PDA

View Full Version : My Network Refuses to Port Forward?



Jayde Moon
January 12th, 2009, 07:03
Alright, round 57346583!!!

ISP: Verizon DSL
Router: Linksys Wireless-G Broadband Router WRT54G
OS: XP
Firewall: Windows Firewall - Firewall is DISABLED (I get the warning that my computer is open to attack)

Physical description of set-up:

DSL into modem, then to Linksys Router. Normally on the network are four computers.

My two computers are about 40 feet from the router, two single pane windows in between. I never otherwise have connection problems (connecting to other game servers, for example).

The computer with FG II Full license is a laptop.

My other computer is a desktop.

I am able to connect from the desktop into the Host game on the laptop by connecting to the laptop's assigned IP address (192.168.2.100)

However, I am not able to connect to the Host game from the desktop using either my public IP address (provided by my ISP) OR the four word 'server' name generated by FG.

Also, a friend who is outside the network (and several states over) can not connect by either method.

I have run PC Flank, and it diagnoses my port as 'Stealthed'

Looking over what it means to be 'Stealthed', it appears that the problem is I do not have FG running OR that I have a firewall in the middle.

All firewalls are disabled (to include the routers firewall). I have attempted to open ALL ports to this computer. I cannot get it to work.

Any assistance would be greatly appreciated. I've been poring through the forums to see if anyone else has my exact issue. I've seen things like phones plugged in and firewall updates... non of that seems to apply.

Here are some pictures of what is going on:

Wireless is connected
https://www.fantasyorigin.org/FGTS/01ConnectionStatus.PNG
IP of machine is verified
https://www.fantasyorigin.org/FGTS/02ConnectionStatus.PNG
Initial set-up page in the router
https://www.fantasyorigin.org/FGTS/03SetpPage.PNG
The router firewall page. It is enabled here, however I disabled it completely and still no love.
https://www.fantasyorigin.org/FGTS/04Firewall.PNG
Port forwarding page
https://www.fantasyorigin.org/FGTS/05PortForward.PNG
The DMZ page as well as a description (likely unnecessary for you guys) of what that is. It is disabled here, but I did enable it and test, along with the aforementioned disabled firewall.
https://www.fantasyorigin.org/FGTS/06DMZoff.PNG
https://www.fantasyorigin.org/FGTS/07WhatIsDMZ.PNG
Port trigger page, am I missing something here, perhaps?
https://www.fantasyorigin.org/FGTS/08PortTrigger.PNG
Some informational stuff
https://www.fantasyorigin.org/FGTS/09AdminManage.PNG
https://www.fantasyorigin.org/FGTS/10StatusRouter.PNG

Jayde Moon
January 12th, 2009, 07:03
Continued from above (my apologies to moderators for circumventing your 10 image limit, my intent is not malicious)
https://www.fantasyorigin.org/FGTS/11StatusLocal.PNG
https://www.fantasyorigin.org/FGTS/12StatusWireless.PNG
And finally, a QoS page, maybe I'm missing something here?
https://www.fantasyorigin.org/FGTS/13QoS.PNG

Anyway, yeah. To recap, I have enabled port forwarding, to include the DMZ option, I have forwarded ports to the machine owning the IP 192.168.2.100, which is verified by the Wireless properties page, and I have disabled ALL firewalls completely.

With everything, my computer should be WIDE OPEN to the web. But can't connect with FG.

What I haven't done is call Verizon directly to see if it's something THEY are doing... in the meantime, if folks could look this over and see if I'm smoking the proverbial crack and missing something ridiculous...

Thanks!

Danny

unerwünscht
January 12th, 2009, 07:47
Your router is just a router, and connects to a model provided by verizon. You can one contact verizon and have them send you a "dumb" modem, or two have them walk you through turning the smart modem functionality off... I use to have a very detailed walk through on how to do this, but cant seem to find it at the moment, and do not have the time to type it all out again right now.

