Routers, ADSL, NAT - Server trouble

J

JackDaniels

n00b
Joined
Apr 8, 2004
Messages
4
Hey i recently got a broadband connection, but my router is driving me insane as i cant host game sessions online because noone can join my games. Please please please [H]elp me, cuz' all is not well in the state of Denmark

As far as i have figured what is required is a NAT entry into my router, and for the clients to the game to use the allocated tcp port which has been specified in the router

But i cant get it to work..
The problem is threefold..
First:
Some say that the NAT entry should read:

set nat add entry [LAN IP] [PORT] [WAN IP] [PORT] tcp

some say

set nat entry [LAN IP] [PORT] 0.0.0.0 [PORT] tcp

Can someone give me the lowdown on how exactly this works... make me understand.. please :)

secondly:

Im having trouble deciding my IP's. I know what my WAN IP is, and what IP my computer has on the LAN. But then the router has an IP aswell aswell as a subnet IP and so on and so forth...

thus im stuck with 4 ip's (192.168.1.1-192.168.1.4) and dont know which one to reroute in my route so to speak...

Third:
is only a tcp port required or is a udp also required?

AND LAST, THE [H]ardWare LOWDOWN
Cisco c677 Router
Win XP
ADSL with static IP

Lastly let me just say that, having been gone quite awhile, it great to be back where we rock hard and tweak [H]arder
 
I was going to read and pass by, but you quoted Hamlet, so I'll take a look and see what I can figure for ya :D

Problem:
1) Cicso routers and switches still use command line input. That's gonna be fun.

2) Dell switches use command line AND GUI/Html type, and they used to sell Cisco, but developed their own switches ( strikingly similar :D). 2224 (10/100 with 4 ports, switch) for like $69.

That unfortunately I cannot help you with.

Basically, the router should be assigned the WAN IP of your ADSL line, as well as the main IP for the LAN. The only IP you need will be the local one. All you're doing is making a local port from you computer an open port on the WAN line as well.

Local IP (192:port) WAN IP (same, or different port). That will reroute anything outside (wan ip: port) to (local ip:port).


I believe only TCP is required, but I have had trouble with some devices in the past needing both -- I think that's just certain brands -- you may as well have both to make sure.
 
Thanks a million... I suppose classics are called that for a reason.. Besides, when u live in Denmark, Hamlet is like getting handed gold buillions on a silver platter so to speak.
 
I have a Cisco 2621 and I used NAT to map some of my systems. The command I used is:
ip nat inside source static <privat ip goes here> <public ip goes here>

I used a number like 10.122.7.34 for my internal.

This just maps a public ip to an internal one. In this case you will need to have a couple of static IP's (one for every internal connection.)

Then you want to map what ports you want to let through. Like this:

access-list 104 permit tcp any host <external ip> eq www log

You can replace the www with a port number if you wanted to. The log just means it logs the info, if you don't care about logging then leave this out. You will also need to have the serial and ethernet ports set correctly to do NAT. I am in no way an expert in Cisco equipment. I do need to study it someday but I don't have time right now. I am not sure if www.tek-tips.com has a forum on Cisco but it would be worth a try.

My serial interface is set like this:
interface Serial0/0
ip unnumbered Loopback11
ip access-group 102 in
ip access-group 1 out
no ip directed-broadcast
ip nat outside
no ip mroute-cache

One of the FastEthernets is set like this:

interface FastEthernet0/0
ip address 10.125.1.1 255.255.255.0
no ip directed-broadcast
ip nat inside
full-duplex

Hope this helps,

Zych
 
Thnx for the feedback,.. the command interface for mine is different but the basics are supposedly the same.

Ive pretty much gotten hold of how to make a NAT entry, but when i test it by running a test client it returns an 'error/reset' on that port ID. this is ofcourse better than before when it did a timeout because of the stealth firewall, but still.. im guessing this isnt right

Anybody got a lead for me?
 
You must log in or register to reply here.
Back
Top