is a bit sketchy the next few days. if you PM me your email address and your typical availability (timezones help here - Im in Sydney) Ill try and help you out.

crankdawg47
December 6th, 2016, 20:50
crankdawg47 my availability is a bit sketchy the next few days. if you PM me your email address and your typical availability (timezones help here - Im in Sydney) Ill try and help you out.

Message sent.
I just finished swapping out the router for a new one. Figured it was worth a try but that had no effect after re adding all the various settings.

Paddy Yank
December 7th, 2016, 02:55
If I'm going to DM games for our group do I need to setup a static address?

LordEntrails
December 7th, 2016, 03:14
If I'm going to DM games for our group do I need to setup a static address?
Welcome Paddy to the Community!

99% of the time the answer is no.

When you start FG, and click Load Campaign, what happens when you click Connection Test?

damned
December 7th, 2016, 03:16
No. You need to be able to do one of these options:

1. enable IPv4 port forwarding of TCP 1802 through your router to your GM computer
2. have a plu and play router which can do the above for you
3. run Hamachi and for a private Hamachi network with your players (there are other similar services like Tunngle)
4. use a VPN to do the port forwarding for you

Most GMs by far fall into 2 and 1, followed further back by 3.

The next generation of FG client will avoid this requirement but it is somewhere off in the future still...

Imij
December 11th, 2016, 01:24
Can anyone explain to me why 3 days ago everybody in my group could connect and now none of us can? Connection test fails for everyone, no one has changed anything on there computers, it just stopped working.

damned
December 11th, 2016, 01:36
Can anyone explain to me why 3 days ago everybody in my group could connect and now none of us can? Connection test fails for everyone, no one has changed anything on there computers, it just stopped working.

Hi Imij whilst none of you has changed anything thousands of things have changed on your computer regardless.
You might note that the connection test is only available on two screens - Create New Campaign and Load Campaign. There are no connection tests on Join Campaign. Players do not have to pass a connection test so dont waste time looking at the players computers.
On the GMs system - are they using plug n play? Reboot router.
On the GMs system - if they manually created the port forward check the port forward, check the windows firewall, check the GMs computer has the same ip address as the port forward is set to. Then reboot the router.

Spin-Man
January 27th, 2017, 23:57
I just want to give a big thank you to Crusader for creating this thread and to all the other users who continue to help people set up their port forwarding. It's too bad I didn't see this right away when I started trying to set up my static IP address. I spent an hour at Netgear's site, only to find much clearer directions here when I gave up and came back to ask for help on the forum.

hawkwind
February 9th, 2017, 20:43
working now ignore this post

DoubleDanGaming
March 16th, 2017, 20:39
So, I have an Arris SB6121 Modem going into an Apple Time Capsule (which is also a wireless router) on macOS Sierra, and I have not ever been able to pass the connection test. I could use a bit of a walkthrough...

damned
March 16th, 2017, 23:03
So, I have an Arris SB6121 Modem going into an Apple Time Capsule (which is also a wireless router) on macOS Sierra, and I have not ever been able to pass the connection test. I could use a bit of a walkthrough...

Welcome DoubleDanGaming.

Your Time Capsule may be acting as a Router/AP or just as an AP. Do a trace route to 8.8.8.8 and paste results here and it will give us some more info.

Performing a Traceroute in Mac OS X
If you are running Mac® OS X, you can use the Network Utility application, which is included with Mac OS X, to run the trace route.
To Perform a Traceroute in Mac OS X
Launch Network Utility.
You can do this through Mac OS X Spotlight by typing Network Utility, and then clicking the Top Hit.
Click Traceroute.
Enter 8.8.8.8 and Click Trace.
Select the results, and then right-click and select Copy or press COMMAND+C to copy the text.
Paste the text here in your reply.

