PLEASE READ POST #1 and #2. You do not need to read every post in this thread. If this info doesnt help you get connected then post Full and Detailed answers to all 8 Questions including screenshots and we will assist.
This thread was written for Fantasy Grounds Classic. If you are running Fantasy Grounds Unity and you want to run the LAN connection option then this tread is still valid but substitute UDP for TCP.

This post is intended to layout what is happening when players connect to the GM and what is required to make that happen.
--
Background
Fantasy Grounds when running in GM mode will bind itself to TCP Port 1802 on your TCP IPv4 Network stack. This means that the application is listening for connections and requests and commands from other computers on a specific port. All applications that accept connections work in a similar way and each uses its own specific port numbers. When you connect to a website you are connecting to that server on TCP 80 or TCP 443 in most cases. There are thousands of different applications using different port numbers. There are 65,000+ TCP ports.

This happens hundreds or thousands of times per day on your computer or phone or other device that operates on a network or internet.

On your Home network you will usually receive a Private IP Address which is a valid IP address and can do all normal TCP/IP networking but cannot go onto the Internet without some assistance. If your Internal IP Address starts with any of these it is a Private IP Address:
192.168.something, 172.16.something thru to 172.31.something and 10.something
There are some other less well known network addresses that are not strictly Private but are also only intended for use by your ISP and that can muddy things up a little.
To allow devices with Private IP Addresses to use the Internet your Router (or Firewall) modifies your TCP/IP traffic/data and changes the reply (source) address to its Public IP Address and sends the data on. It also keeps track of these sessions so that when the other side (web server, video streaming service, email server etc) replies it knows who to send the reply traffic to. This is called Network Address Translation and it happens all the time in the background without you knowing about it.

Networks that are very unlikely to work
To save you time in working all the way thru to the end the following setups are highly unlikely to work:

GM is tethered to a mobile phone or mobile hotspot
GM network is connectd by Sattelite


Locations that are less likely to work but may -

GM is in South or Central America
GM is in a European Country that is well advanced in IPv6 deployment



General GM Requirements
For a player to connect to the GM the following things need to happen:

The GM needs the campaign loaded
The player computer needs to learn the location or address of the GM computer
The player computer needs to be able to traverse the network or internet between them and the GM
The player computer needs to be able to talk to the GMs computer on TCP 1802


This is all pretty straight forward except that there are a bunch of things that can get in the way of this operation and mostly at that last step.

Things to check
This next section is very much just about the GM.


Load Fantasy Grounds and run the Connection Test
If successful give yourself a big smile and begin preparing for the hordes
If unsuccessful perform the following steps


Confirm there is only one copy of Fantasy Grounds running on your computer. If there are 2 copies close both, launch once and retest
Write down the Internal and External IP Addresses and the Alias (if enabled)
On a Windows Computer go to Network and Sharing Centre and make sure the Network Profile is set to Private and then retest. You may have more than one network adapter - identify and change the correct one.
Go into your Windows Firewall or other Software Firewall and create a new Rule - Accept ANY/ALL connections from ANY/ALL computer/address on specific ports TCP 1802 and then retest

The next bits are where it can get tricky.
If you have confirmed that your network connection is set to Private and that you have created a rule to accept Inbound TCP Connections on port 1802 from anywhere then we move on to more networking topics.

This may be a subject outside your normal realm of experience. Be patient and work thru this with an open mind.

The first thing you should do is perform a tracert 8.8.8.8 command in a cmd prompt.
This will trace the hops/routers between you and Google.
Your first hop will almost always be a Private IP Address from the 192.168.something, 172.16.something thru to 172.31.something and 10.something ranges
This is expected
If you have 2 or more hops that are in these ranges it gets more tricky and your likelihood of resolving may be diminished.

1 Private Hop
This is the most common setup.
Log onto your router - its the same IP address as reported by Hop 1 - via a web browser - something like: https://192.168.1.1
Different routers will have different methods of doing this.
Typically the option will be called Port Forwarding or Virtual Servers but could be something else.
Create a new Port Forward Rule (or Virtual Server) for
TCP 1802 going to 1802 and select your computer name or IP Address (that is the Internal Address reported by Fantasy Grounds) of your computer
If it asks for a range use 1802 - 1802
If you need to setup a custom service - define it as Fantasy Grounds or FG and set the incoming ports as TCP 1802 and the destination as 1802. You then assign this service to your GM computer name/ip.

Retest the Connection after doing these steps.
If successful you can stop there or you may choose to address the possible challenge that your GM computer IP can change over time.
You can either manually set your GM computers IP address as a specific static address - you would then exclude that IP address from the DHCP range on the router -or-
Use the DHCP server to set a DHCP Static Reservation for your computer - this is my preferred method.
If you dont do one of these steps you may later have to update the Port Forward rule to your new IP if it changes

2 Private Hops
This may be a router supplied by you and a modem supplied by your ISP or a Router and a Router/AccessPoint.
It could also be a second device that is not within your access or control.

Firstly set up the first hop router exactly the same way as in the 1 Private Hop scenario above.
Whilst logged into that router take not if its WAN or Internet Address and write it down.

You will then need to try and logon to the IP Address reported as the second hop via your web browser - something like: https://192.168.0.1 or https://10.0.0.1
You will then port forward that router exactly the same as in the 1 Private Hop scenario but instead of forwarding to your GM computers IP you will Forward to the other Routers WAN/Internet address that you just wrote down above.

If you do not have access to this second hop/router you should call your ISP

There are other options here to do with redesigning your network such as putting the external device into bridge mode or not using the internal device as a router/natdevice but I recommend that you learn about those options if you are interested in learning more about how the network works.

3 or more Private Hops
You are very unlikely to be able to setup Port Forwarding without assistance from your ISP - or at all.
You can call your ISP and explain "I play a peer to peer networking game that requires me to Port Forward TCP 1802 to my computer. Can you help me set this up?" They will or wont be able to assist.

If you cannot resolve the Port Forwarding I strongly suggest you look at the Port Forwarding alternatives starting with Hamachi and Zero Tier.
https://www.fantasygrounds.com/forums/showthread.php?43607-Port-Forward-Alternatives

Virtual Adapters
There have been some recent instances where virtual machine virtual interfaces (VMware, HyperV etc) have potentially interfered with the application binding on the physical network interface. If you are running virtual machines consider changing the binding order of your network cards so that the physical interface binds first. Alternatively test by disabling the virtual NICs when using Fantasy Grounds.

Still need help?
Please dont post that you have "tried everything".
Please provide the following info when posting a request for Port Forwarding help.

1. Your LAN IP Address
2. The first two sets (octects) of your WAN IP as displayed by Fantasy Grounds and as displayed by your Router
3. Whether you are using Wired or Wireless (and not both)
4. Confirmation that you have set your Adapter in Network and Sharing Centre to Private
5. Confirmation of what AV you are running and whether you have set any exceptions
6. Post the results of the tracert 8.8.8.8 command (if you have security concerns you can remove this bit once its been responded to)
7. Confirmation as to what you have setup in your Router if changes have been made
8. Confirmation you do or do not have any Virtualisation NICs

With reference to the above - please, please supply ALL the answers, in detail, with screenshots in your post. Posting some of them, or incorrect information means that you waste more time on troubleshooting - and more importantly wastes more time for the people who give up their time to help.

CONTINUED IN FOLLOWING POST

Hijacked: Comcast and Xfinity users - your ISP is "protecting" you and blocking incoming connections on your Port Forwards.
https://www.xfinity.com/support/articles/using-xfinity-xfi-advanced-security
You will need to go in and unblock the FG server AND your players every 30days.



This is an edge case that might apply to some users.

The Problem

The symptom in this case was that Fantasy Grounds would not open port 1802, but nothing else seemed to be listening on that port to occupy it. The way to tell if this is the specific problem (rather than a port forwarding or firewall problem) is with good ol' netstat or tcpview: Run Fantasy Grounds, load a campaign, then in a command prompt, run netstat -an | findstr "1802". If the result is not empty, this is not specifically your problem (although you could have a related problem, which is that some other server is taking the port, which I won't help diagnose here, check the sticky thread for that).

...and the Solution

If the command result is empty, then what may be happening is that the Internet Connection Sharing Service is reserving that port (and others). Use window button + r to bring up the run prompt, type "services.msc" into that. In the list, scroll down to find the Internet Connection Sharing (ICS) entry. Right-click it, choose "properties", then in the resulting window under the "startup type" dropdown, choose "disabled". Apply that setting, then in the same window, click the "Stop" button just under the startup type dropdown. Once you've done this, fantasy grounds should be able to bind to port 1802.

Unfortunately, anything that was depending on Internet Connection Sharing will now not work. So bewaaaare. You might have better luck running fantasy grounds with the -p option instead to select a different port.

Localhost or LAN/Private IP or Alias or PublicIP
If you are connecting to a GM on another network use their Alias or Public IP
If you are connecting to a GM on the same network as you, use their LAN or Private IP
If you are the GM and you are connecting to your own game from a second instance on the same computer use localhost

PureVPN is one of the few options known to always work that doesn’t burden players with having to do anything special. It costs money, however. And you will need the dedicated ISP option. They run sales from time to time and have a discount on longer term signups.

The Port Forward Alternatives does list PureVPN. PureVPN is as Bidmaron says a good product and one that is known to work wit Fantasy Grounds with the right options selected.
I did not go into bridge mode because it requires you to actually understand what is going on before you make changes like that. Many networks with 2 hops have some devices on each network and simply changing to bridge mode would disconnect a bunch of devices.

Hi there Damned, I was referred to this post and have gone through it a few times to no avail.
I'm hitting a brick wall and I'm not sure what else to do.
Lan IP: 192.168.1.137
WAN IP: 162.154.193.90
Wired Connection
Network Adaptor is set on private
No antivirus
Tracing route to google-public-dns-a.google.com [8.8.8.8]
over a maximum of 30 hops:

1 <1 ms <1 ms <1 ms FBI-Surveilance [192.168.1.1]
2 3 ms 6 ms 4 ms 192.168.0.1
3 15 ms 20 ms 14 ms 142.254.145.189
4 27 ms 31 ms 30 ms 24.29.4.241
5 22 ms 20 ms 21 ms be38.dytnoh5501r.midwest.rr.com [65.29.38.100]
6 32 ms 23 ms 22 ms be28.clevohek01r.midwest.rr.com [65.29.1.46]
7 34 ms 31 ms 29 ms so-7-1-0.ar0.dca10.tbone.rr.com [66.109.6.66]
8 43 ms 32 ms 34 ms 66.109.3.24
9 34 ms 28 ms 31 ms 66.109.5.117
10 29 ms 36 ms 31 ms ix-ae-17-0.tcore2.aeq-ashburn.as6453.net [216.6.87.149]
11 29 ms 33 ms 31 ms if-ae-2-2.tcore1.aeq-ashburn.as6453.net [216.6.87.2]
12 81 ms 44 ms 31 ms 66.198.154.14
13 30 ms 108 ms 38 ms 108.170.240.97
14 28 ms 29 ms 33 ms 209.85.254.125
15 38 ms 32 ms 28 ms google-public-dns-a.google.com [8.8.8.8]

Trace complete.
Created port forwarding rule on my WRT3200ACM
"FG - Port 1802-1802 - TCP - 192.168.1.137 - Enabled"

https://www.fantasygrounds.com/forums/attachment.php?attachmentid=26032


Our aim is to accept incoming traffic destined for TCP 1802 on the PC.

To do that we need to log on to router 192.168.1.1 (orange) and add a Port Forward or Virtual Server rule for TCP 1802 and point/NAT it to the PC on 192.168.1.137 TCP 1802.

Now because we have two routers and both are likely doing NAT we need to log on to router 192.168.0.1 (green) and add a Port Forward or Virtual Server rule for TCP 1802 and point/NAT it to the Router (orange) on 192.168.0.4 TCP 1802.

The IP addresses in this are examples only. Follow the steps in the instructions above to gather all the appropriate information so that you can enter the correct info for your setup.

Please note that if your PCs IP address changes from 192.168.1.137 you need to update the settings on router 192.168.1.1 (orange) to point to the PCs new IP
If the WAN IP address changes on router 192.168.1.1 (orange) from 192.168.1.137 you need to update the settings on router 192.168.0.1 (green) to point t the routers (orange) new IP

26032

Thanks for the reply! It turns out that who ever was sent out to setup my internet initially did not set the supplied router in bridged mode, which seemed to prevent FG from connecting. I'm able to connect now! TY!
Nemo

If no devices other than your Router are connected to the ISP supplied Modem/Router then switching it to Bridged mode will simplify things a lot.
If you have some computers/printers/tablets etc connected to that Router you will either do the Double Nat or move them to your inside router first.

https://www.fantasygrounds.com/forums/attachment.php?attachmentid=26042
26042

Oh GOD thank you so much!

Ive been giving fantasy grounds loads of sub money for months on end making my campaing thinking now that it was all a waste. But i managed to get to succed only after 30 mins.

Please, please PLEASE add this "feature" in the future release. Its really baffling to someone who has been used to steam and other programs just automatically setting this up.
Its quite ana amazing thing that we dont yet have in 2019 free and easy ways for small teams like you guys to just have connections WORK without any hassle needed by the paying costumer.

Thanks onceagain thousend times Mr. damned! Thanks a ton, i was so worried for a moment 4 months worth of work was gone/wasted... :S

PS. Are there any major security risks in enabling the port of 1802?

PS. Are there any major security risks in enabling the port of 1802?
No.

