rec.autos.simulators

I just got a Lynksys router and can't figure out the firewall for hosting GPL.
No matter what I do, disable the firewall, place my machine in the DMZ, no
pings show up on VROC.  I think I understand the open ports thing, do I do this
under the tab "port forwarding"?  Do I have to disable DHCP and assign IP
addresses on my network?  I've played around with it quite a bit but find the
documentation lacking.

TIA

Don McCorkle

I have the same problem with my router, it's very capable but extremely
complex to configure.

You don't need to use the DMZ, disabling DHCP shouldn't be necessary but
imo for a small network disabling it means one less thing to worry
about.

When you set up the rules make sure you enable 'stateful inspection' or
whatever your router calls it. Basically this means that the rule works
in both directions.

As far as ping is concerned, bear in mind that on vroc you won't get a
ping from yourself, since you are on the same IP as the gpl server. Mine
occasionally shows a ping of 10 but that's local not via my ISP, I have
no idea whether other people can ping it unless they tell me ;-)

Malc.

I had to enable ICMP (ping) on the WAN side.  Its been years since I had a
Linksys and I dont recall the wording but check under "security" "ICMP".

Mitch

I disable ping echo reply on my D-Link DI-604 router and haven't had
any problems with MP games yet. It has a *** mode though and I have
it set to that. I don't know what *** mode does exactly but it all
works fine so I leave it alone. I just know it's not a good idea to
allow ping echo reply if you want to be more secure.

I havent a clue what "*** mode" is but it's obviously giving some kind of
reply to the clients.  If security is that important to ya then I wouldnt be
hosting anything anyway :)

Go to the DHCP client table to verify what is the internal ip address of
your computer.  If you have just the one computer it's probably
192.168.1.100 . then go to advanced, then forwarding. Fill in the info for
GPL as to the port number range to be forwarded. I don't know what GPL is,
but N2003 is 32766 - 32809. Put a checkmark under protocol tcp, make sure
the correct dhcp ip address you checked before in the ip address box, check
enable, then apply.  That's it.  The correct ports for GPL is either in the
book or listed on some websites.  Someone in this group probably knows them.

I don't host games. I've tested it at Shields Up and it doesn't give
any reply to pings. I guess I should disable the *** mode and see
if I can still play MP games. I still have a software firewall running
too and don't trust security just to the router.

You need to forward UDP/32766-32786 (maybe more, I'm not sure
what happens if you have many clients that keep connecting and
disconnecting. You need one port for active client, but I'm not
sure how the ports are reused for disconnected clients.
That forwarding is in "port forwarding" tab (surprise, surprise).
Watch out that it is UDP, not TCP. In the port forwarding you need
to specify to which IP forward requests to this ports. This has
to be the address of your GPL machine which may change if you use
DHCP. To avoid this problem, set static IP on GPL server machine
(for example, 192.168.1.100) and define your forwarding rules for
this address. Leave DHCP enabled for your other computers on the
network, but exlcude 192.168.1.100 from DHCP allocated range.

In your software firewall allow GPL to accept incoming UDP
connections on the same ports (32766-...).

This will allow you to host. You don't need DMZ (and it's safe
not to be in DMZ anyway) for that.

Whether the pings in VROC will show
up or not I am not sure. Further, I'm on thin ice. Some ISP block
ICMP packets to end users, in which case there's no solution. In
this case you won't get pings even if you host without router. If
it's not the case, that means the router blocks ICMP. To solve it
you'd need to enable "forward ICMP packets to 192.168.100", but the
problem is that I don't see such an option in setup of my router.
Maybe other models are different. But in any case, you don't really
need to have pings working for successful hosting.

Alex.