I can give you the hint that you should find your modem at 192.168.1.1 with the configuration that you have.

Jayde Moon
January 12th, 2009, 21:08
Looking over what you've posted, I tried to see what I could find. To get on the same language, are you referring to the issue of 'double NAT'?

unerwünscht
January 12th, 2009, 22:25
Indirectly yes, the issue you are dealing with Address Masquerading. You can forward through both network translations (provided your modem has forwarding control) but until you resolve the issue with hidden addressing, you will have a dad zone on direct connect.

January 19th, 2009, 02:09
Think this is the same thing it was for me. If so, try updating all of your drives/firmware.


Cheers

unerwünscht
January 19th, 2009, 03:56
Now that I have a little time I will explain further.

With a "Smart" modem, the modem itself maintains the dialer required to connect to a DSL connection. As such the modem actually draws your true external IP address and assigns an internal one to any equipment connected to it, in this case the router.

You have the router itself configured correctly to forward the port to your PC, the issue is the modem does not know where to send that port (even tho it only has one device connected to it.)

There are two solutions to this issue. Solution one is to configure the modem to forward said port to the router, which will in turn forward it to your computer.

Solution two is to turn the smart modem functionality off in the modem, and build the dialer inside the router itself. This tho it sounds more difficult is actually the easier one to do by far. Unfortunately there is not much I can do to assist you with this as you will need your user name and password from verizon, you will also most likely need them to clear your mac address at the switch.

Note to Obe: You should probably include this information in your wiki. It doeskin happen often right now, but it will become more and more common as DSL companies switch off to smart dialers.

PaulofCthulhu
February 15th, 2009, 02:06
This may or may not be similar to what I'm currently experiencing.

PC Computer with Win XP
Full License FG II
WebSTAR DXP100 Cable Modem (Virgin Media ISP)
Linksys WRT54G Wireless Router v.1.1 (latest firmware)

I have set up my computer with an internal static IP (192.168.1.xxx) and set up the Linksys router with portforwarding as descibed above. However when I check: www.canyouseeme.org it says that Port 1802 isn't open.

However *if* I plug the computer directly into the Cable Modem via ethernet cable (circumventing the wireless Linksys router) then www.canyouseeme.org says that Port 1802 *is* open. So for some reason the wireless router is blocking the port, even though I've set it up for Port Forwarding of 1802 as described above.

Any ideas/help much appreciated!

P.

Griogre
February 15th, 2009, 03:58
Did you set up your cable modem to forward the port to the IP address of the *Wireless* router? Then the wireless router to forward to your static local IP? It sounds like you had the cable modem forward to your static local IP but your computer with the static IP is not normally connected to the cable modem. You have to pass that port done the daisy chain of however many routers, switches, ect are between the Internet and your computer.

PaulofCthulhu
February 15th, 2009, 10:43
Alas I cannot access the functions of the Cable Modem. Its inner workings are sealed by the ISP so I have no access to them.

The Cable Modem (WebSTAR DXP100) has an IP Address of 192.168.100.1

The WRT54G Wireless Router has an IP Address of 192.168.1.1

Are there any settings I can change on the WRT54G wireless router to make things work?

Sorontar
February 15th, 2009, 13:28
Alas I cannot access the functions of the Cable Modem. Its inner workings are sealed by the ISP so I have no access to them.

The Cable Modem (WebSTAR DXP100) has an IP Address of 192.168.100.1

The WRT54G Wireless Router has an IP Address of 192.168.1.1

Are there any settings I can change on the WRT54G wireless router to make things work?

Just to check. You've gone into your router configuration and forwarded port 1802 to the static internal IP of your PC?

PaulofCthulhu
February 15th, 2009, 13:37
Correct. I have gone into my wireless router (Linksys WRT54G) and set up and enabled Port Forwarding of Port 1802 to the static internal IP of my computer (192.168.1.55).