Good. And thx for speedy responce Sir Immortal Trenloe ;)

LAN: 10.9.9.1
WAN:96.42
wired ethernet
Network and Sharing center set to private
1 <1 ms <1 ms <1 ms 10.9.9.1
2 * * * Request timed out.
3 9 ms 18 ms 9 ms dtr04trcymi-tge-0-6-0-9.trcy.mi.charter.com [96.34.38.13]
4 11 ms 9 ms 10 ms crr01trcymi-bue-5.trcy.mi.charter.com [96.34.36.108]
5 9 ms 17 ms 8 ms crr02trcymi-bue-10.trcy.mi.charter.com [96.34.33.97]
6 14 ms 22 ms 14 ms crr02aldlmi-bue-4.aldl.mi.charter.com [96.34.36.20]
7 17 ms 14 ms 15 ms bbr01aldlmi-bue-2.aldl.mi.charter.com [96.34.2.10]
8 23 ms 22 ms 22 ms bbr01chcgil-bue-805.chcg.il.charter.com [96.34.0.139]
9 18 ms 19 ms 18 ms prr01chcgil-bue-2.chcg.il.charter.com [96.34.3.9]
10 17 ms 18 ms 18 ms prr01chcgil-gbe-0-7-0-3.chcg.il.charter.com [96.34.152.117]
11 * * * Request timed out.
12 18 ms 18 ms 19 ms 209.85.249.98
13 21 ms 18 ms 18 ms 74.125.37.9
14 18 ms 17 ms 17 ms google-public-dns-a.google.com [8.8.8.8]
the connection test says "success" but I can't connect to my GM's game, other player's connect with no problem,
I've set a port exception for 1802 on my router

the connection test says "success" but I can't connect to my GM's game, other player's connect with no problem
The connection test is only for the GM, not the player.

Where is the GM? That is, are they on the same network as you, or remote over the Internet?

If remote over the Internet, try to connect and then post here the console.log file found in the <FG app data> directory.

My GM is remote in another state. I had tested my internet connection, and it was stable and had little traffic (discord), just to eliminate that possibility.

His game won't be up until Monday, so I can only really try a new connection. Isn't there a tutorial game that's around? Maybe we could work out a time, and get on Discord to knock this out real quick.

[29.01.2019 14:13:16] Runtime Notice: Initializing DirectX
[29.01.2019 14:13:16] Runtime Notice: Initializing COM
[29.01.2019 14:13:17] Runtime Notice: Fantasy Grounds starting

His game won't be up until Monday, so I can only really try a new connection. Isn't there a tutorial game that's around? Maybe we could work out a time, and get on Discord to knock this out real quick.

Check out the two Discord servers; The FOfficial FG one and the FG College one. Usually there are people hanging out there that don't mind starting up their server and letting you connect. If that doesn't work for you, post back here and someone will help you test.

I have been hosting a regular gaming group for the past month or so without issues since our conversion from Roll20. Today we patched to 3.3.7 and now I cannot get the connection test to pass. The only system change I have made after updating to the latest version of FG was adding a port 1802 specific rule as recommended above during today's troubleshooting.

We have never had an issue and original set up with all the same hardware was a breeze; now nothing is working.

1. 192.168.0.12 (IPv4)
2. 173.18.xxx.xxx
3. Wired
4. Adapter in Network is set to Private
5. Windows Defender has rule allowing all connections from 1802. Allows App fantasygrounds through firewall both private and public. Although for testing I have turned off windows firewall.

6. Tracert

1 1 ms 1 ms 1 ms 192.168.0.1
2 38 ms 11 ms 44 ms 173-18-72-1.client.mchsi.com [173.18.72.1]
3 86 ms 22 ms 18 ms 172.30.30.37
4 36 ms 31 ms 37 ms 68-66-73-130.client.mchsi.com [68.66.73.130]

7. Mediacom Technicolor router is set to port forward TDP port 1802

Hey Pogybait

The update hasnt caused the block - its a network or windows change unfortunately.

See hop #3 uses an address from this range:

192.168.something, 172.16.something thru to 172.31.something and 10.something

So rolling back to Q2 - does your Router and FG both report that same 173.18 address?
If so - check in #7 that you have forwarded to 192.168.0.12 and then reboot the router.

If that doesnt work call your ISP and tell them:
"I use a game that requires me to Port Forward TCP 1802 to my computer. This was working and just recently it has stopped. Can you help me set that back up?"
They may have made a change on the network (hop #3) and should be able to tell you if this is the case.

Oh and #5 - you want to accept all connections TO TCP 1802 from ANY port - not from 1802.

I am guessing that all hops after the first are working their way out on Mediacom's network. I was not concerned since I was not seeing multiple instantiations of my own system. Here's the full tracert;

1 2 ms 1 ms 2 ms 192.168.0.1
2 14 ms 11 ms 16 ms 173-18-72-1.client.mchsi.com [173.18.72.1]
3 27 ms 19 ms 27 ms 172.30.30.37
4 32 ms 27 ms 34 ms 68-66-73-130.client.mchsi.com [68.66.73.130]
5 31 ms 34 ms 34 ms po16.atlga001cr1.mchsi.com [68.66.72.54]
6 35 ms 39 ms 34 ms po10.atlga001er1.mchsi.com [68.66.72.29]
7 34 ms 41 ms 38 ms 72.14.208.56
8 32 ms 38 ms 34 ms 108.170.249.97
9 33 ms 37 ms 36 ms 209.85.254.81
10 45 ms 35 ms 35 ms google-public-dns-a.google.com [8.8.8.8]

What do you mean by "does the router report?" FG external and sites such as "what is my IP" concurs with the 173.18 address.

I have checked the correct forwarding. I have been running FG successfully for the past couple of months with it and verified it today, even deleting and resetting it. 26278

Correct I misspoke above regarding #5. The new rule I implemented accepts all connections from any port. However, that rule was not required in the past. The port forwarding was all that was required.

Hop #3 is a private IP address - it could be causing the issue.
If you log into your router and check its WAN or Internet Address does it match the 173.18.72.1 that FG is reporting?
If you have rebooted the router then do call MC.

Negative FG sees my IP as well as any outside source as 173.18.72.1XX

Negative FG sees my IP as well as any outside source as 173.18.72.1XX

Call MC....

"I use a game that requires me to Port Forward TCP 1802 to my computer. This was working and just recently it has stopped. Can you help me set that back up?"

I found the issue. When port forwarding with Mediacom's limited router controls; I had to set up the port forward with both TCP/UDP not just TCP.

I found the issue. When port forwarding with Mediacom's limited router controls; I had to set up the port forward with both TCP/UDP not just TCP.

Fantasy Grounds doesnt use UDP....
However I am glad you got it working...

If I may add my own request here:
I'm also going to be a GM. Using an iMac 2017. I get the failed test. I read through your thread, saw it was specific to Windows, but was able to use Mac's Network utility to do a trace on 8.8.8.8. Here's what I got.
traceroute to 8.8.8.8 (8.8.8.8), 64 hops max, 72 byte packets
1 mynetwork (192.168.2.1) 3.579 ms 1.214 ms 1.141 ms
2 209.71.195.8 (209.71.195.8) 16.589 ms 16.558 ms 16.273 ms
3 dis71-montreal02_7-2-0.net.bell.ca (64.230.90.159) 17.005 ms 16.948 ms 16.801 ms
4 tcore4-montreal02_1-0-0-9.net.bell.ca (64.230.90.158) 20.667 ms 19.731 ms 20.163 ms
5 bx1-montrealgz_et-0-0-5.net.bell.ca (64.230.26.135) 25.663 ms 22.868 ms 17.543 ms
6 google_bx1-montrealgz.net.bell.ca (184.150.167.189) 17.623 ms 16.854 ms 17.514 ms
7 108.170.251.49 (108.170.251.49) 17.614 ms 17.222 ms 17.280 ms
8 108.170.231.59 (108.170.231.59) 17.734 ms 23.694 ms 18.862 ms
9 google-public-dns-a.google.com (8.8.8.8) 28.517 ms 25.476 ms 16.908 ms

Now I can't change my router's ports on my end, I'm with Virgin (in Canada), and the router page does not give access to that function, I'll have to call support tomorrow. But for now: Seeing this, do I understand it corresponds to the "1 hop" scenario and should be relatively easy to fix with a tech?
(already checked, no firewall here as well.)

Thanks! Can't wait to get my players to connect to me!

Yes - ask them to forward tcp 1802 to your computers IP address which will be 192.168.2.something
also ask them to create a DHCP reservation for that IP address/computer

Thank you for the lightning speed response.

Hello. Called them and they helped explain but they could not do the reservation as that modem works with leases. I need to redo this every 99 days. Not a big problem. But: Not sure I understand this step: Here's my screen capture:
26494
Name, Protocol, device, all good.

But then: Internal port 2 boxes, one grayed out and external port 2 boxes fillable.. Do I write 1802 in all 3??

I'm sure it's a "user" problem... But as you can see it asks for a wider range than 1802-1802 and for the internal I HAVE to write something... help? ;-)

protocol TCP
and 1802 for all three fields...

All right. I had to do in the external port 1802 to 1803 as it needed a range that did not have the same number. The connection test now works!! I'll try with players. Thank you so much for your help! :-)

Boom! Well done.

Hey, I recently got a new router/modem, fantasy grounds didn't have any problems with the old ones. But ever since the upgrade it hasn't been able to connect. I've gone through these steps a couple of times and don't seem to be able to connect still, any help would be greatly appreciated.

Hey BigEarl pick up the phone and call your ISP and explain to them that you need to do Inbound Port Forwarding for TCP 1802 to your Computer and that it isnt working.
Tell them that this device 10.80.213.205 is probably the issue.
Can they please help you resolve?

They should be able to either fix it or tell you it cant be done.
If the latter ask to escalate the ticket. Tell them its important.

If that still doesnt work then you will need to look at the Port Forwarding alternatives.

Thanks for the response, the ISP unfortunately couldn't do anything about it.

Try the Port Forwarding Alternatives thread.
Hamachi and Zero Tier are both free but require your players to also use.
PureVPN is the lowest impact on the players but requires additional GM expense.

Hello, please help! I have been trying for over 4 hours to open a connection so that I can host a game, but I keep getting a failure result when doing a test run. The following info speaks to you "Still need help" items:

1. LAN IP: 192.168.1.75
2. WAN IP: 23.125.90.81 [both taken from 'address information' in fantasy grounds launch window]
3. wired connection
4. computer is set to private
5. have windows firewall and Webroot AV up; however--even when completely disabling both firewalls I still am unable to get a connection.
6. See attached image.
26730
7. See attached images:
26731
26732
26733
26734

Will add additional in next post

7. [cont.]
26735
26736
26737
26738

btw, is there a way to attach pdf files?

btw, is there a way to attach pdf files?
Not natively. You have to zip them up.

On screenshot #5 you have a custom config for your PC which is in error. Set it back the same as the other PCs.
In Screenshot $6 delete the two rules and create a new one. Dont choose any specific type of traffic - just tcp and 1802.
Screenshot 7 looks good, 8 looks wrong - because of #5.

Dont disable your Windows Firewall.
Turn it on and delete the existing FG rules and create a new one. Port, Incoming, TCP, 1802, always from anywhere.

Success! Thanks for all your help.

this is were im at after following the steps.

1 1 ms <1 ms <1 ms dsldevice.attlocal.net [192.168.1.254]
2 23 ms 25 ms 23 ms 76-230-56-1.lightspeed.livnmi.sbcglobal.net [76.230.56.1]
3 22 ms 23 ms 22 ms 71.151.244.93
4 25 ms 29 ms 27 ms 75.26.64.218
5 28 ms 30 ms 31 ms 12.83.32.181
6 37 ms 31 ms 30 ms gar26.cgcil.ip.att.net [12.122.99.93]
7 34 ms 32 ms 32 ms 12.247.108.6
8 * * * Request timed out.
9 31 ms 32 ms 31 ms 216.239.42.112
10 31 ms 31 ms 31 ms 72.14.237.31
11 31 ms 31 ms 31 ms google-public-dns-a.google.com [8.8.8.8]

this is were im at after following the steps.



And does it work?

no it still failed

this is were im at after following the steps.


no it still failed

The steps conclude with:

Still need help?
Please dont post that you have "tried everything".
Please provide the following info when posting a request for Port Forwarding help.

1. Your LAN IP Address
2. The first two sets (octects) of your WAN IP as displayed by Fantasy Grounds and as displayed by your Router
3. Whether you are using Wired or Wireless (and not both)
4. Confirmation that you have set your Adapter in Network and Sharing Centre to Private
5. Confirmation of what AV you are running and whether you have set any exceptions
6. Post the results of the tracert 8.8.8.8 command (if you have security concerns you can remove this bit once its been responded to)
7. Confirmation as to what you have setup in your Router if changes have been made

If you answer the 7 questions Im sure we can get to the bottom of your configuration.

1. 192.168.1.50
2. Used Port Forwarding to look for internal (192.168.1.50) and external (99.38.116.205)
3. I'm wired
4. Network is set to Private.
5. AV and firewall dose have an exceptions for FG.
6. the tracert 8.8.8.8 command:
1 3 ms <1 ms <1 ms dsldevice.attlocal.net [192.168.1.254]
2 24 ms 29 ms 24 ms 76-230-56-1.lightspeed.livnmi.sbcglobal.net [76.230.56.1]
3 23 ms 23 ms 23 ms 71.151.244.93
4 24 ms 24 ms 24 ms 75.26.64.218
5 25 ms 30 ms 32 ms 12.83.32.181
6 31 ms 31 ms 31 ms gar26.cgcil.ip.att.net [12.122.99.93]
7 32 ms 31 ms 32 ms 12.247.108.6
8 * * * Request timed out.
9 32 ms 32 ms 32 ms 216.239.42.112
10 31 ms 32 ms 32 ms 72.14.237.31
11 31 ms 31 ms 33 ms google-public-dns-a.google.com [8.8.8.8]

7. Port 1802 has been made correctly in my router/modem.

Hopefully these was what you were asking for.

