Other NAT and Network Games
OK, you don't have either a Netgear RT114/RT314 or Cisco 675/678 like I have, can I still help you get your network games configured. Well, I don't know for sure about the information on other routers/DSL modems but I will try to help you out.
I do not have access to most of the equipment listed here. The information is correct to the best of my knowledge. If it doesn't work--it doesn't work.
"Pinhole" Port Forwarding
Currently the Speed Touch Pro Do you have a Speed Touch Home and not a Speed Touch Pro? You can "hack" your modem and make it a Pro. does not have a method for forwarding a range of ports to an internal machine. You can "pinhole" the NAT, if you only need a port or two. To do this telnet to your DSL modem, the default address is 10.0.0.138. The following two commands will forward the HTTP port (80) to the local IP address 10.0.0.1
nat create protocol=tcp inside_addr=10.0.0.1 inside_port=80 outside_addr=0 outside_port=80
save nat
DMZ
Because DMZ exposes all ports it is inherently less secure. I recommend that you use DMZ only if other methods fail. You should use other means to protect the machine from compromise.
If you need to open a wider range of ports you will have to set the machine as the default server; also called DMZ or de-militarized zone. If you are wanting to play a DirectPlay game check out DXport, it will allow you to use a smaller number of ports. To put an address (in this case 10.0.0.1) in the DMZ, telnet to the modem and then use the command:
nat defserver addr=10.0.0.1
save nat
To remove this entry and reduce the exposure of your machine, use the following command:
nat defserver addr=0.0.0.0
save nat
with Qwest/MSN the 860
With MSN, failure is not an option. It comes bundled with the service.
Call Qwest and MSN, and bitch to them They probably couldn't care less. Cancel the service, connect to another ISP. Refuse to pay any "early termination" fee because they misled you into buying an inferior product. Their website claims that MSN Broadband Powered by Qwest Deluxe....for online gaming, e-mailing large attachments or downloading large files. Obviously it ain't so.
Well, they finally changed the text to omit the online gaming part., according to the Arescom Qwest/MSN troubleshooting FAQ:
(Question) I want to play online games with my friends but I can't seem to get it to work, what can I do ?
Answer: Playing games across the MSN unit is not currently available due to the preconfiguration of the unit. MSN and ARESCOM are currently working on this issue. Please watch the MSN FAQ for future announcements.
And don't bother "watching" the FAQ for announcements, they haven't made any in six months or more.
While this is probably not the "official" position of MSN on the subject this is the one email I have received regarding the issue. This email appears to originate from a level one service drone working for Sykes, a technical support outsourcing firm, presumably handling MSN issues. This email was sent "anonymously" to me.
Return-Path: <misinitieicihi@hotmail.com>
Received: from phobos.email.Arizona.EDU (128.196.133.165) by deimos.email.Arizona.EDU (6.0.053)
id 3D6A36EF00105BD2 for [my email address expunged]; Mon, 2 Sep 2002 17:21:03 -0700
Received: from hotmail.com (207.68.164.83) by phobos.email.Arizona.EDU (6.0.053)
id 3D6FA8450004B7C2 for [my email address expunged]; Mon, 2 Sep 2002 17:21:03 -0700
Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC;
Mon, 2 Sep 2002 17:21:02 -0700
X-Originating-IP: [12.158.56.241]
From: "Mr. Man" <misinitieicihi@hotmail.com>
To: [my email address expunged]
Subject: question
Date: Mon, 2 Sep 2002 20:22:12 -0400
MIME-Version: 1.0
X-Mailer: MSN Explorer 6.10.0016.1624
Content-Type: multipart/alternative; boundary="----=_NextPart_001_0000_01C252BE.6BD80BE0"
Message-ID: <DAV26lN2aKfAud6jzxw00011f5f@hotmail.com>
X-OriginalArrivalTime: 03 Sep 2002 00:21:02.0755 (UTC) FILETIME=[C9425F30:01C252DF]
------=_NextPart_001_0000_01C252BE.6BD80BE0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
F[s]ck your Nat games!!! =20
Mother f[s]cker we do not support games here at msn, an=
d if you read your agreement on games
=20
GAMING ZONE
Your use of MSN Gaming Zone ("MSNGZ") is also subject to the Code of Cond=
uct located at the MSNGZ site. Additional policies relating to online con=
duct, uploaded files, conferences, bulletin boards and other matters are =
posted at the MSNGZ site.