Spyke
February 15th, 2009, 17:09
I found this thread that discusses how to get to the setup page for your cable modem:

https://www.broadbandreports.com/forum/remark,4261606

It looks as though you have to work offline to change the settings. The thread doesn't discuss port forwarding, but it might help you get to the next step.

(Not sure you need to port forward from the cable modem though. Isn't this just a modem, not a router? To me this still looks like an issue with the setup of the wireless router. Does that have its own firewall?)

Spyke

PaulofCthulhu
February 15th, 2009, 17:16
Thanks, I'll have a look at that! [I can see the Cable Modem status/info pages on the network at 192.168.100.1, I just can't change anything - viewable only)

Yes, I believe it's just a modem (not a router). Funny thing is that other programs that have required Port Forwarding (some live web cam stuff, some specialist Skype stuff) have worked fine with Port Forwarding on this router.

There is a firewall in the router and it looks exactly like the screenshots in the first couple of posts of this thread.

Spyke
February 15th, 2009, 17:23
There is a firewall in the router and it looks exactly like the screenshots in the first couple of posts of this thread.Check you haven't got any other settings on the wireless router forwarding port 1802 to a different IP address, e.g. something with a range of ports that's also picking up 1802.

Also, port forwarding will generally open the port in the firewall in the device, but they are two different things. It's possible that you have to do both steps: 1) open a port in the firewall settings, and 2) forward it.

Spyke

zabulus
February 15th, 2009, 17:28
If this works with your computer connected directly to your cable modem, I'd think your modem is not blocking this connection? I'd look more into your router.
One problem I had before is that my router had "remembered" a computer with a different network name had the static IP-address my FG computer was using now. So I had port 1802 forwarded to the correct IP-address, but the router sent it off into limbo nonetheless. I had to clean the router's list of remembered addresses for the forwarding to work correctly.

EDIT: Maybe this is in the dhcp client table on the status page?

PaulofCthulhu
February 15th, 2009, 17:31
I reset (factory defaulted) the wireless router from scratch this morning and just entered the basic access details, plus the Port Forwarding for Port 1802 to my static computer internal IP, so there's no other conflict I'm aware of.

The computer firewall is open for FG 2 to use Port 1802 (and it seems to be OK, due to success when connected directly to the Cable Modem, and not via the router).

I'll reset it again and see if that clears things!

Spyke
February 15th, 2009, 17:35
Can you disable the firewall in the wireless router (leaving the port forwarding in place), just to rule that out as a problem?

(Also, just in case, please confirm that you are checking whether the port is open while you are actively running a FG2 host session, as the port will be closed otherwise.)

Spyke

PaulofCthulhu
February 15th, 2009, 18:08
OK, done it! :)

It looks like people were right about the Router have a sticky/memory problem. By reseting (again) to the factory defaults on the router and cleanly re-entering the Port Fowarding information, then CanYouSeeMe.org now says that Port 1802 is Open!

The Firewall router has been left (on and in place as per factory default) and it still reports OK.

A quick test on connecting as a Player reports a License Key Conflict! Huzzah! Who would have thought that would have been seen as a good thing? ;)

Many thanks for the help. I hope this info is of some use:

1) Check if you can connect directly to via the Modem.
2) If in doubt, reset router to clear memory/retention problems on Port Forwarding assignments

How to see if i can get it the Hosting connection working on the Mac properly.!

Many thanks!

zabulus
February 15th, 2009, 18:25
It looks like people were right about the Router have a sticky/memory problem. By reseting (again) to the factory defaults on the router

See, this part bothers me a bit. If you reset your router to its factory defaults, once should have done the trick. I didn't reset mine, since I had other settings in place I didn't want to have to do again, but resetting should have solved my problem as well. The fact that resetting it once didn't solve yours worries me that you may only have hit a temporary solution (Resetting it might give your computers a different static IP, depending on the order in which they connect to the router, for instance).