If its still not working then most likely something there is stsill not setup correctly.
Please post a screenshot of: your port forward settings and delete the existing FG firewall rules and create a new one. Port, Incoming, TCP, 1802, always from anywhere.

26782

Here the screenshot.

Good stuff. So that screenshot shows that you have defined the FG port requirements/service. Now you need to create a NAT entry/rule that uses that service and applies it to your computers LAN IP.

ok, I'm not too sure on how to do that but I'll google it.

26786

Is this it?

That looks right.
Retest - if its still not working do the Firewall Rule thing I posted above.

nope didn't work. I have tried restarted my cpu too.

If you are available in the next hour or so and you would like me to have a look at your setup with you please send me your email address via PM.

Thank you damned and all FG people for being patient with me. Damned help me got it to work. So here what happen, my dumb *** thought I exempt FG form my AVs. Turns out I have 2 and keep exempting FG wrong. Like I said Damned did most of the work. Thank you Damned.

Thank you for that comprehensive posting. Had a working solution for years which suddely stopped working (which I found out at session time a couple Saturday's ago). After eliminating my router and modem (which was a bear), I went looking for other answers and found your post. Seems my Vipre AV/Firewall software suddenly requires a rule for FG to work. Now I can actually spend time planning my next session.. Cheers!

I believe i have gone through all the steps and it is still returning a failure.

1. 192.168.0.23
2. 60.224.5.94
3. Wire Connection to Router
4. Network is set to private
5.Windows Defender and Malwarebytes
6.
Tracing route to google-public-dns-a.google.com [8.8.8.8]
over a maximum of 30 hops:

1 <1 ms <1 ms <1 ms 192.168.0.1
2 * * * Request timed out.
3 10 ms 12 ms 11 ms 58.160.248.1
4 13 ms 11 ms 11 ms bundle-ether4.win-edge901.melbourne.telstra.net [203.50.76.10]
5 11 ms 12 ms 11 ms bundle-ether11.win-core10.melbourne.telstra.net [203.50.11.107]
6 26 ms 24 ms 24 ms bundle-ether12.ken-core10.sydney.telstra.net [203.50.11.122]
7 21 ms 21 ms 21 ms bundle-ether1.ken-edge903.sydney.telstra.net [203.50.11.173]
8 22 ms 21 ms 20 ms 72.14.212.22
9 * * * Request timed out.
10 26 ms 24 ms 21 ms google-public-dns-a.google.com [8.8.8.8]
Trace complete.

7. 26901
26902

Welcome to the FG forums.


5.Windows Defender and Malwarebytes
Fully disable Malwarebytes when you're doing a connection test. There has been issues with this in the past.

Switched off all the processes it does and then switched it off, there is still a connection failure

Switched off all the processes it does and then switched it off, there is still a connection failure
OK, that was the quick thing we could check.

Another thing to do is delete all of the entries in the firewall settings and recreate them - we've seen this fix the issue in the past.

Assuming you're on Telstra (and probably in Victoria), the issue might be that second hop on your tracert - we don't know if it's a private or public IP address, which would help us to determine if your public IP address is being shared with others (getting quite common now) which is an issue with port forwarding. Some of the Aussies on the forum may have a better idea if that's common for your area or not.

Anyway someone could walk me through these steps? I have set my port forward to 1802 and still have the failure to connect. I'm not 100% sure how to do the rest

Anyway someone could walk me through these steps? I have set my port forward to 1802 and still have the failure to connect. I'm not 100% sure how to do the rest
Welcome to the forums!

Please provide answers to the 7 questions in the "Still need help?" section at the bottom of post #1. Thanks.

1. 192.168.1.231
2. 192.168.1.1
3. Wireless
4. I believe it is on private, but did not show up in network settings
5. No AV
6. Joshs-iMac:~ joshhenry$ tracert 8.8.8.8
-bash: tracert: command not found
Joshs-iMac:~ joshhenry$
7. /Users/joshhenry/Desktop/Port Forward.png

6. Joshs-iMac:~ joshhenry$ tracert 8.8.8.8
-bash: tracert: command not found
Ah, OK - you're on a Mac. Use traceroute 8.8.8.8


7. /Users/joshhenry/Desktop/Port Forward.png
You can attach a screenshot by using the advanced editing in your reply ->Click "Go Advanced" and then you have an attachment button (paperclip icon at the top).

This doesn't seem to be very helpful

Joshs-iMac:~ joshhenry$ traceroute 8.8.8.8
traceroute to 8.8.8.8 (8.8.8.8), 64 hops max, 52 byte packets
1 linksys02776 (192.168.1.1) 12.372 ms 5.822 ms 5.080 ms
2 * * *
3 * * *
4 * * *
5 * * *
6 * * *
7 * * *
8 * * *
9 * * *
10 * * *
11 * * *
12 * * *
13 * * *
14 * * *
15 * * *
16 * * *
17 * * *
18 * * *
19 * * *
20 * * *
21 * * *
22 * * *
23 * * *

Indeed, it isn't helpful. What the traceroute should show is whether you have more than one device (router/modems) between you and the internet and whether there are any private IP addresses between you and the internet. The latter will show whether your ISP is sharing IP addresses and therefore whether it is even possible to port forward at all.

It is important that your network is set to private so can you make sure that it is (I don't know enough about macs to tell you how you go about doing that). Also can you say if you are a home user or whether your are connected to something like a college or school network or an apartment with a shared wireless network.

Also I understand it is rare on a mac but if you do have an anti virus program running make sure that you have created an exception for Fantasy Grounds in it.

I am part of a shared network

And the question then is are you able to access all of the router/modems between you and the internet. If not then you will not be able to port forward since that requires access. It may be possible for you to get whoever controls those router modems to chain port forwarding from the internet to the next router/modem to your router/modem. If not then currently until FGU comes around the only solution is to use a VPN. More information on that subject here https://www.fantasygrounds.com/forums/showthread.php?43607-Port-Forward-Alternatives

Hi Wolfspirit1010

Please check your Routers Broadband/WAN/Status page or similar and find out what its Public or WAN IP Address is please and post here.
On your GF splash screen for Load Game or Create Game what is the External IP address there?

Gents,

I'm not GMing, but trying to connect to a host that other players can connect to.


My internet is, and has always been, via wi-fi tether on my phone. This has worked fine until recently, and when it stopped working I was able to access the game by tethering to my wife's phone.

I also cannot connect to the FG Updater when using my phone's tether.

Is this something you guys can help me solve? What data would you need?


1. 192.168.43.65
2. 172.58.142.242
3. Wireless
4. Yes
5. Windows Defender, Yes
6.
- 1 192.168.43.176 reports: Destination net unreachable.

7. Have not figured out how to, or what I need to do if I manage to gain that access

Welcome MadDogMaddux

This thread is about GM connections rather than player connections.
An update on your phone - or by your provider - is the most likely reason this has stopped working.

You can try seeing if there are any new updates for your phone.
You could also reset the tethering settings on your phone and set it up again.
And delete the saved Wifi connection or your phone on your PC and set that up again.

Thanks for replying even though I'm in the wrong place! I'll try those ideas, and then look for wherever on these boards I can address this. Thanks!

I'm trying to set up my system to start GMing with Fantasy Grounds . . . unfortunately any technical knowledge I once had concerning networks is over 20 years old and has likely been overwritten by the past three years by my English major . . . so, I need some detailed help.

Setting up the software was completed and when I go to create a campaign, I click the RUN TEST button under Connection Test and get a FAILURE result.

I've looked at the Windows Firewall setting and it looks set to allow FG through. My router also appears the same.

Here are my answers to The Seven Questions

1. 192.168.0.7

2. 98.202.169.70 (I think . . .)

3. Wired (desktop - I have a laptop that can be used wireless or wired, but I don't plan on using it.)

4. Network profile is set to Private (using Win10 . . . have mercy on my soul)

5. Using Windows Defender currently. The only exception set was on initial run of program - may not be set.

6. Tracing route to google-public-dns-a.google.com [8.8.8.8]
over a maximum of 30 hops:

1 <1 ms <1 ms <1 ms 192.168.0.1
2 10 ms 9 ms 11 ms 96.120.96.5
3 14 ms 8 ms 9 ms po-113-rur101.saltlakecity.ut.utah.comcast.net [68.87.171.85]
4 10 ms 9 ms 9 ms be-1-ar01.saltlakecity.ut.utah.comcast.net [162.151.49.133]
5 24 ms 22 ms 20 ms be-33660-cr01.champa.co.ibone.comcast.net [68.86.90.225]
6 23 ms 23 ms 20 ms be-12021-cr02.1601milehigh.co.ibone.comcast.net [68.86.84.226]
7 20 ms 21 ms 21 ms be-12176-pe02.910fifteenth.co.ibone.comcast.net [68.86.83.94]
8 20 ms 20 ms 20 ms 50.248.118.30
9 21 ms 29 ms 23 ms 108.170.252.209
10 20 ms 20 ms 22 ms 216.239.43.91
11 20 ms 20 ms 20 ms google-public-dns-a.google.com [8.8.8.8]

7. No changes made to router

Thank you for the help . . .

Hey DoctorPhobos

2. this should be the number displayed on the Fantasy Grounds Create New Game or Load Game screen as External
7. you will need to create a Port Forward rule and Forward TCP 1802 1802 to 192.168.0.7 TCP 1802

Hey DoctorPhobos

2. this should be the number displayed on the Fantasy Grounds Create New Game or Load Game screen as External
7. you will need to create a Port Forward rule and Forward TCP 1802 1802 to 192.168.0.7 TCP 1802

Okay, I was right on question 2.
On 7, I created a Port Forward rule on my router, but still get a FAILURE result when testing in Fantasy Grounds.

Here's the settings I put into my router:

27025

According to your screenshot the EXTERNAL IP ADDRESS that you should use n your router is 0.0.0.0 - give that a go.

According to your screenshot the EXTERNAL IP ADDRESS that you should use n your router is 0.0.0.0 - give that a go.

And we has SUCCESS!!!!!

Thank you, very much for your help!

Damned,
I am not having connection issues, but my question is about the Connection.
This seemed like the likeliest place to ask.

Is there a place, inside the game to check for the IP Address while the game is running?

Running into instances, where a player is running late and I have to exit the system, give the address and launch the campaign again.
If it is a matter of just writing it down, that is not an issue, I was just curious if there was a place to check while the system is running.

Damned,
I am not having connection issues, but my question is about the Connection.
This seemed like the likeliest place to ask.

Is there a place, inside the game to check for the IP Address while the game is running?

Running into instances, where a player is running late and I have to exit the system, give the address and launch the campaign again.
If it is a matter of just writing it down, that is not an issue, I was just curious if there was a place to check while the system is running.

Woot!
Im glad you are not having connection issues.
As you have found there is no way to get the Alias whilst in game.
You can launch another instance of FG to the Load Campaign screen and the Alias will be the same.
Otherwise - write it down as you are doing.

Thanks for confirming that mate!
Love the system and look forward to using it for many years to come.

Cheers

1. 192.168.1.189
2. WAN IP: 172.16.1.65
3. Wireless (Works on Wired and another system works on Wireless with ISP router)
4. Private
5. Avast: yes exeception both ALL and 1802 tried
6. 1 <1 ms <1 ms <1 ms router.asus.com [192.168.1.1]
2 1 ms 1 ms 1 ms igateway [172.16.1.254]
3 * * * Request timed out.
4 12 ms 6 ms 6 ms 207-47-191-249.ngai.static.sasknet.sk.ca [207.47.191.249]
5 38 ms 40 ms 40 ms 142.165.0.114
6 43 ms 39 ms 41 ms 72.14.215.46
7 40 ms 59 ms 38 ms 108.170.250.241
8 41 ms 39 ms 40 ms 108.170.227.39
9 38 ms 37 ms 41 ms google-public-dns-a.google.com [8.8.8.8])
7. 27154

Hi Fionavar

It looks like you have 2 routers. Probably one supplied by you and one by your ISP.
It also looks like you are trying to GM from more than one computer? Generally this does create issues. You can only port forward a specific port to one computer at one time.

Anyway... log onto 172.16.1.254 and set a port forward rule there to forward tcp 1802 to 172.16.1.65
Im guessing though that 172.16.1.65 is dynamic - you probably want to set a DHCP reservation for your router n the ISP router and set a DHCP reservation for your PC on your Router

I appreciate this feedback - the confusing thing is I have used WiFi and such on 3 rigs with this setup. It is only now that this is occurring. I always prefer hard lines, but thought I would check as this is new for wifi
.

What router are the other devices connecting to when they are on Wifi and they work?
My guess is they are connected to the ISP router.

All have been connected to the ISP router. All previous rigs have worked with WiFi - wired and wireless with the 1802 exception. I am stumped - and admit - this aspect of FG is most challenging.

This one is NOT connected to the ISP router.
This one is connected to the other router.

This one is NOT connected to the ISP router.
This one is connected to the other router.

I do not understand this reply?

Draw it on a piece of paper.

[internet] ----- [isp router] ----- [your router] ----- [new pc]

Your PC has 192.168.1.89 on the LAN
(this is connected to the LAN side of your router)

Your router has 192.168.1.1 ip on the LAN
Your router has 172.16.1.65 ip on the WAN
(this is connected on its WAN side to the LAN side of the ISP router)

Your ISP router has 172.16.1.254 on the LAN
and has something else (public ip) on the WAN
(this is connected to your ISP/Internet on its WAN side

Where is your computer?
It has to pass thru your Router AND the ISP Router
Both are messing with the ports by doing NAT

Okay - I admit to ignorance on this. What do I do to fix this? Is it possible to make this work? The weird thing is that it worked fine on a different notebook just last week!

