PDA

View Full Version : which ports to forward? error message [Resolved]



ozzo
30th Jan 2007, 14:02
hi,

can people who are behind a router list the ports they've forwarded and successfully hosted from?

No matter which ports i forward (tried TCP/UDP 13824 2302 1024 1042 6500 6515 13139 27900 6667 3783 28900 29900 29901) I get the following error message: it occurs shortly after i have clicked on 'create'. It says 'registering server' or something to that description, then it says:

http://img142.imageshack.us/img142/2091/errorom3.th.jpg (http://img142.imageshack.us/my.php?image=errorom3.jpg)

I have a software firewall which i have disabled from services (no previous trouble), still no luck.

I have the option to enable inbound logging on my hardware firewall, i.e. turn it on, click on 'create' wait to see if anything external is trying to contact the server and hence will end up in the log. unfortunately nothing. So that leads me to believe the problem is internal i.e. not related to the ports im forwarding, but something else.

unless i missed the stickies, they seem to suggest how to forward ports, rather than what ports to forward. this post here also helped with the above list of ports that i've tried: http://forums.eidosgames.com/showpost.php?p=612799&postcount=5


In a few moments I'm about to try hosting with a direct connection to the internet (no nat but software firewall) so that should add some weight to either side of the problem.


any help/thoughts is appreciated!

MaxKarnage
30th Jan 2007, 14:14
Shamelessly lifted from Gamespy's site.

Working Around the Firewall / Proxy

If you are behind a firewall/proxy and are able to change its settings, Arcade needs the following TCP ports open in order to function:
6667 (IRC)
3783 (Voice Chat Port)
27900 (Master Server UDP Heartbeat)
28900 (Master Server List Request)
29900 (GP Connection Manager)
29901 (GP Search Manager)
13139 (Custom UDP Pings)
6515 (Dplay UDP)
6500 (Query Port)
University Internet connections - Universities usually protect their networks with firewalls. In most cases these cannot be opened by you the user. You'll have to consult a technician at your University to see if a workaround is possible. It might be necessary to open more ports in order to run certain games. Also, please not that this is a list of recommended ports. It does not mean that your particular firewall will be easy to configure. Please consult your firewall/proxy manufacturer for detailed instructions. In reality, getting Arcade to work on certain restrictive networks may even be a little harder than opening these ports. DirectPlay games in all likelihood will not launch properly at all.


Disabling firewalls will not work
Unfortunately, in most cases, firewalls/proxies cannot simply be disabled in order to allow you to use Arcade and your game. Disabling the firewall / proxy will not open the necessary ports. It will simply shut down the firewall/proxy and leave the ports closed. Also, many factors may conflict with your firewall: Internet Connection Sharing, the use of more than one firewall, or your operating system may all cause conflicts that keep you from enjoying Arcade. To work around these issues, you will need to consult the manufacturer of your firewall/proxy.

Special notes to Windows XP users:
Windows XP has a built-in firewall. If you are using 3rd party firewalls/proxies with Windows XP, you will have to consult both the firewall/proxy developer and Microsoft to determine their compatibility with one another. You will also need to speak to your game's developer in order to determine the game's compatibility with WindowsXP, its firewall and your 3rd party firewall/proxy.

Many broadband service providers are reporting an incompatibility between Windows XP and some high-speed modems. Please consult your Internet Service Provider to ensure your Windows XP compatibility with their modem and software.

Firewalls

GameSpy Arcade is 100% reliant on your Internet connection being fully functional. The same holds true for any games that you want to play online against other people. Firewalls and proxy servers are designed to block your Internet connection in order to minimize the chances that your computer will be accessed (or hacked!) by "unwanted visitors." They also have the unfortunate side-effect of disabling many of the things you might want to do online -- like play games -- since these activities depend on your PC making an unimpeded connection to other computers. Therefore, if you are using a firewall or proxy, Arcade may not function properly nor will you be able to download and install all of the files that you need in order to use the software to play games online.

