Valhalla Legends Forums Archive | General Discussion | Attempting to Setup Servers Behind Router (no luck)

AuthorMessageTime
rabbit
Right.  Okay.  So, here's my problem(s):
1. I can't Direct Connect on AIM/gaim/Trillian/YIM/MSN, etc...
2. I can't access Apache from outside my network
3. I probably can't access TestBNCS (if I ever get it working) from outside my network
4. I can't access my own server (my own) from outside my network
5. I can't access any of the above from typing in my network WAN IP (which is currently 70.106.88.134)
6. Persistent port forwarding is set for Apache, TestBNCS, and my server, and application triggered port forwarding is set for Gaim, Starcraft, and Warcraft II, and Virtual DMZ is set on the host box LAN IP (192.168.2.9)
7. WTF?!  I hate Microsoft even more now
8. I can't host games in Starcraft, Warcraft II, but I can in Diablo II/LoD
9. Testing results in showing that I get the same problems regardless of having all firewalls and whatnot off (including the router fire wall).

I'm using a Microsoft Wireless MN-500 Router/Base Station.  Google and Microsoft searches have turned up no help, and the Apache site had nothing.  All of them, however, resulted in me finding out I need to setup port forwarding (which I did).  Anyone got any other ideas?
September 18, 2005, 10:41 PM
Mangix
dunno if this will be much help but a friend of mine had the same issue. i dont think he tried port forwarding but what he did was change his IP(the 192 thing) and then it worked.

the only explination i have for that is that router firewalls only block specific IPs.
September 18, 2005, 10:45 PM
l2k-Shadow
Set your DMZ to your computer's router IP.
September 18, 2005, 10:52 PM
Yegg
You should learn about port forwarding before you go as far as to "hating microsoft".

Go to your routers configuration through your browser. It is usually something like:
192.168.1.1

I don't know what kind of a router you have so I can't direct you to exactly the proper place to go to, but look for a Port Range Forward type section in the configuration. YOu should be able to set ports for "applications", and specify the router IP in which they use. For instance, 192.168.0.100. Save your router's settings and applications that use the ports that you specified should start to operate respectively. portforward.com has more in detail on the concepts of this procedure.
September 18, 2005, 11:45 PM
Kp
It looks like most of your problems are being caused by an inferior NAT device. :)  I use a Linux box for routing/NAT and have yet to encounter any situation it couldn't route right.

[quote author=rabbit link=topic=12848.msg128627#msg128627 date=1127083278]1. I can't Direct Connect on AIM/gaim/Trillian/YIM/MSN, etc...
2. I can't access Apache from outside my network
3. I probably can't access TestBNCS (if I ever get it working) from outside my network
4. I can't access my own server (my own) from outside my network
5. I can't access any of the above from typing in my network WAN IP (which is currently 70.106.88.134)[/quote]

These are all manifestations of the same problem.  Your connections aren't being forwarded to the appropriate host(s).  The good news is that if you find how to fix one of them, all the others will be copy&paste fixes.

[quote author=rabbit link=topic=12848.msg128627#msg128627 date=1127083278]6. Persistent port forwarding is set for Apache, TestBNCS, and my server, and application triggered port forwarding is set for Gaim, Starcraft, and Warcraft II, and Virtual DMZ is set on the host box LAN IP (192.168.2.9)[/quote]

All I can say here is check that the ports are being forwarded to the correct internal IP.  If in doubt, post exactly how the rule(s) appear in the router.

[quote author=rabbit link=topic=12848.msg128627#msg128627 date=1127083278]8. I can't host games in Starcraft, Warcraft II, but I can in Diablo II/LoD[/quote]

This may be a red herring.  If you're creating realm games for Diablo II, then you're not really hosting them at all -- battle.net is.  If you mean you're able to host an "open" class game, then your port forwarding rule(s) for Diablo II are actually working.  It should be possible to replicate them to resolve the other problems
.
[quote author=rabbit link=topic=12848.msg128627#msg128627 date=1127083278]9. Testing results in showing that I get the same problems regardless of having all firewalls and whatnot off (including the router fire wall).[/quote]

This is to be expected.  The problem is not that the packets are being filtered by the router, but that they're being lost because it doesn't route them where you want them to go.  That said, if there are any Microsoft products in this network, I'd highly advise not turning the firewalls off. :)
September 19, 2005, 12:54 AM
rabbit
T.T
I have no settings for Diablo II, and yes, I've hosted Open and Realm games just fine.