Update - got it! I had to on My ISP Router assign the port opening as well as in the wifi router! Well that was interesting.Thanks for your patience damned!

Well done Fionavar

Make sure you reread post #81 because if either your PC address or you Router IP address changes then it will stop working.
https://www.fantasygrounds.com/forums/showthread.php?47051-Fantasy-Grounds-Connections-Explained&p=435128&viewfull=1#post435128

Fair enough - but now I know what to do :) yeah learning ;)

Fair enough - but now I know what to do :) yeah learning ;)

All of us. Always still learning.

1. 192.168.0.101
2. 185.233
3. Wireless
4. Done.
5. Win10 defender/firewall, I deleted the default rules for FG and made one to allow any TCP1802 traffic inbound.
6.
1 1 ms 2 ms 1 ms 192.168.0.1
2 3 ms 2 ms 2 ms 185-233-24-16.fiberlink.pl [185.233.24.16]
3 4 ms 3 ms 3 ms 185-233-24-1.fiberlink.pl [185.233.24.1]
4 11 ms 9 ms 11 ms google.ip4.epix.net.pl [89.46.144.185]
5 10 ms 9 ms 10 ms 108.170.250.193
6 9 ms 9 ms 9 ms 216.239.48.161
7 9 ms 9 ms 10 ms google-public-dns-a.google.com [8.8.8.8]
7. Port forwarding and DHCP reservation on the router.

Any help?

Hey marqss and welcome
At first look everything there looks correct.

So I would next try installing on another compuer on your network and try and connect the new computer to this computer on host address 192.168.0.101
If that works then something is wrong on the router or ISP end, if it doesnt connect something is wrong with the firewall on that computer

7. Port forwarding and DHCP reservation on the router.

Any help?
Please provide a screenshot of the port forwarding in the router.

Hello all. I’ve really tried to do this myself, but I feel like I have read and tried it all a few times, so I guess it's time to ask for help. Here’s my info:

1. Your LAN IP Address
192.168.1.120

2. The first two sets (octects) of your WAN IP as displayed by Fantasy Grounds (I'm not sure where this is. Is it the Address Information on the Load Campaign Screen? If so, the Internal is 192.168 and the external is 204.144) and as displayed by your Router
100.68

3. Whether you are using Wired or Wireless (and not both)
Wired

4. Confirmation that you have set your Adapter in Network and Sharing Center to Private
Confirmed

5. Confirmation of what AV you are running and whether you have set any exceptions
McAfee Antivirus Plus
Under Ports and System Services I opened up port 1802 for Fantasy Grounds

6. Post the results of the tracert 8.8.8.8 command (if you have security concerns you can remove this bit once its been responded to)
1 <1 ms <1 ms <1 ms RT-AC5300-51F0 [192.168.1.1]
2 <1 ms <1 ms <1 ms 100.68.250.1

7. Confirmation as to what you have setup in your Router if changes have been made
I made sure UPnP is enabled, and I set up port forwarding on port 1802
27246

Thanks in advance for the help!

Your second hop is to a private network address. This could be because you have a shared network or your ISP is sharing IP addresses. It is probable that you wn’t Be able to access this network to port forward and you may need to use a VPN solution.

5. Confirmation of what AV you are running and whether you have set any exceptions
McAfee Antivirus Plus
Under Ports and System Services I opened up port 1802 for Fantasy Grounds
Have you added an application exception/whitelist for FantasyGrounds.exe?


6. Post the results of the tracert 8.8.8.8 command (if you have security concerns you can remove this bit once its been responded to)
1 <1 ms <1 ms <1 ms RT-AC5300-51F0 [192.168.1.1]
2 <1 ms <1 ms <1 ms 100.68.250.1

Hop 2 may, or may not, be the cause. 100.64.. - 100.127.. are private networks, but they are special because they are reserved for ISP to providers communication - it's probably effectively a shared IP with other users (which is what Zacchaeus mentioned) and so normal port forwarding can't be used.

I'd check the FantasyGrounds.exe exception above and if that doesn't help then call your ISP and say that you need TCP port 1802 forwarding to you for peer-to-peer gaming - see what they say. Some might do it for you, some might require a small increase in your monthly charges, or some may say they can't do it - but keep pushing them if they say that, as some ISP support people aren't that good (amazingly!) and might just give a default answer. If your ISP truly can't help, then a VPN solution will be able to work around it: https://www.fantasygrounds.com/forums/showthread.php?43607-Port-Forward-Alternatives

Thank you both for your help. I will contact my ISP tomorrow and talk with them about the problem. It's a small ISP and they are pretty controlling with many things, but the customer service is excellent and very personal. If that doesn't work I will pursue the VPN option. I already had NordVPN, but they do not offer port forwarding. Since I am just barely inside my first 30 days with them I'm going to cancel and try PureVPN I think. Currently its a little over $4/mo with the port forwarding.

And I do have the exception for FantasyGrounds.exe

Thanks again for taking the time to help.

... and try PureVPN I think. Currently its a little over $4/mo with the port forwarding.
Get PureVPN and the dedicated IP address add on, this is what is known to work for Fantasy Grounds - you don't need the port forwarding add on.

Thank you for the clarification.

I can confirm that the 100. IP is ISP managed and you would need their assistance. Do ask them - Im sure they can do it (technically) but whether the person you speak to is allowed to or willing... roll some dice...

Here's a solution to getting ISP's to be more open to opening this port. Get some of their tech people involved in our games, then they will fix it themselves. :)

Ok, my own attempts to establish connection didn't seem to work, so:

1. LAN IP: 192.168.10.155 (https://i.imgur.com/Z1hSBi6.jpg), I've fixed it in connection settings (https://i.imgur.com/oasAMws.jpg)
2. External IP shown by CanYouSeeMe doesn't seem to match (https://i.imgur.com/IoKEWBh.jpg) one showed by FG
3. I'm using wired connection
4. I've set my network to private, I believe (https://i.imgur.com/qdCEWJx.jpg) (sorry it's all in russian, but trust me it says "Private Network")
5. I have Avast, and I've added an exception (https://i.imgur.com/juWmbAT.jpg) for FG, although it never mattered before
6. Results of tracert 8.8.8.8 command (https://i.imgur.com/B7f6rP2.jpg)
7. I have set up virtual server ports open in my router (https://i.imgur.com/skjwfOX.jpg), as well as making rules in Windows firewall (https://i.imgur.com/STVTzqy.png)

Things worked normally until recently, we've played Tomb of Annihilation with no issue. I don't think I've done anything out of the ordinary to disrupt the settings of connection, but for some reason now CanYouSeeMe site doesn't seem to see any of my ports, and when I try to ping google or yandex from command prompt, they tell me that it gets timeout. I have no idea what going on.

Hi Karnas

Does the IP in your Router Status for WAN match what FG believes it?
Everything else looks ok.
Test also with Avast turned off for 10 mins.

Does the IP in your Router Status for WAN match what FG believes it?
It seems that it doesn't (https://i.imgur.com/Finvy6d.jpg).
I also was mistaken, after relaunch of FG, it identified the same IP as CanYouSeeMe site.

ok - things to test if it **was** working:

reboot router - test
turn off Avast for 10mins - test

if that doesnt work contact your ISP and ask them if they have changed anything because your port forwarding no longer works.
see what they say.

everything else looks ok to me.

if that doesnt work contact your ISP and ask them if they have changed anything because your port forwarding no longer works.
see what they say.
Ultimately I've ended up giving my ISP extra two bucks a month for permanent external IP, which seems to have fixed the issue.

Good stuff Karnas.
They may have been aggregating your IP with other people so it would work sometimes and not others.

Hey guys,

my connection test also fails. Here are my responses:
1. 192.168.178.21
2. 88.130 is displayed by FG, https://www.whatismyip.com/de/ says the same (I can not manage to find any external ip in my fritzbox router)
3. Wired
4. Confirmed 27517
5. Kaspersky Internet Security 27518
6. tracert:
1 <1 ms <1 ms <1 ms fritz.box [192.168.178.1]
2 5 ms 4 ms 4 ms 192.0.0.1
3 5 ms 5 ms 4 ms 62.214.38.173
4 8 ms 8 ms 8 ms 62.214.37.130
5 8 ms 7 ms 7 ms 89.246.109.250
6 10 ms 9 ms 9 ms 108.170.252.65
7 8 ms 8 ms 8 ms 108.170.235.251
8 8 ms 7 ms 7 ms google-public-dns-a.google.com [8.8.8.8]
7. Confirmed 27519

I tried disabling my AV while testing and rebooting my pc as well but that didn't help as well. The Open Port Check Tool of https://canyouseeme.org/ fails and runs into into a timeout while checking port 1802.

Im afraid that I need to discuss this with a very annoyed employee of my ISP... Any ideas or tests I could do before let someone yell at me?

Thx in advance,
Jan

Hi Jan,

Many European residents do not get access to an individual public IPv4 address.
Looking at your results you will be best trying Hamachi, ZeroTier or PureVPN.
The first two are free and you and the players will need to install and join the same network.
PureVPN costs but only the GM needs to use it.

Hi damned,
thanks for your reply. If PureVPN is only needed by the GM, that's what I'm going for.
At the check out of the PureVPN order process I can select these optional options: 27521
Do I need the fixed IP (second option)?

Hi Cptn

There is one or more very good purevpn threads on these forums.
I would check there first - and repost your question there if you cant find the exact answer.
I personally have not used this particular VPN (but it is the most reliable one for using with FG).
Someone there might also tell you how to get a discount on your purchase - I think if you let it sit in the basket for 15mins and then leave the page it offers you a discount or something like that...?
But yes - you do need one of the add-on options - Im just not sure which.

They currently have a special anniversary offer so I took that with the dedicated ip address option. After starting the PureVPN app and select the dedicated ip area, I could click on connect and received a new ip. FG recognized this ip automatically and the connection test succeeded.
Sooo much reading forum posts -.- Thanks everybody! <3

They currently have a special anniversary offer so I took that with the dedicated ip address option.
Yep, that's the options you need.

Glad you got a successful connection test. :)

1. Your LAN IP Address -----192.168.1.50 (static IP)
2. The first two sets (octects) of your WAN IP as displayed by Fantasy Grounds and as displayed by your Router----yes
3. Whether you are using Wired or Wireless (and not both) -----wired
4. Confirmation that you have set your Adapter in Network and Sharing Centre to Private ----yes it is private
5. Confirmation of what AV you are running and whether you have set any exceptions ---webroot
6. Post the results of the tracert 8.8.8.8 command (if you have security concerns you can remove this bit once its been responded to)27610
7. Confirmation as to what you have setup in your Router if changes have been made 27611

I am truly at a loss as to why this is not passing the connection test. I have placed some image files in here of the information requested. Any help getting me connected on my new pc would be amazing. Thanks in advance

Bukkyo

All of that looks correct.
Please reboot your Router and retest.

Just rebooted router/modem and still failed test

bukkyo do you have another computer in the house?
try and connect that computer to your LAN IP 192.168.1.50
if that fails then the issue is on your windows firewall or AV or network profile
if that works then the issue is on your router or at your ISPs end

Looking at various web posts, the "external host" entry might be Any, 0.0.0.0 or even blank. This FG GM was having an issue and changed it to be nothing (completely blank) and it worked: https://www.fantasygrounds.com/forums/showthread.php?42969-Please-help-Forwarding-a-Port-on-Sagemcom-F-st5260-router

If that doesn’t work, and you have a spare computer, do the test damned suggested.

I do have another machine that I could attempt to test but my wife may end my life if I mess up her work pc, but will try. Also I did set the external host to nothing and it didn't work. I enabled the Upnp, deleted the rule for the 1802, and tried again and still nothing.

I love technology .......

Got a text from my wife saying, "if you break my at home work pc..I will end you" , so I do not have a second machine I can test this on. Please advise on other means or processes I can take to help fix this.

A married man is always in the dog house for something.

Got a text from my wife saying, "if you break my at home work pc..I will end you" , so I do not have a second machine I can test this on. Please advise on other means or processes I can take to help fix this.
So, at this point we don't know if the issue is at your PC or at the router.

You mention you're using Webroot, but have you set any exceptions for FantasyGrounds.exe and TCP port 1802 in Webroot?

Additionally, after trying the changes on your router, did you reboot it?

On my old pc (in a box in our storage) I set up the same static IP and used this very same router/modem to access it all and had zero issues. I just disabled my webroot completely, tried to connect, and still a failure. When I did these changes I did reboot my router/modem as directed last night/early this morning. In my windows firewall there are the exceptions for fg are there. I really don't know what else to do. Are you guys able to access my pc and take a look remotely and maybe you guys can see something I am missing?

If your old PC works on that IP and your new one doesnt then its the PC and not the FW.
Send me your email address via PM.

sent

Problems fixed. Would have never found it on my own. Thanks (was a rule set I had saved and forgot about that broke everything)

Glad you got it fixed.


was a rule set I had saved and forgot about that broke everything
A Fantasy Grounds ruleset?

bukkyo had created a Connection Security Rule that was requiring encrypted authentication on all incoming connections....

Not my finest hour, but Damned got the damned thing to work! Thanks again!

Just want to thank you for this thread. I recently installed a subsidiary router so I could have a network for IoT related things that was security wise separate from the rest of my network. This obviously prevented Fantasy Grounds from working. Read through, took all the steps at the start and it didn't seem to work until I realized I needed the internal router's external static IP in the external routers rules, not the one my PC necessarily hits (they seem to be different on my network.) Suddenly, all green.

So basically, thanks for the detailed instructions they're fabulous.