Anyway, I'm happy you were able to get it working for now, hope you will have as much fun as we are having using this product :)

Spyke
February 15th, 2009, 18:25
Excellent. Glad you're up and running. :)

Spyke

PaulofCthulhu
February 15th, 2009, 18:35
Thanks. At least I know how to get to this stage now, even as I do some more fiddling. :)

Next up, (for anyone who may know the answer). Is it possible to have multiple computers act as hosts on the same network? e.g. Two machines, both with full licenses on the same network, either of which could be used to host games, but each has their own (different) static IP?

PaulofCthulhu
February 15th, 2009, 19:53
Other good news, now this seems to be sorted on my machine. I've manged to get it working as a Host on my Mac laptop too.

zabulus
February 16th, 2009, 07:48
Next up, (for anyone who may know the answer). Is it possible to have multiple computers act as hosts on the same network? e.g. Two machines, both with full licenses on the same network, either of which could be used to host games, but each has their own (different) static IP?

You mean non-simultaneously? I don't think that should be any problem, although you'd have to switch your port-forwarding before switching host.

Simultaneously it might be possible by having one of the computers use a different FG port than 1802 (I'm not sure if that port number is in a configuration file or registry key somewhere). In this case you should set up your FG host using an alias rather than the IP-number, or clients wouldn't know to which computer they'd connect. I'm not quite sure how the clients would work out which port would go with which alias, but I'd try it out anyway :)

Griogre
February 16th, 2009, 10:56
Like Zabulos said the issue would be the port forwarding back to the servers. If you had two servers up at the same time, your router would still only forward everything on port 1802 to one machine so the other would have to use a different port. Alternatively, I do think you *could* run two FG servers if you port forward one game as normal and then used a VPN for the second game.

I'd worry about bandwidth if you ran two FG servers simultaneously unless you have a commercial type Internet connection.

PaulofCthulhu
February 16th, 2009, 22:09
Thanks, everyone. For current purposes just switching the router port forwarding to different assigned IPs for Port 1802 as necessary seems the best way forward.

Cheers!

dr_venture
September 4th, 2011, 18:41
Low, these many moons later, I'm re-opening this thread because I'm having the very same problem with the same router. I finally got rid of my horrible satellite INternet connection & got connected via a local ISP covering my remote area via wifi. Great signal, great bandwidth, but now FG always shows the FAILURE for its network test. The situation is thus:

* Linksys WRT54G router (older model - LAN IP 192.168.1.1).
* Hosting computer is set up with a static IP (LAN IP 192.168.1.225).
* Router has port 1802 forwarded for both UDP & TCP to hosting computer's static IP.
* I checked 1802's state via www.pcflank.com (with FG open & hosting a game) - the port shows as "closed"
* I've reset the router to factory defaults twice now (held down teh reset button until the front panel lights showed rebooted itself - username & password were then observed to have been reset).
* Upgraded the router to the latest firmware (requiring a 3rd reset).
* This same router was used previously to port forward 1802 to a different IP, FWIW.
* I have a call in to the ISP to see if there is any issue with port 1802 on their end - I'm assuming that will lead nowhere.

If I had to guess, I'd say that the router is just not forwarding correctly for some stupid reason. In any case, any help would be appreciated. I've been dying to host FG sessions, and it just kills me that everything is finally ready after soooo many months, but the port forward thing is a problem when it shouldn't be.

Signed,

Anxious in the Sticks

Trenloe
September 4th, 2011, 20:27
Can you try enabling UPnP setup on the router - this allows FG to try to set the port forwarding for you (but only when it is running).

1) Somewhere in your router config there there should be an option to enable UPnP - enable it. Some routers may even show a UPnP port map for the currently active port forwarding (I'm lucky, mine does).

2) Remove your manually created port forwarding.

3) Start FG and host a game.

4) If you can view the current UPnP mappings in your router check to see if it has an entry for port 1802 active to your hosting computer.