@Kp:
[quote author=rabbit link=topic=12848.msg128627#msg128627 date=1127083278]
I'm using a Microsoft Wireless MN-500 Router/Base Station.
[/quote]

I'm hating Microsoft for more than just their routers, at this point.
September 19, 2005, 1:01 AM
Kp
[quote author=rabbit link=topic=12848.msg128641#msg128641 date=1127091677]I have no settings for Diablo II, and yes, I've hosted Open and Realm games just fine.[/quote]

Interesting.  However, without seeing the configuration of your router, there's really not much more any of us can do.
September 19, 2005, 2:07 AM
rabbit
If you need to see anything else, just let me know.

http://www.liquid-server.org/images/router/
September 19, 2005, 10:01 PM
LoRd
[list]
[li]Why did you set the router's DMZ to your router's IP address?  Unless the computers are behind a locked down firewall, or an additional router, don't enable the DMZ... ever.[/li]
[li]UPnP-enabled programs automatically forwards ports, providing ofcourse, that your router has support for it, so you don't need to manually forward ports for them.[/li]
[li]Set the ending ports in your port forwarding setup.[/li]
[li]Disable DHCP and/or manually set the IP's of the computers that will be using static port forwarding.[/li]
[/list]

Do you have any other devices that could be contributing to this problem?  Keep in mind, most broadband modems function as routers as well.
September 19, 2005, 10:42 PM
rabbit
[quote author=Lord[nK] link=topic=12848.msg128714#msg128714 date=1127169779]
Why did you set the router's DMZ to your router's IP address?  Unless the computers are behind a locked down firewall, or an additional router, don't enable the DMZ... ever.[/quote]Because it was suggested earlier

[quote author=Lord[nK] link=topic=12848.msg128714#msg128714 date=1127169779]
Set the ending ports in your port forwarding setup.[/quote]Done and done.

[quote author=Lord[nK] link=topic=12848.msg128714#msg128714 date=1127169779]Disable DHCP and/or manually set the IP's of the computers that will be using static port forwarding.
[/quote]Not sure how anyway!

[quote author=Lord[nK] link=topic=12848.msg128714#msg128714 date=1127169779]
Do you have any other devices that could be contributing to this problem?
[/quote]Nope!

Thanks, trying changes out.

[update]
I still hate Microsoft :\
September 19, 2005, 11:44 PM
nslay
[quote author=rabbit link=topic=12848.msg128708#msg128708 date=1127167295]
If you need to see anything else, just let me know.

http://www.liquid-server.org/images/router/
[/quote]

What the hell!?  Your router's WAN IP is apart of the private IP block too...so it seems your router is connected to another NAT router.

[img]http://www.liquid-server.org/images/router/home1.png[/img]

Assume Internet<->Router1<->Router2<->Your computer
You have 2 options
1) Enable DMZ on Router1 and point it to Router2, on Router2 make sure your ports are being forwarded
2) Have Router1 forward the same ports, except instead of your computer forward it to Router2

Either of the above will fix the problem.
September 21, 2005, 2:05 PM
iago
Incidentally, I don't know if this is the problem or not, some ISP's (like Warrior's) don't allow any incoming connections on any ports.  But I'm more suspicious of how your router is set up than your ISP at this point :P

September 21, 2005, 9:31 PM
rabbit
I only have 1 router T.T
Notice the detailed diagram and ph33r my network:
[img]http://www.liquid-server.org/images/tehph33r.png[/img]

I have Verizon DSL, and AFAIK they don't care about running servers.
September 21, 2005, 11:06 PM
iago
As a temporary test, try this:

- (If you're on Windows) *** Update Windows completely!
- Set your server's ip as the DMZ Host (say your server is 192.168.1.17.. set the DMZ host to that). 
- Try connecting to it from remote (using your external ip, obviously)
- Turn off DMZ Host
*** OR ***
- Plug your server directly into the Internet
- Try connecting to it from remote (using your external ip)

If that works, then your problem is that you need to forward ports properly.  If it doesn't, then you have another problem. 