My modest contribution on that subject :
"Fantasy Grounds - Port Forwarding and a "transparent" OpenVPN setup (fg/ovpn blurb by ZeFerby)"
https://zeferby.gitbook.io/transparent-openvpn-for-fantasy-grounds/

I just purchased Fantasy Grounds and my test failed.
i'm pretty sure I need to call my ISP and have them allow port forwarding.
My question is this...I plan on taking my laptop to someone elses house and using their wifi as we run the game.
Calling my ISP won't do any good if I'm using someone else's Wifi/ISP, correct?
Will I need to go there and do all these steps again?
Or should I just do one of those alternative plans to avoid that trouble?

Thanks.

I just purchased Fantasy Grounds and my test failed.
i'm pretty sure I need to call my ISP and have them allow port forwarding.
My question is this...I plan on taking my laptop to someone elses house and using their wifi as we run the game.
Calling my ISP won't do any good if I'm using someone else's Wifi/ISP, correct?
Correct.

Will I need to go there and do all these steps again?
Or have them do all the steps. Most of them will tell you want you need to do on your computer when you get there. A lot of this will depend upon if they have admin access to their router and what might need to be done. Again, in a vast majority of cases, FG just works, but if it doesn't, you don't want to be stuck unable to play!

Or should I just do one of those alternative plans to avoid that trouble?
You could just have Hamachi ready to go if you have trouble at your friends house. Though I personally use PureVPN, but that's because I travel.
EDIT: Welcome!

Correct.

Or have them do all the steps. Most of them will tell you want you need to do on your computer when you get there. A lot of this will depend upon if they have admin access to their router and what might need to be done. Again, in a vast majority of cases, FG just works, but if it doesn't, you don't want to be stuck unable to play!

You could just have Hamachi ready to go if you have trouble at your friends house. Though I personally use PureVPN, but that's because I travel.
EDIT: Welcome!

Is this a problem with the STEAM version of Fantasy Grounds? Or does the Steam version have this figured out?

@fergy No, it's just that when you host a game your machine is an FG "server", so remote players have to be able to reach your FG from the Internet, so it has nothing to do with Steam/not Steam.

Hello All.

I'm having some serious connection issues from China. I've set my network to private and made a firewall exception for port 1802. I also went into my router and set port forwarding for 1802. After reviewing some alternatives I went and tried Hamachi which could not establish a stable connection even with a VPN. ZeroTier actually saw some success. I was able to get a player connected to my game through the ZeroTier IP, but only when we were connected to the same wifi connection, which rather defeats the purpose. Pure VPN customer service said that their Port-forwarding/Isolated IP/whatever function doesn't work in China, though I have seen otherwise on the forums and would be willing to purchase it if I could guarantee that it would work. Either computer connecting to a different wifi, or through a VPN yielded nothing.

I have a Windows 10 64-bit computer with Total AV installed. I'm fairly certain that the AV is also set to allow incoming traffic from Fantasy Grounds.

At this point I'm doubtful that standard port-forwarding is going to accomplish much, there is after all the Great Firewall to contend with. Is there any advice on how to get ZeroTier to work or is there something else I should be doing?

Welcome Vali

The GFW is very likely going to be a show stopper for you to be GM without a 3rd party tool that can get around the GFW.
I think PureVPN have some sort of money back period and a number of users have used that successfully.
As a player I dont think you will have issues.

Well, I set up a proxy server with Shadowsocks and now have unrestricted net access through my browser. GFW can suck it. Now that I can tunnel past it, is there anyway to set up my FG to host? I'm most worried about the 1802 port restriction. Would it be feasible to set up a port 1802 proxy and be able to run a game through that?

PM Myrdin on these boards. He has used PureVPN from China many times. However, I'm not sure if the China he's talking about is Taiwan or Hong Kong or communist China (I know Hong Kong is in mainland now, but they still have some vestiges of democracy from the British lease days). If you use a proxy server, that is PhD level networking, and I doubt anyone on these boards is going to be able to help you very much. Welcome to FG! Sorry you are having trouble.

Don't just PM Myrdin out of the blue when the PureVPN information is available at multiple places in these forums, and it's much better for the community to discuss any connection issues/solutions in the open so we can all learn and benefit from the discussion. Short story: PureVPN works with FG - you need to get the dedicated IP add on.

If you can setup a Proxy that forwards TCP port 1802 to your GM computer, and your players can all access that proxy directly from their FG application (that is, enter a public IP address or resolvable hostname) then you should be OK.

Trenloe, he called PureVPN and they said it doesn't work in China. Myrdin has used it in China. He explicitly said he doesn't want to purchase it without knowing it will work when their own tech support says it won't work. I was looking to help him speak to someone who knows from experience that it works in China. What are you concerned about? Myrdin's a great guy, surely he won't mind chatting with this new user?

What are you concerned about? Myrdin's a great guy, surely he won't mind chatting with this new user?
Personally I don’t like getting PM'd when things can be discussed on the forums - like I said, it allows other who may have similar questions later to find answers for themselves in the forums. See my signature!

Well, he isn't paying attention to this thread. The PM was intended only to get his attention if he's monitoring that.

VPNs that work today in China have no guarantee that they will work tomorrow.
And vice versa - sometimes one that didnt work will start working again.

In any event PureVPN has a 30/31 day money back guarantee so that you can test.

Myrdin and a few other players I know use PureVPN with IP option to get around the GFW. It's been working for some years, but again may not at any moment. That said, PureVPN has very good customer service and I'm sure if it stops working and they can't help you, they will be happy to cancel the subscription and refund from when it stops working (within reason).

Of course, I don't work for them, but my interactions with them have been good.

Hey all. I'm having an issue with hosting a campaign, or even passing the connection test. I've been using FG for many years, but I haven't had the chance to play since last May due to work. I have two PC's that I keep the campaign data in sync that are both exhibiting the same issue. One is a Virtual Machine in Microsoft Azure.
After spending several hours debugging, I'm certain the issue is with FantasyGrounds.exe being able to open port 1802 to listen for inbound connections. While I'd consider myself an Expert at Networking I learned a long time ago not to assume I missed a basic step. Included below is the beginning troubleshooting steps you like to check along with what else I've done. I zipped the images given the number of them.

1. Your LAN IP Address - 192.168.1.25
2. The first two sets (octects) of your WAN IP as displayed by Fantasy Grounds and as displayed by your Router - 66.176

3. Whether you are using Wired or Wireless (and not both) - Wireless, though I've tried Wired
4. Confirmation that you have set your Adapter in Network and Sharing Centre to Private - See NetworkPrivate.jpg
5. Confirmation of what AV you are running and whether you have set any exceptions - Windows Defender disabled, see AntiVirusDisabled.jpg
6. Post the results of the*tracert 8.8.8.8*command (if you have security concerns you can remove this bit once its been responded to) - See tracert.jpg
7. Confirmation as to what you have setup in your Router if changes have been made. - Deleted and recreated port forwarding in router, though this happens with multiple router setups. See RouterPortFOrward.jpg

I've also deleted and recreated the Windows Firewall rule - see WindowsFirewallRule.jpg

Once verifying the above, I started to look and see if FantasyGrounds.exe was even listening on 1802, but never saw it start to listen using SysInternals TCPView or the following two commands.
netstat -an | findstr ":1802" or via PowerShell
Get-NetTCPConnection -LocalPort 1802

I confirmed the connection attempt was getting through the network by doing a packet trace with Wireshark, where you can see the TCP SYN, with no response, followed up by three additional TCP SYN re-transmissions. -see Wireshark.jpg

I Created exception rules for Windows 10 newer Exploit Protection settings, with no effect.

Finally I tried without success uninstalling and reinstalling from scratch after clearing out all files I could find in the App Directory and Data Directory along with Registry settings in HKCU\Software\Fantasy Grounds, and HKLM\SOFTWARE\WOW6432Node\Fantasy Grounds (Not sure if I missed clearing anything here)

I did install FantasyGrounds on a fresh new VM in Azure (Same network as the one that doesn't work), which worked just fine.

Hey Mortani

Thanks for the detailed info.
1. Dont disable your protections other than a temp disable for testing. Best to keep them on and just punch small holes for the things that need to be added.
2. Ive no idea what a Skynet Remote Connection is and Im a little worried... :)
3. FG should be listening on TCP 1802 but only when you are running a connection test or when you have a campaign loaded. It does appear to stop showing in my netstat listing too after a period of time however I can still connect. If you run a Netstat just after loading a campaign does it appear in the list?
The other things you have posted all look ok.

Skynet Remote is just the name of my local network for fun.

When the Connection Test does work, it does close port 1802 quickly.

I do not see port 1802 running after loading the campaign.

Can you connect to your game server from another computer on the same network? They may have changed something in the networking engine and the port doesnt continually advertise itself any more?

No, I can't even connect locally via localhost, or using my local IP address.

They may have changed something in the networking engine and the port doesnt continually advertise itself any more?
I don't know how they'd do that and still get incoming connections.

Anyway, mine is shown listening on port 1802 when FG is running:


PS C:\WINDOWS\system32> Get-NetTCPConnection -LocalPort 1802

LocalAddress LocalPort RemoteAddress RemotePort State AppliedSetting
------------ --------- ------------- ---------- ----- --------------
0.0.0.0 1802 0.0.0.0 0 Listen

No, I can't even connect locally via localhost, or using my local IP address.
So, if you have one instance of your FG running - with a campaign fully loaded up. Then you start another instance on the same computer and "Join Game" with a server name of localhost it doesn't connect?

If so, then there is something on your computer that is blocking FG - check and double check that any security/anti-virus software allows connections on TCP port 1802 and allows FantasyGrounds.exe to access the network. Don't rely on just shutting these apps down - they very often still have some level of protection. If you already have the above port and .exe exceptions/allowances set, remove them and add them again.

Finally found what was causing the issue. Both Wiresharks Loopback adapter and adapters created by Vmware Workstation seem to have caused some conflict. While it might be nice to figure out how to get them to work together, I can live without them in favor of FG working!

Finally found what was causing the issue. Both Wiresharks Loopback adapter and adapters created by Vmware Workstation seem to have caused some conflict. While it might be nice to figure out how to get them to work together, I can live without them in favor of FG working!
Great news! Well tracked down. :)

I was able to use PureVPN in China about 4 months ago (last time I was there). I used it routinely for years. Every once and a while China makes the GFW even harder to get past, and no VPNs work. This is usually when there are the congress meetings in Beijing. It is possible that with the issues in Hong Kong they may be making is harder again. I will check.

28448

Seems to be working fine.

Thanks for helping, Myrdin!

LAN IP: 192.168.1.72
WAn Octects: I'm Unsure of where to find these if you could let me know I'll get back to you.
I'm wireless
I've set everything to Private
I'm not sure what an AV is
Tracert command results
https://www.fantasygrounds.com/forums/attachment.php?attachmentid=28572&stc=1&d=1566361231

and the rules I put in my firewall:
https://www.fantasygrounds.com/forums/attachment.php?attachmentid=28574&stc=1&d=1566361322

Welcome ingmaster

The External IP that Fantasy Grounds shows plus whatever the Router shows as its public IP.

Where did 99.99.198.40 come from in your Firewall Rules?

That first rule should I think be:
Input Any 192.168.1.72/32 1802 1802 TCP Allow
I think the second rule should be deleted

You probably also need a port forward rule.

99.99.198.40 is the External IP Adress shown in Fantasy Grounds.

Either 192.168.1.72 or 192.168.1.254 is the IP Address for my computer or router.

How would I go about setting up a port forwarding rule?

Thanks for your help and patience.

How would I go about setting up a port forwarding rule?

You can look up specific directions for your router here; https://portforward.com/

99.99.198.40 is the External IP Adress shown in Fantasy Grounds.

Either 192.168.1.72 or 192.168.1.254 is the IP Address for my computer or router.

How would I go about setting up a port forwarding rule?

Thanks for your help and patience.

99.99.198.40 is the External IP Adress
And what does the ROUTER say its external IP is?

Port Forward can sometimes be called Gaming or Applications or something similar..

I can run a successful Connection Test after setting up port1802 forwarding

however....i still cannot join a game, or able to get other players to join a game i created + hosted

ISP gave me a generic "we do not block P2P connections" message but i am taking it with a grain of salt

WIll try setting router to Bridge mode tonight when i get home, but any other ideas on what could be causing the issue GIVEN that the Connection Test comes back successful?

Thanks in advance! Love the program! Was working just fine on a different computer+ISP+router combination :)

I can run a successful Connection Test after setting up port1802 forwarding

however....i still cannot join a game, or able to get other players to join a game i created + hosted

ISP gave me a generic "we do not block P2P connections" message but i am taking it with a grain of salt

WIll try setting router to Bridge mode tonight when i get home, but any other ideas on what could be causing the issue GIVEN that the Connection Test comes back successful?

Thanks in advance! Love the program! Was working just fine on a different computer+ISP+router combination :)
Welcome to the FG forums.

1) You (the player) don't need port forwarding to connect to another GM's game. Only the GM needs port forwarding.
2) In general, if you get a success, then as a GM you should be able to host OK.

A few questions (sorry some of these might seem basic, but I need to cover them off):
1) When you try to connect as a player to another GM, does that GM has his campaign up and running and waiting for players to connect? Do they have a "success" on the connection test? How are you connecting - alias or IP?
2) When you host as a GM - do you have your campaign up and running fully - i.e. you see the FG desktop with all of your data loaded? How are your players trying to connect (IP or alias)? With FG running, campaign loaded and waiting for players to connect, go to https://canyouseeme.org/ enter port 1802 in "port to check" and click the "check port" button - what do you get in response?

Hi Trenloe! Thanks for the quick response!

Turns out my issue was that i was putting in the IP Alias as my username and the host password as the alias
Somehow i got the boxes mixed up in my head when joining a game for the first time again vs rejoining

:eek::eek::eek:

anyways, all fixed now!