DoubleDanGaming
March 17th, 2017, 06:39
Traceroute has started…

traceroute to 8.8.8.8 (8.8.8.8), 64 hops max, 72 byte packets
1 172.16.1.1 (172.16.1.1) 1.267 ms 1.249 ms 1.293 ms
2 96.120.41.33 (96.120.41.33) 11.404 ms 13.975 ms 10.415 ms
3 xe-11-1-0-sur01.muskegon.mi.michigan.comcast.net (68.85.218.13) 10.604 ms 8.762 ms 7.865 ms
4 te-9-4-ur03.wbloomfield.mi.michigan.comcast.net (68.85.223.110) 9.118 ms 10.171 ms 11.698 ms
5 xe-1-3-1-0-sur01.lyndon.mi.michigan.comcast.net (68.87.189.177) 22.245 ms 20.376 ms 23.701 ms
6 be-33668-cr02.350ecermak.il.ibone.comcast.net (68.86.90.45) 26.254 ms 25.710 ms 31.580 ms
7 be-10563-pe01.350ecermak.il.ibone.comcast.net (68.86.82.158) 24.920 ms 24.556 ms 24.938 ms
8 as40009-2-c.1950stemmons.tx.ibone.comcast.net (75.149.231.2) 23.622 ms 23.205 ms 23.715 ms
9 108.170.243.207 (108.170.243.207) 26.337 ms 24.356 ms 22.371 ms
10 209.85.254.240 (209.85.254.240) 23.565 ms 25.617 ms 26.233 ms
11 72.14.232.70 (72.14.232.70) 34.133 ms 34.884 ms 34.112 ms
12 72.14.234.81 (72.14.234.81) 32.856 ms 35.524 ms 32.813 ms

damned
March 17th, 2017, 06:46
Good. It looks like there is only single NAT taking place.
If you browse to 172.16.1.1 is that your Arris router or is it the Time Capsule?

DoubleDanGaming
March 17th, 2017, 06:47
According to my AirPort Utility, that's the LAN IP address of my Time Capsule. But entering that IP into the browser draws only a "fail to connect to server" error.

damned
March 17th, 2017, 06:57
Try this: https://owlr.uservoice.com/knowledgebase/articles/875730-how-to-set-up-port-forwarding-on-an-airport-time-c

Except you are going to setup Private IP Address: your PCs address, Public TCP Ports: 1802, Private TCP Ports: 1802

DoubleDanGaming
March 17th, 2017, 07:02
What do you mean, "your PCs address"?

damned
March 17th, 2017, 07:08
Every computer/device on your network has an ip address.
You need to on Step 4 use your computers IP address along with TCP ports 1802 on Private and Public.

DoubleDanGaming
March 17th, 2017, 07:14
How idiotic - I was a single number off in my original setup, which is why it never worked. I had found many resources previous, including the page you linked, but I never twigged onto using the IP address of my computer exactly - I let it choose the last number of the x.x.x.x itself. Now I have success! Bloody brilliant - thank you!

Or, considering your name...should that be "Damn you"?

damned
March 17th, 2017, 07:20
Double Damn You thank you very much :)

Now on to more important things - hows about running an amazing one-shot session at FG Con!
http://www.fg-con.com/events

DoubleDanGaming
March 25th, 2017, 18:48
Aaaand it no longer works, and I have no idea why.

EDIT:. And now it does. *eye twitch*

damned
March 25th, 2017, 23:47
DoubleDanGaming you will want to setup DHCP reservations for your computer on your router and your router on your modem.
Sometimes your router and/or modem needs a reboot too.

tekmagika
April 11th, 2017, 15:59
My turn to ask for help!

First time using Fantasy Grounds (I come from Roll20 where connection issues didn't happen unless the entire site was down). I have been struggling with getting FG access up and running all morning but keep getting failures on the Connection Test.

I am running Windows 10 and have a Belkin router with uPnP enabled. I added a Virtual Server entry for FG in my Firewall settings according to the instructions at portforward.com, but it still doesn't seem to be working. Anyone help walk me through this? I'd rather not go the Hamachi route (my players aren't keen on installing new software and making new accounts for things ... would prefer having it be an easy process for them).

Thanks in advance!

Trenloe
April 11th, 2017, 17:27
Welcome to the forums tekmagika

Sorry you're having issues.