MSNGZ reserves the right to use numeric codes, global unique identifiers =
(guides), cookies or other technologies in order to identify specific com=
puters that access the Zone. This information may be monitored to develop=
aggregate and anonymous statistics regarding computer use on the Zone th=
at may be used for MSNGZ operations or by third parties. Computer identif=
ication technology may also be used to enforce the MSNGZ Terms of Use.
and another thing it is not Msn support reps issue that games cannot work=
well on this gaming zone!
we just take calls and help with connectivity issues and we have support =
boundaries, and things we are not to do, we do not support games, as of y=
et networks, ect.... so before in the website you type call and bitch at =
Quest and Msn you need to read and make sure you have something to bitch =
about, it is obviously your web site having issues so why don't you work =
on it to make different isp's or modems work??
and damn its just a game stop bitching you whining bastard...Get more fro=
m the Web. FREE MSN Explorer download : http://explorer.msn.com
For the record, not that an abusive email like this requires a response, I will address his points.
- They are not my NAT games, they are Microsoft and those developers that choose to use DirectX API.
- I'm not an MSN user, partly because MSN does not seem to support games
- I have no agreement with MSN Gaming Zone, I connect directly with other machines on the Internet and do not use their matching making service.
- The issue is not wheter games work well on the MSN Gaming Zone or not, MSN users cannot play DirectX API games using the DSL router currently shipping.
- I think being unable to connect to a game is definately a connectivity problem.
- My website does not have any issues regarding NAT as it does not use the DirectX API. My website is designed using the latest HTML standards as adopted by W3C.
- It is not just a game it is every game that uses the DirectX API.
- My parents were married when I was born.
There has got to be another way
Take a look at a this post from AJ Stanilawski. It appears if you have the password for the modem you can configure the "Auto Forwarding Table." Unfortunately, I bet that you can't easily get the password (and there is not a password clearing utility).
Justin Heiner has a webpage dealing with Disabling the Firewall on the Arescom NetDSL 800 Modem/Router
DSL Downunder
You can create "pinholes" to forward ports on the Dynalink RTA020. It appears that according to DynaLink the RTA020 can't be made to work with more that 64 ports forwarded at the same time.
You can make a map with the Dynalink Port Mapping Generator This will work only with firmware version 1.8.0.5, sadly Dynalink removed the CLI port mapping ability. which will save you from having to type in each one by hand. Great idea; thanks to Michael Jager for writing it and to Steven Perich for mailing me the link. Michael reports success with 100 ports using this script.
DXport may very well help in this case. DXport will allow you to use a subset of the hundred or more ports that the DirectPlay API uses. This should allow you to only have to forward 10 or so ports to play.
Limited Port Forwarding
You can forward ports on the Speedstream 5600 using the command line interface. It appears however that you can't forward more that 64 ports at the same time. If you only need to forward a few ports,Steps to forward ports on the Speedstream 5660:
- Go to Advanced Setup
- Then go to Network Address Port Translation (NAPT)
- Next, select "Configure NAPT Servers"
- In the Configure NAPT Servers screen, specify the protocol and port to forward and enter the destination IP address of machine you wish to forward the traffic to.
- Click "Add Request" and wait for request to be completed.
DirectPlay
Need more than 64 ports because you are using a DirectPlay application? DXport may very well help in this case. DXport will allow you to use a subset of the hundred or more ports that the DirectPlay API uses. This should allow you to only have to forward 10 or so ports to play.
These methods should work with Linksys models BEFSR41, BEFSRU31, and BEFSR11.
Port Range Forwarding
You can configure the proper ports on the "Port Range Forwarding" menu of the router. Connect to the router and go to the "Port Range Forwarding" menu. To add DirectPlay and the Zone using Port Range Forwarding:
- Enter "DirectPlay" in an available Customized Applications field.
- Next to the name of the application, enter the number or range of the external port(s) used by the server or Internet application in the Ext. Port column. DirectPlay typically uses 47624 and 2300-2400.