I can't get port forwarding to work and I have no idea why. Networking is not my thing. Can anyone tell me what stupidly obvious thing I got wrong in this picture? https://imgur.com/znRkcfZ

welcome young un.
I cant see anything wrong with that graphic but there could be because it is only one piece of the information.
Please read the first post and post answers (including screen shots) to the questions at the end of the post.

Ok, perhaps I am not as smart as I thought I was.

I have attempted to follow the directions throughout this thread and I am having general connection issues.

I have attempted to create/host a game, and I have attempted joining a game. Both fails.

I have enabled port forwarding on my router for port 1802. I have went as far as to completely disable all firewalls - Router - Windows Defender - BitDefender - I have tried creating rules for those as well to allow any/all connections through port 1802. I have contacted my ISP-they have input a ticket--will see where that goes.

my trace:
29253

Canyouseeme.org shows port is not open.

From what I have read only the host needs to worry about port forwarding...so what gives with connecting to my DM when he is hosting and shows a good connection on his end?
Even if I can get the player side to work I need to resolve this, as we alternate gaming sessions (2 different campaigns-I am player in one, DM in another)

I am a bit on the frustrated side. I have a licensed copy I have purchased and would like to add some modules, but before I plop anymore $$ down I need to get this working.

Sorry you are having problems :( I'mnot one of the network guru's, but lets see if I can help.


Ok, perhaps I am not as smart as I thought I was.

I have attempted to follow the directions throughout this thread and I am having general connection issues.

I have attempted to create/host a game, and I have attempted joining a game. Both fails.

I have enabled port forwarding on my router for port 1802. I have went as far as to completely disable all firewalls - Router - Windows Defender - BitDefender - I have tried creating rules for those as well to allow any/all connections through port 1802. I have contacted my ISP-they have input a ticket--will see where that goes.

my trace:
29253

Canyouseeme.org shows port is not open.

From what I have read only the host needs to worry about port forwarding...so what gives with connecting to my DM when he is hosting and shows a good connection on his end?
Even if I can get the player side to work I need to resolve this, as we alternate gaming sessions (2 different campaigns-I am player in one, DM in another)

I am a bit on the frustrated side. I have a licensed copy I have purchased and would like to add some modules, but before I plop anymore $$ down I need to get this working.

The first thing I would look at from your comments, you say you can not join a game as a player? Can other people join the GMs game? If so, then the problem is more basic and is probably due to security on your end. What type of network are you connected to? Home, library, coffee shop, work, etc?

As a reminder, these are the 7 questions that are usually all the guru's need in order to help you. Not sure you answered all of them. Can you please confirm the answers to the questions?



Still need help?
Please dont post that you have "tried everything".
Please provide the following info when posting a request for Port Forwarding help.

1. Your LAN IP Address
2. The first two sets (octects) of your WAN IP as displayed by Fantasy Grounds and as displayed by your Router
3. Whether you are using Wired or Wireless (and not both)
4. Confirmation that you have set your Adapter in Network and Sharing Centre to Private
5. Confirmation of what AV you are running and whether you have set any exceptions
6. Post the results of the tracert 8.8.8.8 command (if you have security concerns you can remove this bit once its been responded to)
7. Confirmation as to what you have setup in your Router if changes have been made

Sorry you are having problems :( I'mnot one of the network guru's, but lets see if I can help.



The first thing I would look at from your comments, you say you can not join a game as a player? Can other people join the GMs game? If so, then the problem is more basic and is probably due to security on your end. What type of network are you connected to? Home, library, coffee shop, work, etc?

As a reminder, these are the 7 questions that are usually all the guru's need in order to help you. Not sure you answered all of them. Can you please confirm the answers to the questions?

Home network - I have it set to private, not public - it is a wired network (ethernet)

AV-Bitdefender- in the firewall I have it set to allow all/any access for FG - I will look at exceptions in the AV portion.

29254

29255

29256

maybe some of these help answer things..I may have screwed up somewhere.

My DM didn't have anyone else attempting to log into his campaign at the time, however he could at least pass the 'connection' test. However I couldn't connect to his game.

Thanks BTW :)

Home network - I have it set to private, not public - it is a wired network (ethernet)

AV-Bitdefender- in the firewall I have it set to allow all/any access for FG - I will look at exceptions in the AV portion.
29256

maybe some of these help answer things..I may have screwed up somewhere.

My DM didn't have anyone else attempting to log into his campaign at the time, however he could at least pass the 'connection' test. However I couldn't connect to his game.

Thanks BTW :)
No problem, PM me if you would like me to startup my table and see if you can connect to it, or if you want me to try to connect to you after you get the connection test running (f you can).

my trace:
29253
This shows that there is another internal device (192.168.1.1) between you and the Internet. That will need to be port forwarded to your router - which is shown as having an IP address of 192.168.2.1, but will also have an IP address of 192.168.1.xx, which is what you'll need to port forward to on the 192.168.1.1 device.



From what I have read only the host needs to worry about port forwarding...so what gives with connecting to my DM when he is hosting and shows a good connection on his end?
Correct, only the host needs the port forwarding operating correctly. So I'd recommend you concentrate on getting the player connection working first... Maybe take LordEntrails up on his offer of trying to connect to his table.

PM sent..we will see if I can connect

Thanks!

This shows that there is another internal device (192.168.1.1) between you and the Internet. That will need to be port forwarded to your router - which is shown as having an IP address of 192.168.2.1, but will also have an IP address of 192.168.1.xx, which is what you'll need to port forward to on the 192.168.1.1 device.

Now I have to figure out how to get that accomplished...I contacted my ISP but they were literally useless in providing any assistance.

My PC is connected to the router via Ethernet connection...router is wireless for other items on the network..kids Switch, family members tablets etc

Trying to figure out what it is that is blocking me and how to forward the port on it

Lord Entrails...THANKS...at least I know I can play! Now on to fixing the hosting issue ...Trenloe thanks!

You're welcome. Let us know if you get stuck again. I'll keep my table open for a while longer in case you want to try again, etc.

You're welcome. Let us know if you get stuck again. I'll keep my table open for a while longer in case you want to try again, etc.


It was nice to see that I can actually join a game. Hopefully I will get hosting worked out on my end soon. To bad for me I have some 14hr workdays coming up over the next few days

Now I have to figure out how to get that accomplished...
Type 192.168.1.1 as a URL into a browser - what comes up?

192.168.1.1 is probably your modem. The magic words to tell your ISP is to put the modem into "bridge mode" if that's the case. :-)

My ISP is proving to be about useless......I am almost certain its my modem...:(

My ISP is proving to be about useless......I am almost certain its my modem...:(

When you call next, immediately ask for a tier 3 agent. If they balk point out the number of times you have had to call.

I'm having troubles.

My IPS is a Spectrum Wifi Community.
The traceroute shows a diferent IP that Myip.com
The router/modem is inside a wall.

I'm calling to see what they are going to tell me. If they can't fix it I guess I have to try VPN

Ok I call them and they were able to foward the port. So now is working perfect.

Ok I call them and they were able to foward the port. So now is working perfect.
Glad you got it working. Happy Gaming!

192.168.1.1 is probably your modem. The magic words to tell your ISP is to put the modem into "bridge mode" if that's the case. :-)

So I finally talked to someone who would listen at my ISP and they were able to set my connection to "bridge mode"...I can now host.

Thanks to everyone here on FG forums. You guys are awesome.

" GM is in a European Country that is well advanced in IPv6 deployment"

I moved house and got a new internet connection. Now i only have IPv6 and can't host a game anymore seemingly.
Is there any way around this?

Until Unity becomes available your only option would be a VPN https://www.fantasygrounds.com/forums/showthread.php?43607-Port-Forward-Alternatives

I've asked for help but having been able to get it to work yet so thought I would try this tread and see if maybe someone can help me. I'm not sure I got all the information correct but did the best as I understand it.

My Fantasy Grounds stopped working I can't find any changes, I've called my cable company, I've talked to McAfee. No one seems to know what the issue is everything seems to work except Fantasy grunds. Which was working fine up to a week ago.

To answer the questions in the have this info when asking more help are the following.

LAN IP Address 10.0.0.1
WAN IP 71.238.46.100
Wired
Internal IP on Fantasy Grounds is 10.0.0.243
External only gives Errors
Confirmed Private

Tracert
C:\Users\Edward>tracert 8.8.8.8

Tracing route to dns.google [8.8.8.8]
over a maximum of 30 hops:

1 46 ms <1 ms <1 ms 10.0.0.1
2 9 ms 8 ms 9 ms 96.120.60.177
3 10 ms 10 ms 10 ms ae-252-1239-rur101.salem.or.bverton.comcast.net [162.151.213.69]
4 13 ms 14 ms 11 ms ae-2-rur02.salem.or.bverton.comcast.net [68.85.146.170]
5 25 ms 14 ms 13 ms 96.108.80.73
6 29 ms 19 ms 19 ms be-33490-cr01.seattle.wa.ibone.comcast.net [68.86.92.217]
7 18 ms 18 ms 18 ms be-10846-pe01.seattle.wa.ibone.comcast.net [68.86.86.90]
8 19 ms 20 ms 17 ms 50.248.118.134
9 19 ms 22 ms 21 ms 74.125.243.177
10 20 ms 19 ms 19 ms 209.85.254.171
11 18 ms 23 ms 17 ms dns.google [8.8.8.8]

Trace complete.

Hi EdMurray

Did you ever setup port forwarding on your router or did it just work previously?
If that is the case reboot your router and retest.

Otherwise login to your router and setup port forwarding and forward TCP 1802 to 10.0.0.243 TCP 1802

I did and tried to removing and replacing it.

It is set up to Reserved IP Address: 10.0.0.243
Port Number 1802 Protocol TCP/UDP it doesn't give me a choice TCP or UDP just groups them I did have Xfinity force it to just do TCP but that didn't work either.

I'm really at loss where to look at this point.

if you would like me to have a quick look at your setup with you send me your email via PM

This took some time to find but the Comcast/Xfinity router has an option to configure the Port Forwarding online - as in via a web page not on your router.
When on this page go into Security and find your computer and there were a number of Warnings about how they had protected your computer from incoming attacks.
Follow the links and you will see that their firewall was blacklisting all addresses that had attempted to do incoming connections on TCP1802 - including the update server.

So what was the fix?

So far I have to go in and click Allow for 30 days for each person trying to join my server using port 1802 its part of Xfinity's X1 protection I guess I waiting to hear back from the IP to see if I can set it so it doesn't keep asking me for that on that port.

After the latest update, I suddenly can't connect, even on localhost.

Turning off my firewall doesn't help (so I promptly turned it back on!!! Bad advice to turn off your firewall these days!), and an NMAP scan shows that port 1802 is closed (and a whole bunch of other ports are open when the firewall is turned off!). Two instances of FG running on the same machine do not communicate with each other, and my players, of course, can't connect. Anyone else seeing this behaviour?

After the latest update, I suddenly can't connect, even on localhost.

Turning off my firewall doesn't help (so I promptly turned it back on!!! Bad advice to turn off your firewall these days!), and an NMAP scan shows that port 1802 is closed (and a whole bunch of other ports are open when the firewall is turned off!). Two instances of FG running on the same machine do not communicate with each other, and my players, of course, can't connect. Anyone else seeing this behaviour?
No. If you can not connect a second instance of FG on the same computer using "localhost" then you have an issues with the security software on your computer.

Please check all the things in the first post of this thread, then answer the 7 questions in a reply here and we will be glad to help.

No. If you can not connect a second instance of FG on the same computer using "localhost" then you have an issues with the security software on your computer.

Please check all the things in the first post of this thread, then answer the 7 questions in a reply here and we will be glad to help.

1. Your LAN IP Address

192.168.50.115

2. The first two sets (octects) of your WAN IP as displayed by Fantasy Grounds and as displayed by your Router

71.229.0.0/16

3. Whether you are using Wired or Wireless (and not both)

This PC is wired.

4. Confirmation that you have set your Adapter in Network and Sharing Centre to Private

My adapter is set to Domain, as I have an AD domain locally.

5. Confirmation of what AV you are running and whether you have set any exceptions

Microsoft Security Essentials and Windows Firewall.

6. Post the results of the tracert 8.8.8.8 command (if you have security concerns you can remove this bit once its been responded to)

1 <1 ms <1 ms <1 ms 192.168.50.1
2 11 ms 11 ms 11 ms cm-1-acr06.denver.co.denver.comcast.net [96.120.12.49]
3 16 ms 9 ms 15 ms ae-106-rur201.denver.co.denver.comcast.net [68.85.221.229]
4 15 ms 8 ms 7 ms ae-19-ar01.denver.co.denver.comcast.net [162.151.50.85]
5 9 ms 14 ms 8 ms be-33652-cr02.1601milehigh.co.ibone.comcast.net [68.86.92.121]
6 9 ms 9 ms 17 ms be-12176-pe02.910fifteenth.co.ibone.comcast.net [68.86.83.94]
7 9 ms 16 ms 18 ms as20940-2-c.nota.fl.ibone.comcast.net [23.30.207.162]
8 * * * Request timed out.
9 7 ms 15 ms 7 ms dns.google [8.8.8.8]


7. Confirmation as to what you have setup in your Router if changes have been made

Router is set to forward traffic on 1802 from all IPs to 115 internally.

Other information not asked for:
1) One of my players is my wife. She connects directly to 115 rather than to the Comcast IP.
2) I cannot connect even locally.
3) Telnet localhost 1802 returns a timeout.
4) nmap -p 0-65535 192.168.50.115 returns a whole list of open ports, while nmap -p 1802 192.168.50.115 or localhost says the port is closed.
5) This behaviour is new. Fantasy Grounds worked just fine last week. The only thing changed between last week and this week.