Connecting to different places online requires access through "ports" in your PC's Internet connection, and firewalls and proxies will close certain ports for your protection. This is not always necessary, but you as the firewall/proxy owner are the only one who can open those ports. We can't do it for you - but we can give you some tips on how to configure your firewall / proxy to allow Arcade to work properly.


What is a firewall or proxy?

Firewalls and proxies are software programs or pieces of hardware designed to protect your computer and/or network from Internet intruders. Some of these are:
Windows XP Firewall
Norton Internet Security
Tiny Personal Firewall
Zonealarm
Sygate (proxy)
Wingate (proxy)
Internet Connection Sharing aka ICS - provided by Windows 98SE and higher (proxy)
Linksys Routers (hardware firewall)
D-Link Routers (hardware firewall)
Cisco Routers (hardware firewall)
Disabling / Setting Permissions on Specific Firewall Programs


We do not recommend disabling your firewall. Disabling it will not make it open up the ports it has already closed. Instead, you need to configure it to allow access to Arcade. This is usually called "giving permission," and can be accomplised quickly by following these steps:

Windows XP Service Pack 2 -- The built-in firewall that comes bundled with Windows XP will affect two areas of your Arcade experience: 1) Arcade itself (including the login process, using PlayerSpy, chat, using the Download Manager and playing games) and 2) Hosting any parlor or peer-to-peer games. In order to use Arcade and play games properly with Windows XP, you should follow these steps:

1) Unblocking GameSpy Arcade During Login: Click the "Unblock" button in the Windows XP firewall prompt the first time you attempt to log into Arcade atfer installing Service Pack 2

2) Unblocking GameSpy Arcade via Control Panel: If you forgot to click "Unblock" in Step 1, or if you want to be ahead of the curve, you can configure the XP firewall to unblock Arcade via the Windows Control Panel. To do this: Click on Start > Settings > Control Panel > Windows Firewall. In the Windows Firewall menu, Click on the Exceptions tab. If GameSpy Arcade is not listed, Click on the Add Program button, find GameSpy Arcade on the list of available programs and click the OK button.

3) Unblocking Your Games: This can be done in one of two ways: a) Either wait for Windows to prompt you to unblock the game and click the Unblock button (this usually happens the first time you attempt to host a game after installing Service Pack 2, or; b) Use the Windows Control Panel to add the game to your list of Exceptions, using the same method listed in step 2 above.

4) Unblocking Ports: You can take the unblocking process a step further by instructing Windows to open the Firewall to all ports used by GameSpy Arcade and most of its supported games. To do this: Click on Start > Settings > Control Panel > Windows Firewall. From the Windows Firewall Menu, click on the Exceptions tab, then click on the Add Ports button. From the Add Ports Menu, enter a port from the list of ports at the top of this Arcade support page. Be sure to indicate whether this is a UDP or TCP port (the list above should indicate which it is).


Black Ice - Set the security level to low.


ZoneAlarm - The best course of action for ZoneAlarm, in our experience, is to make sure it allows your online applications. Make sure that, when you open Arcade and ZoneAlarm alerts you that Aphex.exe is trying to access the Internet, you allow it to do so, and check the box to "remember this application." It will ask again later if you want to allow the downloading of config files. Again, tell it to allow it and remember. You can still leave ZoneAlarm on medium to high security. But don't forget that it will also want to ask for your permission for each and every game you play the first time you start it up. If not told to allow your game and remember your settings, you will again encounter difficulties.

Alternately, but less effective, set ZoneAlarm to recognize Arcade as a part of your Local Network and set both local and Internet settings to "Low."

ozzo
30th Jan 2007, 14:40
What is Arcade? is it some program you need to use in addition?

FWIW, those ports are forwarded, as denoted by the list I displayed/tried.

...and being lazy i just forwarded both TCP & UDP.

