Help with firewall

[MalevolentLight]

Anyone know how to get around firewalls? it's a linksys router I'm using and it's a hardware firewall.

[War4ever]

dr. spike should be able to help you, hes poly's guru router

[Graag]

lol, I just bought a linksys router... still havent got the damn thing working.

[Graag]

I have actually configured my router with NTL broadband in the space of an evening! Anyone in the UK who has ever used NTL will consider this an achievement.

[Alexander's Horse]

Use a second computer Eyes.

[DrSpike]

Eyes: You need to open and redirect packets arriving on port 4993 to your machine. Otherwise when you host the client will return data, it will get to the router, and it will be blocked, and not know where to go anyway.

You will need to know what IP the router has assigned your machine on the LAN, and the external IP of the router (this is probably static, but might change from time to time depending on your ISP). Then you need to go into the router configuration utility (probably browser based) and look for things like port redirection, or network address and port translation, anything that sounds like that. Then tell the router to forward all packets arriving externally on port 4993 to whatever the internal IP of your machine is.

In the meantime you can of course play games (when you are the client the connection is made outbound and the firewall will not block the packets, and will know exactly where to send them), you just cannot host.

[Graag]

That will be useful for me also, thankyou good doctor.

[DrSpike]

Quote:

Originally posted by Graag That will be useful for me also, thankyou good doctor.

You're welcome.

This time I'll think ahead and save my post above, since this question comes up all the time.

[Graag]

Good thinking, and while we're on the topic do you think I should properly configure all the firewall security business?

[DrSpike]

Well if you have a firewall on your router it shouldn't need any further configuring other than to open the ports any games you play use (if you wish to host).

[Graag]

Jolly good. Are there no other security worries with camble/DSL connections? I'm running some sort of Norton firewall also.

[DrSpike]

You don't need a software firewall as well if you have a hardware one. You might want a virus checker.......though I don't like having them always on, so I just make sure not to do anything stupid and scan every now and again just in case.

[Ming]

Why don't you like having them on all the time?

Mine catches all kinds of stuff that angry apolyton members send me after I restrict them

[DrSpike]

Well I have my mail client and browser configured so that I don't get stung very easily. Coupled with my hardware firewall I'm reasonably secure (there is no such thing as completely secure).

Then every month or so I use an online scanner that updates itself to detect even the newest viruses and strains.

Whatever works for you is fine though, if you use IE and OE a lot (and make yourself unpopular by banning people )you need more protection.

[Ming]

Between Nortons and what my wife added after the last time a pissed off little punk nailed my machine, I'm pretty secure now. But I'm sure somebody will probably nail me again in the future. For "some" reason, I keep pissing people off

[War4ever]

@ the good doctor...ming has more enemies than rival gang members

[DrSpike]

To tell the truth virus scanners that run all the time and update themselves don't take up that many resources now..........my dislike goes back to when they made everything run so slowwwww.

I still think I can notice them running though, and it bugs me. Since I am reasonably careful anyway a permanent checker isn't necessary.......I think they are mainly for people who are prone to do something inadvisable, or for people who make lots of enemies.

[MalevolentLight]

Spike my external IP address is 66.177.177.28 I've set my internal IP address on my computer as static at 192.168.1.103. On the port forwarding screen I've had external ports 4000-5000 forwarded to my internal IP. Protocol TCP was check marked for those ports. For trigger port range and incoming port range I put 4000-5000 does that sound right? SHould this work now?

[Hydey]

Quote:

Originally posted by Alexander's Horse Use a second computer Eyes.

He only uses his second computer for gaming

[DrSpike]

Yeah give it a go.......sounds fine, though you only need 4993 not the entire range 4000-5000.

[MalevolentLight]

Also when I give my IP for them to connect do I use the external or internal IP?

[DrSpike]

External.

Part of the function of the router is that your internal IP is hidden.......all packets look to the world that they came from your external IP. Since inbound connections to your router are prohibited due the firewall it is a nice setup.

This also explains why you can play but not host without the port redirection........when the connection is made outbound your router knows where the packets originated from (before it made it look like they came from the router's IP) and can hence send back any necessary info the other way. But when you host the router just receives some info, and even if it doesn't block it it has no idea where to send it.

[MalevolentLight]

Go on ICQ spike.

[MalevolentLight]

Thanks for the help.

[DrSpike]

Quote:

Originally posted by MalevolentLight Thanks for the help.

So Pandora and the gift of curiosity was sent to earth. Once there, the messenger gods Iris and Mercury brought to Pandora a large box. Pandora was asked to watch it until they returned and warned sternly against opening the box under any circumstances.

Hehe, happy civing.