But if I'm the only one having this problem, I may just need to nuke Fantasy Grounds and start over.

5. Confirmation of what AV you are running and whether you have set any exceptions

Microsoft Security Essentials and Windows Firewall.
This is know to sometimes have exceptions set, but they don't actually apply. And turning it off doesn't actually turn it off completely.

So, remove all entries for FantasyGrounds.exe and TCP port 1802 in Security Essentials and Windows Firewall and then re-add them in.

Check your NIC binding order.

1. LAN IP Address: 192.168.0.12
2. WAN IP: 50.81.201.150
3. Wired
4. Confirmed Private
5. Windows Security
6. Tracing route to dns.google [8.8.8.8]
over a maximum of 30 hops:

1 <1 ms <1 ms <1 ms 192.168.0.1
2 9 ms 8 ms 9 ms 10.140.108.1
3 12 ms 10 ms 10 ms 172.30.23.61
4 12 ms 12 ms 12 ms 68-66-73-10.client.mchsi.com [68.66.73.10]
5 13 ms 15 ms 12 ms po10.chgil001er1.mchsi.com [68.66.73.122]
6 12 ms 11 ms 12 ms 72.14.215.212
7 14 ms 14 ms 14 ms 108.170.243.174
8 11 ms 12 ms 12 ms 72.14.239.115
9 12 ms 11 ms 12 ms dns.google [8.8.8.8]

Trace complete.
7. Port forwarding: Motorola Router
Local IP Address 50.81.201.150
Start Port 1802
End Port 1802
External (Internet) IP Address 0.0.0.0
Start Port 1802
End Port 1802
Protocol BOTH
Description 1802
Enable/Disable Enable

I am under the impression that it must be a firewall issue as I opened up two instances on the same network and wasn't able to join even locally. But I don't have any additional antivirus programs and have already done the necessary steps on the windows firewall.

I am not as tech savvy as I'd like to be so I apologize if I'm wasting anyones time.

Hi BurntIcarus and welcome

At first look the tracert suggests that you cant do port forwarding because there are 3 private IPs between you and your computer
However - if your Router WAN says its 50.something and FG agrees then in my experience that should work

Can you tell more about your LAN test - did you try to connect to the 192.168.0.12 address? Were you both on Wired connections? Did the other computer have a 192.168.0.something address?

Create a new Advanced rule in Windows Firewall
Allow Incoming TCP connections on Port 18-2 from ANYwhere

They were both from the same computer, I had just opened two instances of FG on my computer. But I tried again this morning and was able to connect to the 192.168.0.12. The connection test is failing still and repeating the same test attempting to connect to the 50.81.201.150 even opening another FG on my laptop w/ wired connection still is failing to connect.

Firewall rule, so what I am doing is going into my firewall creating a new inbound rule > creating a new port rule > selecting TCP and specified local port 1802 > allow connection > when does this rule apply, all options selected > then just naming the rule. I deleted the previous rule, had already created a rule selecting the same options, and remade it.

Ok - can you connect locally? If you cant connect locally (to the local LAN address) then you have to solve that first.
Then you should check the port forwarding on the router and the router firewall settings.

Hey, thanks in advance for the help!

1. LAN: 192.168.2.189
2. WAN: 76.247.16.8
3. Wired Ethernet
4. Network Adapter is set to Private
5. BitDefender for AV, and Windows Firewall. Exclusions are set in firewall for FG. Odd note that FG originally had both "Allow" and "Block" inbound rules when I checked. Guessing I missed the "Allow this program to access the internet" prompt the first time the program was opened. I deleted the Block rules and remade the Allow rules, then rebooted.
6.
Tracing route to dns.google [8.8.8.8]
over a maximum of 30 hops:

1 <1 ms <1 ms <1 ms router.asus.com [192.168.2.1]
2 * * * Request timed out.
3 23 ms 28 ms 24 ms 76-247-16-1.lightspeed.dllstx.sbcglobal.net [76.247.16.1]
4 23 ms 23 ms 23 ms 71.155.70.181
5 24 ms 24 ms 25 ms 12.242.112.31
6 25 ms 24 ms 25 ms 12.255.10.102
7 * * * Request timed out.
8 25 ms 23 ms 23 ms dns.google [8.8.8.8]

Trace complete.

Note regarding the first timeout, I'm pretty sure that's because I'm in a router-behind-router situation and have my ISP's modem/router DMZ'ed to my ASUS one. AT&T is really dumb and doesn't actually allow you to disable DHCP on their shitty modem/router, so I'm technically running two DHCP servers. The ISP's modem only has one IP in its range; Its own IP address. It assigns itself the first (and only IP,) then the rest is DMZ'ed through to my Asus router. So my ASUS router shows the same public IP as what I get on FG. The DMZ was because I also run a Plex server, and just regular port forwards weren't doing the trick for that.

So my guess is that the first hop is my good router, then the second is my DMZ'ed ISP router. No idea why the second time out (just before the destination) is happening though. That's repeatable, so it's not just a fluke. I'm able to browse the internet (including google) just fine, even with those listed timeouts.

7. As noted, the ISP router is DMZ'ed to my second (better) Asus router, using that workaround of only having the one assignable IP address on the first server. Asus router has port forwarding set to forward TCP 1802 to my computer (192.168.2.189). I can connect on LAN with my laptop just fine, but still fail external connection tests.

Hi MicCheckOneTwo

Make sure your Allow rule is for TCP 1802 from ANY source.
Try turn off BitDefender for 15mins to test.
I suspect that you may have to add a rule to BitDefender also.

All your other stuff looks ok.

Hi MicCheckOneTwo

Make sure your Allow rule is for TCP 1802 from ANY source.
Try turn off BitDefender for 15mins to test.
I suspect that you may have to add a rule to BitDefender also.

All your other stuff looks ok.

Thanks. I couldn't find any way to add firewall rules for BidDefender. I'll have to google around on that. Simply disabling it didn't fix the problem though. The Windows firewall rule is set to TCP1802, and allows any incoming source for FG. Or do you mean I just need to open 1802 completely, without specifying FG?

I just open tcp1802 completely
its not a commonly scanned port and residential networks are not typically aggressively port scanned on all ports
and if FG wasnt open but something else was listening at that time on TCP1802 they would need to have an attack ready for whatever that app was right away
the risk is i think pretty low

Networks that are very unlikely to work
To save you time in working all the way thru to the end the following setups are highly unlikely to work:
GM is tethered to a mobile phone or mobile hotspot
GM network is connectd by Sattelite

That explained the issue I was having when I was asking on Discord :) Situation solved on my home box now. It was also crewing up my email program.

I just open tcp1802 completely
its not a commonly scanned port and residential networks are not typically aggressively port scanned on all ports
and if FG wasnt open but something else was listening at that time on TCP1802 they would need to have an attack ready for whatever that app was right away
the risk is i think pretty low

Even that hasn't done it. I'm just kinda scratching my head on why, because (as far as I can tell) it should be working. My firewall has a pinhole open for TCP 1802 on any program. Still failing tests.

My experience is if the port really is open, then your firewall is blocking something. Delete the program from the firewall and add it again when it tries to connect.

Even that hasn't done it. I'm just kinda scratching my head on why, because (as far as I can tell) it should be working. My firewall has a pinhole open for TCP 1802 on any program. Still failing tests.

If you would like me to have a look at it with you please send me your email via PM.

My experience is if the port really is open, then your firewall is blocking something. Delete the program from the firewall and add it again when it tries to connect.

Just tried that. Still no luck. I also checked to make sure the port is empty before I connect. It's not in use or reserved beforehand, then is set to "Listening" when connected. So I'm pretty sure it's not my firewall blocking anything. I'm gonna send damned a PM, and we'll see where it goes from there.

Just figured it out with damned's help. It was because my first router was DMZ'ed to my second, but those specific ports were forwarded to the second router's OLD ip address. Before I tried DMZ I had just forwarded that port to the second router by itself. So when I set router 1 to DMZ instead, it assigned router 2 a new IP, and that port was still only forwarded to the old IP in router 1. So it was basically DMZ'ing everything EXCEPT that port, as it was still forwarded to the old IP. Unforwarding the old IP fixed the issue.

Damned, I owe you a beer if you ever find yourself in Texas.

Hi! help me please!!
I'm running out of ideas on how to fix my FG connection

1. LAN IP Address: 192.168.87.194
2. The first two sets (octects) of your WAN IP: 192.168
3. Wireless
4. Network and Sharing Centre: Private
5. Confirmation of what AV: Kaspersky Internet Security (FG is marked as trusted app) I have created in KIP and Windows firewall rules for FG port
6. tracert to 8.8.8.8
1 11 ms 10 ms 10 ms 10.251.200.1
2 11 ms 11 ms 11 ms vlan25.as03.cph1.dk.m247.com [185.206.224.241]
3 27 ms 32 ms 29 ms 83.97.21.164
4 11 ms 10 ms 11 ms xe-2-0-3-0.bb1.cph1.dk.m247.com [83.97.21.230]
5 11 ms 11 ms 11 ms kbn-b3-link.telia.net [213.248.89.118]
6 21 ms 20 ms 19 ms kbn-bb3-link.telia.net [62.115.121.14]
7 20 ms 19 ms 19 ms s-bb3-link.telia.net [62.115.139.168]
8 20 ms 20 ms 19 ms s-b6-link.telia.net [62.115.133.29]
9 20 ms 20 ms 20 ms 74.125.32.56
10 * * * Timeout.
11 21 ms 20 ms 20 ms dns.google [8.8.8.8]

my setup: my pc is connected to a Cisco WAP551 that is connected by ethernet to a fiber box that I have no control.
I have talk to my ISP (owner of the fiber box) and they claim all ports are open (despite canyouseeme.org says the opposite)
I have tried Hamachi without success, users can connect to my networks but fail to connect FG or ping me (running a diagnose says ports are closed)
What I find surprising is FG is the only software to have this problem, I have no problem hosting games on steam, or using other p2p software like torrent
I will extremely appreciate any help you can provide me :-)

welcome Jaume

Answers 1 and 2 and 6 dont gel...
can you post screenshots please?
What FG shows
what tracert shows
and what the status page of your router shows

Hi Damned
yep, I know it don't has too much sense, also considering during all the week I had two IP jumps at the beginning.
So after writing the post and reviewing the firewall once again I decided to restart computer and fiber box.

Now it looks again as usual.
Ipconfig shows IP 192.168.87.194 which is matching the internal IP displayed in FG, the external Ip is 212.112.152.102

Here is the tracert
1 1 ms 1 ms 1 ms 192.168.87.1
2 4 ms 4 ms 4 ms 100.80.0.3
3 6 ms 6 ms 6 ms be201.est-pe30.link.stofa.net [178.155.255.222]
4 7 ms 7 ms 8 ms be211.lyk-dist01.link.stofa.net [212.10.45.34]
5 6 ms 6 ms 6 ms be207.koldg-cor01.link.stofa.net [178.155.255.59]
6 7 ms 6 ms 6 ms be200.koldb-dist02.link.stofa.net [178.155.255.187]
7 5 ms 6 ms 6 ms be217.dck-pe02.link.stofa.net [212.10.13.217]
8 6 ms 6 ms 6 ms 100.127.255.231
9 7 ms 7 ms 7 ms be300-4094.dck-pe02.link.stofa.net [212.112.132.24]
10 7 ms 7 ms 7 ms be217.koldb-dist02.link.stofa.net [212.10.13.216]
11 9 ms 7 ms 7 ms be200.koldg-cor01.link.stofa.net [178.155.255.186]
12 7 ms 7 ms 9 ms be102.koldt-br01.link.stofa.net [212.10.45.202]
13 16 ms 16 ms 16 ms be101.koldt-cor01.link.stofa.net [212.10.45.201]
14 17 ms 17 ms 17 ms be191.koldt-cor03.link.stofa.net [178.155.255.132]
15 17 ms 16 ms 16 ms be200.frnx-br01.link.stofa.net [89.184.134.79]
16 16 ms 16 ms 18 ms 74.125.50.94
17 16 ms 16 ms 16 ms 108.170.251.129
18 17 ms 19 ms 16 ms 72.14.234.115
19 16 ms 16 ms 16 ms dns.google [8.8.8.8]

No way to post screenshot of the router status page since I don't have access to the router :-(
I´m not even sure if I do have a router, according to the ISP support they have activated the router build in the fiber box for me and assigned a local fixed IP (nat44) but still no way to reach the web interface of the router.

Your ISP is giving you misinformation.
While they are not blocking anything they are doing something called carrier grade NAT and this means you cannot do port forwarding yourself.

Either they need to Port Forward TCP 1802 to your router (and yes you do have a router you can log into) or you need to use one of the Port Forwarding alternatives.
Hamachi is nice and simple to setup in most cases.

I have read several of the threads in the forum before posting and tried Hamachi already.
Don't works, it's easy to use and install, i created my profile, my network, my players login but can't log in FG nor ping me in Hamachi
They appear as "blocked" to me in Hamachi and if run a diagnose you can imagine what it says, ports are closed.
It looks like the only option is keep being a jerk with the ISP support team
Could be this a way to force their users to get the fixed IP package?

If you want to send me your Hamachi details by PM and I can test with you. Im damned#0166 in Discord

Many European countries have exhausted their available IPv4 addresses and are forced to do this.
I suppose its possible some are doing it to raise some additional revenue...

How much is the fixed IP address package?

It seems is a matter of being annoying with their tech service.
I got a guy on the phone that was a bit more proactive and emphatic than the previous. He confirmed a few things:
- Right they do carrier grade NAT
- They (IT Support) are not allowed to do port fowarding for consumer
- If you want to do so you should get the fix IP (29DKK per month= 6AUD) get your own router and ask them to set the fiber box in bridge mode
After 10 days of phone calls its the first time got an answer that makes sense.
In my country that would be a great reason to change ISP asap, but here I have to deal with what I have
Any advice about a good router for home use?