No outbound blocking is inplace.



As per my previous post, the test with a direct connection worked, no error message was displayed.

A further test shows that the data is received through the port forwarding of UDP 13824 (i.e. correctly done) to my machine on the lan, before it fails with that error message.

Slim Vision
30th Jan 2007, 19:21
I've got the same sort of issue as you (except the error I've got is to do with not receiving challenge data from the master server). I'm under the impression the ports listed in the readme (and subsequently that gamespy arcade website) are wrong or incomplete. I used a tool to find out what ports the demo was actually using, and it came up with a TCP port "28910" which is not listed on the website or in the read me.

Now I originally tried to use this port tool to find out what ports the demo used myself as I had doubts on the given port list's reliability. But I couldn't figure out what UDP ports were being used so I came to a dead end. I'd like to know if people here who can host games with no trouble use a router to connect to the Internet though or a direct connection (with software firewall).

EuT.be
30th Jan 2007, 19:39
Nah, you totally dont need the Arcade, that's just a suck ass program which gets beated by Qtracker if you seek internet games and all others. The only good thing it offers is managing your GameSpy profile.

You basicly need to forward for sure the next ports:

TCP:
27900
28900
29900 - 29901

UDP:
6500
6515
(13139)
(1024 - 1042)
(2302)

( ) = Only forward if still encountering problems

I've setted these forwards on my Modem and router and since then I'm capable of hosting games on my DSL 6Mb/615Kbps connection!

Slim Vision
30th Jan 2007, 19:46
I see you've go port ranges, makes sense, shame they didn't mention that in the readme but meh... I shall try them now and see if I can host.

Edit: Having said that might I ask where you came up with port 1024 seeing as it's not listed in the readme or on the website?

Seclude
30th Jan 2007, 19:54
When trying to host games, i've gotton a random number of "need this port open" of ports between 1012, and 1042. it's random every time almost.

Slim Vision
30th Jan 2007, 19:59
Weird. Well I tried forwarding the ports you suggested and just this minute tried hosting a game and it still didn't work, chucked up the same error as always (something about not receiving challenge data).

I found I can actually play on servers fine when I have no ports forwarded at all. I just can't host. Someone pointed out to me though that to join a game forwarding might not be necessary anyway.

Seclude
30th Jan 2007, 20:01
Port forwarding has never been a common need in games for joining. it depends on the hardware and the game's network design.

Slim Vision
30th Jan 2007, 20:12
Mm. This game (well the demo at least, or I hope it is only the demo) doesn't like my router obviously, not for hosting anyway.:mad2:

Seclude
30th Jan 2007, 20:15
I'll be mad, mad if they don't fix the issues. I cannot host with my router either, only join games. However I can host on a direct connection just fine.

ozzo
31st Jan 2007, 03:50
Thank you, EuT.be, I will try that shortly. The range of 1024-1042 was something I didn't have


Slim, I encountered that error during testing as well. However, it was something along the lines of once i forwared 13824 , or 6500 or 6515 (can't remember which) I then decided to just deny the popups from the software firewall (just for fun..) and it popped up with that same error.

Once I redid it and selected permit the traffic, it just fails on my original error message, about 13824 not being open.

I still do not understand though, I had the hardware firewall set up to log any incoming data which didn't match my defined rules.... hence if there was any inbound data that was blocked, it should have come up in the logs when I clicked that 'create server' and when it subsequently fails with error message.

ozzo
31st Jan 2007, 05:34
Fiddle sticks..

I went through everything again and noticed when creating server, MS directplay tries to connect to UDP 1900 on your gateway if youre behind NAT, which seems to be for UPnP.

I don't have UPnP on my router, so that might be why.

EuT.be, is your DSL modem-router UPnP enabled?

sincraft
31st Jan 2007, 05:45
you must download gayspy arcade to play. You then will have to match up your nickname, password, email and callsign or whatever they call it IE: Sin "I think this game sucks" craft " " is the callsign or whatever they want...otherwise you wont be able to get in.