And, as noted by somebody else in this thread, your external ip shouldn't start with 192.168.  That's an unroutable ip on the Internet, it's only an internal ip.  You can find information for this on RFCs 1918 and 3330, if anybody is interested in unroutable ip's. 
September 22, 2005, 6:26 AM
Myndfyr
I have Qwest as my ISP, and unless you get their business package (nazis that they are), you can't get port 80, 25, 21, or other similar service ports in from external addresses.  :(
September 22, 2005, 6:42 AM
TehUser
That's interesting, because I also have Qwest and I've never seen any sort of port restriction.
September 22, 2005, 2:12 PM
LoRd
[quote author=MyndFyre link=topic=12848.msg128942#msg128942 date=1127371353]
I have Qwest as my ISP, and unless you get their business package (nazis that they are), you can't get port 80, 25, 21, or other similar service ports in from external addresses.  :(
[/quote]

Don't feel bad: almost all ISP's are doing that now.  Frontier's been doing SMTP (port 25) blocking for months now.
September 22, 2005, 2:16 PM
rabbit
I considered stuff like that, and I was running Apache off port 8080 for a while, and it worked in-network, but not externally.  I'll try pluggin in the server sometime when the laptop isn't in use, and Windows is updated all the way.
September 23, 2005, 12:02 AM
nslay
[quote author=rabbit link=topic=12848.msg128910#msg128910 date=1127343999]
I only have 1 router T.T
Notice the detailed diagram and ph33r my network:
[img]http://www.liquid-server.org/images/tehph33r.png[/img]

I have Verizon DSL, and AFAIK they don't care about running servers.
[/quote]

Yes, but your router's WAN IP is a private IP, which means whatever its connected to is a NAT too...which means you need to have ports forwarded from that router too.
Do you live in an apartment that provides internet?  Some of these cheap apartment complexes have a single cable or DSL modem and use a router that does NAT (otherwise it'd be impossible to share the public IP)
The problem is clear, your router is behind a NAT too. (the WAN IP was 192.168.1.47 or something like that?)
September 23, 2005, 2:31 AM
JoeTheOdd
By the drawing, I'd say he lives in a house. =p

But yeah, 127.x.x.x, 10.x.x.x, and 192.x.x.x is reserved to LAN. Your router's WAN address is set to 192.168.1.47, which means that any box would try to access that IP on their LAN, and end up either (probably) getting a "no route to host" or whatever error because that box doesn't exist. I don't know how you got assigned that IP address, having your router set up for dynamic IP (or was it set to static?), but thats your problem.
September 23, 2005, 3:09 AM
nslay
[quote author=Joe link=topic=12848.msg129038#msg129038 date=1127444965]
By the drawing, I'd say he lives in a house. =p

But yeah, 127.x.x.x, 10.x.x.x, and 192.x.x.x is reserved to LAN. Your router's WAN address is set to 192.168.1.47, which means that any box would try to access that IP on their LAN, and end up either (probably) getting a "no route to host" or whatever error because that box doesn't exist. I don't know how you got assigned that IP address, having your router set up for dynamic IP (or was it set to static?), but thats your problem.
[/quote]

Yes, which means his router is behind another NAT router...he's not aware of that it seems.  In order to remedy this problem, he must get the NAT router his router is behind to forward the ports to his router (and then his router forwards the ports to his computer).
September 23, 2005, 3:49 AM
iago
[quote author=Joe link=topic=12848.msg129038#msg129038 date=1127444965]
By the drawing, I'd say he lives in a house. =p

But yeah, 127.x.x.x, 10.x.x.x, and 192.x.x.x is reserved to LAN. Your router's WAN address is set to 192.168.1.47, which means that any box would try to access that IP on their LAN, and end up either (probably) getting a "no route to host" or whatever error because that box doesn't exist. I don't know how you got assigned that IP address, having your router set up for dynamic IP (or was it set to static?), but thats your problem.
[/quote]

To be picky, it's not 192.x.x.x.  The mask is 16-bit, so it's 192.168.x.x. 

From RFC 1918:
[quote]    10.0.0.0        -  10.255.255.255  (10/8 prefix)
    172.16.0.0      -  172.31.255.255  (172.16/12 prefix)
    192.168.0.0    -  192.168.255.255 (192.168/16 prefix)

  We will refer to the first block as "24-bit block", the second as
  "20-bit block", and to the third as "16-bit" block. Note that (in
  pre-CIDR notation) the first block is nothing but a single class A
  network number, while the second block is a set of 16 contiguous
  class B network numbers, and third block is a set of 256 contiguous
  class C network numbers.[/quote]

And nslay is almost certainly right.  I await RaBBiT's response to him. 
September 24, 2005, 4:21 PM

Search