- On the same line, select both UDP and TCP protocols.
- Enter the local IP address What is my local IP address? Typically, it will be 192.168.1.2of the machine that you want the Internet users to be able to access.
- Enter "Zone.com" in an available Customized Applications field.
- Next to the name of the application, enter the number or range of the external port(s) used by the server or Internet application in the Ext. Port column. MSN Zone typically uses 6667 and 28800-29000.
- On the same line, select the protocol TCP.
- Enter the local IP address of the machine that you want the Internet users to be able to access.
- Check the Enable box to enable the services you have defined. Port Range Forwarding will not function if the Enable button is left unchecked. This is disabled (unchecked) by default.
Port Range Triggering
If you play with different machines from behind the NAT (remember you can only play with one machine at a time in the same game If you wish to play in the same game I suggest you try DXport, freeware from puffinsoft. You can configure Port Range Triggering. For DirectPlay applications (Such as AOE, AOK, SW:GB, ad nauseum) the proper trigger port is 47624 and the range will be 2300-2400.
This will cause the router to send open the port automatically when you attempt to join a DirectPlay game. This will not work properly if you wish to host. Use either DMZ or port range forwarding if you wish to host.
DMZ Host
Because DMZ exposes all ports it is inherently less secure. I recommend that you use DMZ only if other methods fail. You should use other means to protect the machine from compromise.
If all else fails put the machine you wish to play games on in the DMZ. Put the local IP address of the machine in the DMZ Host menu. Remember this make the machine vulnerable. When done put a 0 in the DMZ Host IP.
Plug and Pray
Linksys recently announced a firmware upgrade (version 1.42.6) that will allow the Linksys routers to work with Microsoft Me and XP UPnP to allow NAT transversal. Make sure you apply Microsoft's UPnP security patch before enabling UPnP.
Enhanced for online Gaming
?
In the Advanced Settings | Special Application menu, use 47624 TCP as trigger, then 2300-2400 ports as "public ports" these are both TCP and UDP so you may need two lines to do this. And don't forget to click enabled. If you intend to play on the MSN Gaming Zone you also need to trigger on 6667 and open 28800-29000.
SMC Barricade DSL Router
Visit NetGamer's SMC 7004BR Barricade and DXPort configuration page.
Special Applications
SMC7004ABR, SMC7004AWBR, SMC7008ABR
After reviewing the documentation on the SMC Barricade DSL Routers, I believe that the following will work for DirectPlay applications. In the Setup | Advanced Settings | Special Application menu, use 47624 TCP as trigger, then 2300-2400 ports as "public ports" these are both TCP and UDP so you may need two lines to do this. And don't forget to click enabled. If you intend to play on the MSN Gaming Zone you also need to trigger on 6667 and open 28800-29000.
SMC7004BR, SMC7004WBR, 7008BR
I believe that some routers (7004BR, 7004WBR, 7008BR) firmware has an option for "MSN Gaming Zone" in the Special Applications menu. Copy to an unused slot and enable that.
I have yet to get a confirmation that this method works.
The Demilitarized Zone (DMZ)
Because DMZ exposes all ports it is inherently less secure. I recommend that you use DMZ only if other methods fail. You should use other means to protect the machine from compromise.
I don't believe that you can forward a range of ports with the Barricade Routers. So, you will have to put the machine you wish to play in the DMZ. Don't forget to remove the machine from the DMZ when you are done playing as it exposes that machine and thus your entire network to a potential intruder.
The DMZ
Because DMZ exposes all ports it is inherently less secure. You should use other means to protect the machine from compromise.
According to SOHOware's FAQ, Enable the DMZ Features, of the web configuration screen. For example, if your computer's IP address is 192.168.10.20, enter the IP address onto DMZ setup page.
Remember also that, You can only open ONE (1) computer at a time.
- Browse to the router. http://192.168.1.1
- Login. Default username is admin and default password is 1234.
- Under Setup go down to Advanced and find DMZ.
- Beside Enable DMZ check Yes.
- Enter the private IP address of the machine you wish to play on beside Uses the current public IP address acquired from your ISP.
- Click Save
- Click Restart