Be sure to download the gamespy arcade and fiddle with that and get into games.

If you click on the game itself and still cant connect, follow that page someone posted from gamespy with router settings.
Be sure to set TCP on all of the ports, and BOTH for any mention of UDP. BE SURE TO ENABLE THE PORTS as many people populate the information needed but dont ENABLE the ports thus, making it useless and inactive.

If you are sitting behind a router, a firewall is pretty much silly. If I wanted to get into your system, I would need to get into your firewall / router. Hopefully you aren't setup with default pass etc. I mean don't get me wrong there are ways around that, but do you think zone alarm or anything like that hasn't already been worked around for cracks/hacks the day it was released..even the newest versions? So why run them, they just cause issue. Unless of course you are using it to protect YOUR pc from YOUR doing such as allowing malicious applications from leaving your computer or things that may have been downloaded to your computer while you were visiting not so ethical sites (aka pr0n).

anyway. The software firewalls OFTEN DO NOT shutdown when you tell them to shut down. Many have sentry's running so you have to be sure that it is completely shut down. Another way to make sure is to go into services and disable it from starting up, then stop all the services the go with that application or reboot...then try to fire it up.

If still no go, start all over you missed something.
GL the game isn't worth the work however...

ozzo
31st Jan 2007, 07:51
are you sure about that? I can play fine without it.

ps. the software firewall is to monitor outbound connections.

pps. when i connected my computer directly to the net, i.e. behind no NA(P)T, i was using the same software firewall. and this is when i could host fine.

(by directly connected to the net i mean computer running a PPPoE client >>> bridged ADSL modem >>> internet )
as opposed to
(computer just via LAN connection >>> router with PPPoE client, NAPT, with no UPnP >>> bridged ADSL modem >>> internet)

i think upnp is the culprit, given another thread where people who had linksys routers had to disable upnp to stop it from crashing the router, and just use a DMZ or something i they wanted to host.

Slim Vision
31st Jan 2007, 14:38
My router has UPnP and it's active as well because I use it with Azureus. So I turned it off and, low and behold I no longer got the "challenge data" error, it instead loaded the game room immediately (where as before it took a while), but then it started telling me to forward port 6500. So I did. It continued to tell me to forward port 6500. So I tried forwarding it on both TCP and UDP. It continued to tell me to forward port 6500.

:mad: I'm seriously considering giving up. At the very least I can join games ok even with UPnP on. But even so this is ridiculous and I refuse to turn off my firewall or DMZ my computer, or install that stupid Gamespy Arcade because I simply shouldn't have to do any of those things.

Edit: I don't trust them. I really do think this game's going to be coming out with these exact same problems, and that everyone who had trouble will end up waiting for a patch. I'm not buying the game until I see evidence on here that they fix the issues.

EuT.be
31st Jan 2007, 15:41
You dont need Gamespy Arcade IN NO MATTHER WHAT WAY to host a server. I never used the program and I will never use this program in the future. It's just another spoof to gamers in order to get money! Alternative browsers are most of the times A LOT better then this browser!

My Router is UPnP and my modem is non-UPnP but NAT enabled. I first thought that my router was blocking the signal but seems like I've to set my DSL modem included which did the trick for me. Not to forget that I've set ZAprol to allow connections on these ports. As I dont disable my virusscanner nor firewall!

Yet, it aint my router since the pc I'm hosting from is DMZ'd (best way to host some servers on a stinky D-Link router - The reason I dont disable my firewall and virusscanner) and my modem has the by me listed ports UDP/TCP on forward to my routers IP. I'm also using static ip's in my network

Most important is that for sure, the Ports 6500, 6515, 27900 are forwarded in UDP. 28900, 29900-29901 in TCP! Eventually, those other ports when encountering problems, if needed, boot the router/modem. (if still not, ask your ISP if they arnt blocking ports/signals or if your modem has some kind of build-in firewall)

Dont forget, these ports only needs to be forwared if you're willing to Host, be sure, that if you're behind a router that you dont discard WAN pings as SPI is not needed! UPnP for this is not needed because I didnt noticed these changes.