5) Run the pclank test and hopefully it will show "open".

dr_venture
September 4th, 2011, 20:44
Hey Tren - thanks for the reply! UPnP was enabled already (default setting), so I disabled the port forwarding - still reports as closed, & FG test still shows "FAILED." Frustrating. I also tried enabling the DMZ setting on the router & setting DMZ IP to my host computer - still reports as being closed. FG was hosting, of course.

I should also note that I'm running the latest dev build, FWIW.

Trenloe
September 4th, 2011, 20:56
UPnP was enabled already (default setting), so I disabled the port forwarding - still reports as closed, & FG test still shows "FAILED.".

Do you see a list of the currently active UPnP port forwards in your router? If so, did this show up OK for port 1802?

One possible thing to try (as you've enabled DMZ) is to disable UPnP (so there is no specifically defined port forwarding for port 1802) and try with DMZ enabled. This should, in theory, forward all none matching port requests to your DMZ computer - so, if there is no configuration for port 1802 (either manually set or via UPnP) then it should forward on to the DMZ computer. This is just testing to see if manually or UPnP set forwarding is an issue on your router.

dr_venture
September 4th, 2011, 21:09
Sorry, you did ask for that previously. The only thing I can see in the router's interface that is related to UPnP is just a checkbox.

Tried with UPnP = disabled; port forwarding = disabled; DMZ = hosting computer (192.168.1.225); closed & relaunched FG: no change, FG test fails & port is reported as being 'closed'

Trenloe
September 4th, 2011, 21:21
Sorry, you did ask for that previously. The only thing I can see in the router's interface that is related to UPnP is just a checkbox.

My old router was like that too.


Tried with UPnP = disabled; port forwarding = disabled; DMZ = hosting computer (192.168.1.225); closed & relaunched FG: no change, FG test fails & port is reported as being 'closed'

:(

Sounds like there's either a block at your ISP end, or a block at the host PC end, or a faulty router (do you have any issues with other port forwarding?)

Have you tried running a second instance of FG on the same computer as the host and connecting as a player? This might just give us an idea if there are any issues locally.

Another thing to try is check if FG is actually being allowed to "listen" on 1820 on the host PC. We need to run a windows command prompt (if you know how to do this skip the next section). If you're on Windows, press and hold the windows key and press r (or select windows Start -> Run) - this should give you a "Run" dialog box. Type cmd and press return.

This will give you a windows command prompt. With Fantasy grounds running and hosting a game, type:

netstat -a -p tcp

then press return. A bunch of data under "active connections" will be displayed (it may take a few seconds to complete). Check for a line that looks something like this (LocalComp will be the name of your PC):

TCP 0.0.0.0:1802 LocalComp:0 Listening.

If this line is there, then Fantasy Grounds is running OK and listening on port 1802. If not, then something on the local PC may be blocking it - windows firewall, some other security software, etc.

dr_venture
September 4th, 2011, 21:52
All kinds of good info - thanks so much for taking the time to write all that up!

I can log onto FG with a 2nd instance, no prob. I doubt the router is bad, as the forwarding was working with my previous satellite net connection - it only stopped with the new connection. I ran the command line test, and I do see that port 1802 is listening, so that looks fine too.

I think your guess about the ISP being the root of the problem are correct. I have a call into them, but I'm sure that they won't be back in to the office until Tuesday (Labor Day holiday here on Monday).

Trenloe
September 4th, 2011, 21:58
All kinds of good info - thanks so much for taking the time to write all that up!

No worries, hopefully it will help other people with similar issues who check the forums.


I think your guess about the ISP being the root of the problem are correct. I have a call into them, but I'm sure that they won't be back in to the office until Tuesday (Labor Day holiday here on Monday).

That's a shame - hope you didn't have any FG gaming planned over the long weekend...

Re ISP - my ISP has a login page on their site where I can login with my account and change some settings for my connection, including a limited firewall. May be worth seeing if there is a similar portal with your ISP and if there are some firewall settings you can play around with there (perhaps turn it off for testing)?