Please run the following command from the command prompt and post the results for the first 4 hops: tracert 8.8.8.8

tekmagika
April 11th, 2017, 17:44
1 10 ms 1 ms 2 ms BELKIN [192.168.2.1]
2 36 ms 28 ms 17 ms 142.254.145.197
3 19 ms 16 ms 20 ms 24.29.5.145
4 16 ms 14 ms 15 ms be30.dytnoh5501r.midwest.rr.com [65.29.38.52]

Trenloe
April 11th, 2017, 17:47
1 10 ms 1 ms 2 ms BELKIN [192.168.2.1]
2 36 ms 28 ms 17 ms 142.254.145.197
3 19 ms 16 ms 20 ms 24.29.5.145
4 16 ms 14 ms 15 ms be30.dytnoh5501r.midwest.rr.com [65.29.38.52]
OK, that's great - looks like you're not using double-NAT/IP sharing.

I assume your GM PC is on an IP address 192.168.2.xxx ?? If so, have you confirmed that IP address and entered that as the target for the virtual server - using TCP port 1802? Maybe provide a screenshot of the virtual server setup.

tekmagika
April 11th, 2017, 17:54
Screenshot! 18511

Trenloe
April 11th, 2017, 18:23
Screenshot! 18511
Looks good. Assuming your GM computer is on 192.168.2.199.

Try rebooting the router, just to see if that is needed to activate the changes.

Otherwise, that looks OK and we need to look at your computer might be blocking the connection.

Check that the network connection on your computer is shown as Home/Private and not Public (Windows Firewall will block Fantasy Grounds on a Public network).

Add an exception to your security applicatio/s to allow FantasyGrounds.exe to communicate on TCP port 1802.

tekmagika
April 11th, 2017, 19:00
Looks good. Assuming your GM computer is on 192.168.2.199.

Try rebooting the router, just to see if that is needed to activate the changes.

Otherwise, that looks OK and we need to look at your computer might be blocking the connection.

Check that the network connection on your computer is shown as Home/Private and not Public (Windows Firewall will block Fantasy Grounds on a Public network).

Add an exception to your security applicatio/s to allow FantasyGrounds.exe to communicate on TCP port 1802.

Router has been rebooted several times with no effect on FG access.

Network connection is Private.

All I have running is Windows Defender and SUPERAntiSpyware. Does Windows 10 have any hidden security apps that could be blocking it? Can't find anywhere in either program to set ports. Is that something they do?

Trenloe
April 11th, 2017, 19:05
All I have running is Windows Defender and SUPERAntiSpyware. Does Windows 10 have any hidden security apps that could be blocking it? Can't find anywhere in either program to set ports. Is that something they do?
Windows 10 has "Windows Firewall", check to see if that is running and add an exception if it is.

Another thing to try is to load up a second instance of FG and "Join Game" to your GM instance (up and running waiting for players to connect) with a server address of localhost This won't prove much if it is a local security application blocking network access, but if it fails it will indicate other issues.

tekmagika
April 11th, 2017, 19:18
Windows 10 has "Windows Firewall", check to see if that is running and add an exception if it is.

Another thing to try is to load up a second instance of FG and "Join Game" to your GM instance (up and running waiting for players to connect) with a server address of localhost This won't prove much if it is a local security application blocking network access, but if it fails it will indicate other issues.

There are two listings for Fantasy Grounds in Windows Firewall (forgot that I had actually checked this earlier as well!). One for the port and one for the app. The port listing only lets me select TCP or UDP, but not both.

Trenloe
April 11th, 2017, 19:19
You only need TCP, not UDP.

Please try the second instance of FG localhost test.

tekmagika
April 11th, 2017, 20:07
You only need TCP, not UDP.

Please try the second instance of FG localhost test.

The test seemed to be a success. It joined.

tekmagika
April 11th, 2017, 22:05
The test seemed to be a success. It joined.

And by a success, I mean I could join the localhost. Does that mean people elsewhere should be able to join, despite it showing a Failure with the Connection test? I've tried joining with the laptop on the same local network and it isn't working.