It seems is a matter of being annoying with their tech service.
I got a guy on the phone that was a bit more proactive and emphatic than the previous. He confirmed a few things:
- Right they do carrier grade NAT
- They (IT Support) are not allowed to do port fowarding for consumer
- If you want to do so you should get the fix IP (29DKK per month= 6AUD) get your own router and ask them to set the fiber box in bridge mode
After 10 days of phone calls its the first time got an answer that makes sense.
In my country that would be a great reason to change ISP asap, but here I have to deal with what I have
Any advice about a good router for home use?

You should ask your ISP for what models they recommend. They will likely have some recommendations.
There are soooooo many routers out there.

Maybe you should look at Hamachi in the meantime. Unity is getting closer.... much closer....

I did ask them, best routers? icotera, of course! national brand, there can be any better?
The support guy said even with fixed IP Hamachi is not gonna work until the fiber box is bridged
On the meantime thanks a lot Damned for the quick replies

I would try it...

Yep, try Hamachi - it gets around the issues we’ve been discussing.

Sorry - it does appear you tried Hamachi. It is unusual for a network provider to be blocking Hamachi.

The support guy said even with fixed IP Hamachi is not gonna work until the fiber box is bridged

Guy doesn't know what he's talking about.

https://www.vpnuniversity.com/learn/what-to-do-if-your-vpn-is-blocked

What about getting the year long PureVPN sub, that way you can carry your IP and VPN with you should you need to change ISP's?

Sorry - it does appear you tried Hamachi. It is unusual for a network provider to be blocking Hamachi.

yes, I did it! two times, before they made the bridge and after, in both cases I was able to create the network, my players were able to login, but they were unable to login in FG.
Ping attempts failed in both directions, and if I was running a diagnose the result was I have a firewall problem (which I verified is not a pc problem trying from two different computers).
I have a paid VPN software (Cyberghost) works fine for some p2p and accessing geo detection services and sites (like netflix back in the day) but isn't helping with FG

Regarding the question about why so many problems from my ISP I have the feeling is a combo of several factors that make them communicate in a obscure way to hide what probably are poor commercial directions
I will keep you posted on how things go when i get the router and the fiber box gets bridged

yes, I did it! two times, before they made the bridge and after, in both cases I was able to create the network, my players were able to login, but they were unable to login in FG.

And they were putting your hamachi assigned IP address into the "host" box when trying to connect?

You may also need to go to network connections and set the Hamchi Connection profile to Private

You may also need to go to network connections and set the Hamchi Connection profile to Private
I didn't thought about it back then, just checked it now and yes, my hamachi profile is set to Private


And they were putting your hamachi assigned IP address into the "host" box when trying to connect?
Yes, as described in the thread about how to use hamachi, alias was disabled and the host address was the hamachi address, it was taking a long time but in the end wasn't able to connect (i would say it was a timeout answer)

little update, in case you are wondering what happened.
I got a router, set up the port forwarding, assigned a permanent dhcp address for the pc, etc.
I got a nice router that maps all the house network with all devices etc, really cool device
Ask the ISP to put the fiber box in bridge mode with fixed IP.
and...still not works, all ports keep appearing as closed or give timeout, and of course nor Hamachi nor FG are working
After 2 hours on the phone testing with my pc, and two different laptops wired directly in the fiber box the ISP agreed to send a technician next week (this is going to be useless since he is merely coming to verify the fiber box they have installed one week ago is not broken)

Funny fact, yesterday I have asked my block neighbour to go to canyouseeme.org and try a few ports, guess the result? all ports are closed!!!
I think here the problem is somewhere else, maybe the building has a common access point somewhere, or maybe the area network hub.
Regardless if this is going to be fixed (I don't think so) its obvious is not in my home setup, as so I felt I had to thank you guys for the time invested trying to find the solution for a problem that was not there.
Thank you for your time an effort

Keep in mind that canyouseeme.org will report ports closed unless there is an application up and running using a port, and that port has a specific port forwarding rule on the router.

Ports with nowhere to go (no port forwarding) will show closed. Ports with somewhere to go but no app running at the location (port) will show closed.

So getting a neighbour to check a few ports will show them all closed, because there's nothing listening on those ports for their WAN IP address.

But you and your neighbour could both go to google and type: what is my ip address
They should not come back the same if your ISP is being straight with you.

If you would like me to have a look at your setup with you please send me your email via PM.

I understand what you mean, I have ask him to check ports that are usually open, like 80, 8080, 443, etc
I'm not an expert but I assume that testing port 80 with the browser it fulfills the required conditions you mentioned

In the other hand, we work for a big corporation and this building of apartments was built by the company.
Nowaday the apartments are managed by a real estate company but i would not be surprised that back in the day they build it like any other corporation office

Quick edit: WE SUCCEED TO MAKE FG WORK!!! :D
Using Hamachi, we created a new network using the option managed network, so whatever the ISP do with the ticket at least we will be able to play FG

I understand what you mean, I have ask him to check ports that are usually open, like 80, 8080, 443, etc
I'm not an expert but I assume that testing port 80 with the browser it fulfills the required conditions you mentioned

nope.
there are two directions.
inbound and outbound
when you request data from a web server you are sending a request OUT
at the other end the request is coming IN
this request will be coming from a (semi)random port on your computer larger than 1024
and then your router will NAT that request and give it a new source address (its own IP) and a new source port (another random port, usually above 1024)
the remote server will receive that request on port 80 (or more likely 443 today) and send data back to
your routers ip address and the port it specified

there are almost always dozens of open ports on the router listening for return traffic - but they will only accept the return traffic that matches the request data they sent out

---

when you host a FG server its all around the other way
you are accepting connections from out there, coming IN to your network on TCP1802

---

you need to have allowed TCP1802 in an INBOUND direction from ALL external parties
and you need to have a port forward rule that sends that TCP1802 traffic to your computer on TCP1802

---

can you see me will see nothing on 80/443 etc - unless your router is misconfigured...

Please, help me to get success in test and to successfully host the games :(

1. Internal 192.168.50.40 External 5.18.103.208
2. Router WAN IP: 10.218.4.6
3. Wired
4. Adapter is private
5. No AV
6. Tracing route to dns.google [8.8.8.8] a maximum of 30 hops:

1 <1 ms <1 ms <1 ms router.asus.com [192.168.50.1]
2 4 ms 3 ms 2 ms 172.31.254.62
3 1 ms 1 ms 1 ms 5x18x6x245.static-business.spb.ertelecom.ru [5.18.6.245]
4 1 ms 1 ms 1 ms net131.234.188-158.ertelecom.ru [188.234.131.158]
5 2 ms 2 ms 2 ms net131.234.188-159.ertelecom.ru [188.234.131.159]
6 2 ms 2 ms 2 ms 74.125.244.132
7 31 ms 49 ms 14 ms 216.239.51.249
8 16 ms 15 ms 15 ms 72.14.233.201
9 6 ms 6 ms 6 ms 216.239.54.50
10 * * * Request timed out.
11 * * * Request timed out.
12 * * * Request timed out.
13 * * * Request timed out.
14 * * * Request timed out.
15 * * * Request timed out.
16 * * * Request timed out.
17 * * * Request timed out.
18 * * * Request timed out.
19 6 ms 6 ms 6 ms dns.google [8.8.8.8]
Trace complete.

7. There are two port forwarding rules in router settings:
fantasy grounds | external port 1802 | internal port 1802 | internal ip 192.168.50.40 | protocol TCP
fantasy grounds | external port 3074 | internal port 3074 | internal ip 192.168.50.40 | protocol UDP

In windows firewall I have some rules:
1. Open TCP 1802 for all
2. Open UDP 3074 for all
3. Allow FantasyGrounds.exe inbound connections

6. Tracing route to dns.google [8.8.8.8] a maximum of 30 hops:

1 <1 ms <1 ms <1 ms router.asus.com [192.168.50.1]
2 4 ms 3 ms 2 ms 172.31.254.62
3 1 ms 1 ms 1 ms 5x18x6x245.static-business.spb.ertelecom.ru [5.18.6.245]


This second hop is an internal IP address - so it suggests that either you have two devices in your connection architecture or your ISP is sharing public IP addresses between their customers - which is common practice now as there aren't enough IPv4 addresses to go around.

If you don't have 2 devices in your Internet connection setup then you have a couple of options:
1) Ask your ISP to give you your own public IP address (this may cost you) or to enable TCP port 1802 forwarding within their setup.
2) Use one of these alternatives: https://www.fantasygrounds.com/forums/showthread.php?43607-Port-Forward-Alternatives

Comcast and Xfinity users - your ISP is "protecting" you and blocking incoming connections on your Port Forwards.
https://www.xfinity.com/support/articles/using-xfinity-xfi-advanced-security
You will need to go in and unblock the FG server AND your players every 30days.

Can host FG normally on one computer in my family's network (with incoming connections from all over the world) but not two others. Here's the information for one of them:

* Internal address info: 192.168.1.104
* External address info: 118.161.179.239
* Wired.
* Computer is using Windows 7 Professional, so Network is set to "Home Network" in settings. (I've also used secpol.msc to manually set it to private.)
* Norton 360, with traffic rule: "Allow, Direction: In/Out, Computer: Any, Communications: Specific, Protocol: TCP"
* tracert 8.8.8.8:
1 <1 ms <1 ms <1 ms 192.168.1.1
2 4 ms 4 ms 4 ms h254.s98.ts.hinet.net [168.95.98.254]
3 4 ms 4 ms 3 ms clpy-3302.hinet.net [168.95.105.2]
4 6 ms 5 ms 5 ms tylc-3032.hinet.net [220.128.9.218]
5 6 ms 5 ms 5 ms tyfo-3031.hinet.net [220.128.8.194]
6 5 ms 5 ms 5 ms pcpd-3211.hinet.net [220.128.12.45]
7 7 ms 6 ms 6 ms 72.14.218.142
8 5 ms 5 ms 5 ms 172.253.64.123
9 6 ms 6 ms 5 ms 72.14.237.231
10 5 ms 5 ms 6 ms dns.google [8.8.8.8]

* Router rules:
Fantasy Grounds 1802 1802 TCP 1802 1802 192.168.1.104 ppp0.3
Fantasy Grounds 1802 1802 TCP 1802 1802 118.161.179.239 ppp0.3
* Fantasy Grounds is allowed to connect through Windows firewall on Private and Public networks.

Can host FG normally on one computer in my family's network (with incoming connections from all over the world) but not two others.
Welcome to the FG forums Senlia!

You can only specifically host on one GM computer within your family's network. This is due to port forwarding only works to one specific computer - you can't have multiple port forwards active at the same time - your "router rules" in the info you have provided.

Note that this port forwarding is only needed for the GM, not for the player. Do you need multiple different GM computers in your family's network? That is, will there be GMs running FG games on different computers?

Welcome to the FG forums Senlia!

You can only specifically host on one GM computer within your family's network. This is due to port forwarding only works to one specific computer - you can't have multiple port forwards active at the same time - your "router rules" in the info you have provided.

Note that this port forwarding is only needed for the GM, not for the player. Do you need multiple different GM computers in your family's network? That is, will there be GMs running FG games on different computers?

Thanks for the quick response. I'm ultimately trying to figure out why my wife's computer (this account) can't connect to my FG session on my laptop. So far, the only thing that's consistently different between the two computers is that I can successfully connect to the FG servers on my laptop to host, whereas I can't host or connect to anything on the desktop (this account).

If you are all on the same network then you connect to the host using the host's internal IP address - not the external address or alias.

As Trenloe points out you can only have one Port Forward rule at a time. So if you need to host on two computers you'll need to swap the rule so that it is pointing at the correct computer when you are hosting on that one.

I think the multiple open port rules on the modem was confusing things. I corrected that, and then connected via internal IP. Success! Thank you for the quick help again.

Hi all,

New install here and can't get a successful connection test.

I did have to set a static IP on my PC (outside my DHCP pool).
I also changed my network type to private (not sure why it was set to public)
I can access fantasygrounds.com
I've checked Windows firewall and it has an exception entered for Fantasy Grounds
I have an Arris BGW210 router through AT&T and I've setup port forwarding and set it to my static IP (system uses a drop-down of available devices so know I didn't mistype anything)

Not sure what else to try.

Here is the info requested:
1. 192.168.1.13
2. 45.18
3. wired
4. private
5. Avast (free, no firewall) turned off AV to test and still can't connect
6.
Tracing route to dns.google [8.8.8.8]
over a maximum of 30 hops:

1 <1 ms <1 ms <1 ms dsldevice.attlocal.net [192.168.1.254]
2 2 ms 18 ms 9 ms 45-18-32-1.lightspeed.rlghnc.sbcglobal.net [45.18.32.1]
3 * * * Request timed out.
4 12 ms 12 ms 13 ms 12.123.152.74
5 17 ms 15 ms 15 ms attga21crs.ip.att.net [12.122.2.161]
6 10 ms 10 ms 10 ms gar1.nsvtn.ip.att.net [12.122.96.85]
7 11 ms 13 ms 10 ms 12.255.10.4
8 11 ms 11 ms 12 ms 108.170.249.33
9 10 ms 10 ms 10 ms 108.170.225.105
10 11 ms 10 ms 10 ms dns.google [8.8.8.8]

Trace complete.
7. Arris BGW210 router through AT&T and I've setup port forwarding for TCP 1802 and set it to my static IP

All of that looks ok.
Do you have another computer that you can install FG on and try to connect to your main PC with?
Use the 192.168.1.13 address for the server name/alias.