Trenloe
April 11th, 2017, 22:40
And by a success, I mean I could join the localhost. Does that mean people elsewhere should be able to join, despite it showing a Failure with the Connection test? I've tried joining with the laptop on the same local network and it isn't working.
It tells us that there is something blocking communication on the network interface of your computer. More than likely security software.

When you tried to join on the same local network did you use address 192.168.2.199 to connect?

tekmagika
April 11th, 2017, 22:50
No, I tried localhost and then the alias. I'll try the specific IP.

edit - nope, the IP didn't work either.

edit edit - I checked and my IP had changed to 192.168.2.6, which seems to be working. The laptop is currently connected.

Trenloe
April 11th, 2017, 23:02
edit edit - I checked and my IP had changed to 192.168.2.6, which seems to be working. The laptop is currently connected.
That's probably why your connection test wasn't working too.

You'll need to change your virtual server on the router to see this new IP address.

It's worth setting up a static IP address for your GM computer so this won't happen again.

LordEntrails
April 11th, 2017, 23:04
No, I tried localhost and then the alias. I'll try the specific IP.

edit - nope, the IP didn't work either.

edit edit - I checked and my IP had changed to 192.168.2.6, which seems to be working. The laptop is currently connected.

Sounds like you will need to check your port forwarding rules. The internal IP probably changed when you rebooted your router. You also might be able to reserve an internal IP for your host so that the next time the router reboots you don't have to update the port forward rules.

fightingcrow60
May 2nd, 2017, 00:15
Hello FG Universe - so I have an iMac and use Parallels to run Windows 10 for Fantasy Grounds. Looking for some guidance on how to apply the above steps so I can host FG demo users with my Ultimate license. Based on the above posts, I just realized that I have the intelligence of pond scum as it applies to firewall/port configurations, so I was hoping some good-aligned forum hero would come along and rescue me from my woeful ignorance.

damned
May 2nd, 2017, 00:52
Hello fightingcrow60

So you are running a virtual instance of Windows?
Launch a cmd prompt and type
ipconfig
and check what IP address you have.
If the first 3 sets of digits are the same as the IP address on your Mac then you will need to setup a port forward on your router to the IP address displayed in ipconfig.
The port forward rule will go on your router and is tcp 1802 on the wan interface to tcp 1802 on this parallels ip address.

if that doesnt work do the folling in your cmd prompt
tracert 8.8.8.8
and post the first 10 lines.
and in Mac
Launch Network Utility
Click Traceroute.
8.8.8.8
Click Trace.
paste the first 10 lines here also.

fightingcrow60
May 2nd, 2017, 01:12
WINDOWS:
C:\Users\Jeremy>tracert 8.8.8.8

Tracing route to google-public-dns-a.google.com [8.8.8.8]
over a maximum of 30 hops:

1 29 ms 26 ms 28 ms google-public-dns-a.google.com [8.8.8.8]

Trace complete.

MAC:
Jeremys-iMac:~ Jeremy$ traceroute 8.8.8.8
traceroute to 8.8.8.8 (8.8.8.8), 64 hops max, 52 byte packets
1 homeportal 4.767 ms 4.412 ms 1.421 ms
2 99-121-4-3.lightspeed.miamfl.sbcglobal.net (99.121.4.3) 24.578 ms 24.180 ms 24.559 ms
3 99.167.141.126 (99.167.141.126) 24.118 ms 24.496 ms 23.720 ms
4 12.83.70.21 (12.83.70.21) 26.683 ms
12.83.70.13 (12.83.70.13) 28.346 ms 30.124 ms
5 fldfl401me3.ip.att.net (12.123.153.113) 39.945 ms 32.413 ms 59.809 ms
6 * * *
7 216.239.50.55 (216.239.50.55) 29.970 ms
216.239.50.57 (216.239.50.57) 28.429 ms
216.239.50.59 (216.239.50.59) 27.412 ms
8 216.239.51.131 (216.239.51.131) 27.489 ms
216.239.51.139 (216.239.51.139) 27.423 ms
209.85.242.159 (209.85.242.159) 27.305 ms
9 google-public-dns-a.google.com (8.8.8.8) 27.166 ms 27.542 ms 26.368 ms