In this case, if you cant host a server and live in Europe, then you're always free to join my Host named "Big Bad Team". my 6Mb/614Kbps DSL connection runs this host very well and never had complaints of high latency's.

Did I mentioned that I succesfully hosted a server on a Linksys BFSR41 router w/o UPnP enabled and the same ports I've mentioned.

ozzo
31st Jan 2007, 15:48
I give up for now. Perhaps the full version will a better workaround for those behind NAPT.

I don't mind having to forward a lot of ports. It's no hassle. It's certainly no Azureus though, using a single port forward to handle many, many connections.

ozzo
31st Jan 2007, 16:22
Dont forget, these ports only needs to be forwared if you're willing to Host, be sure, that if you're behind a router that you dont discard WAN pings as SPI is not needed! UPnP for this is not needed because I didnt noticed these changes.


Yep, understood - I want to host though because I can hardly find any local servers. Yep to WAN ICMP. I don't block it at all as I believe it does more harm then good.



Did I mentioned that I succesfully hosted a server on a Linksys BFSR41 router w/o UPnP enabled and the same ports I've mentioned.

Interesting... it means it can be done. Makes me want to find the problem again...

Thanks for your help.

EuT.be
31st Jan 2007, 16:35
Interesting... it means it can be done. Makes me want to find the problem again...
Well, I'm having more problems forwarding ports and stuff on a D-Link router then a Linksys router. As I never found D-Link good enough for networking in general imo. Though, I've been using Linksys for 6 yrs (2 yrs linksys BEFSR41 @my dads home, latest 4 Yrs BEFSRW41X DSL router-modem) and very recently the D-Link router. I'm thinking of returning the D-Link router and get me a Linksys router back again. As I dont see where the problem is with these linksys routers!

Just Ozzo, try contacting your ISP about possible blocking signals and check your modem if this has a ACP (Most modems have a Admin Control Panel lately). If you've set your router well and allowed the ports in your Firewall (doesnt has to be UPnP) then it must be on the WAN connection.

MaxKarnage
31st Jan 2007, 17:16
Nah, you totally dont need the Arcade, that's just a suck ass program which gets beated by Qtracker if you seek internet games and all others. The only good thing it offers is managing your GameSpy profile.

You basicly need to forward for sure the next ports:

TCP:
27900
28900
29900 - 29901

UDP:
6500
6515
(13139)
(1024 - 1042)
(2302)

( ) = Only forward if still encountering problems

I've setted these forwards on my Modem and router and since then I'm capable of hosting games on my DSL 6Mb/615Kbps connection!

BTW I don't run Arcade either, they just were more specific about it being TCP, not UDP ports to open. The ports they list is needed for the game to connect to your acct. I'm at work so I can't verify but I'm pretty sure everything listed port wise is set to TCP, not UDP and it works fine now.

EuT.be
1st Feb 2007, 06:15
Well, the 3 mentioned TCP ports are ports to show your server in the server list and to connect on. Sertainly ports 29900 and 29901 are the Gamespy master servers.

The 2 UDP ports are the ports where all server data is sended through. The other UDP ports I'm not sure off, but if I block forwarding/triggering on these ports I'm not able to host.

It's somewhere listed on gamespy's site for what all ports are needed. But those listed by me I sertainly needfor succesfully hosting.

Slim Vision
1st Feb 2007, 13:04
The only TCP ports netstat showed the demo as using were 6667, 29900 and the elusive 28910. All the rest were UDP.

ozzo
3rd Feb 2007, 06:50
OK, using a different router I've found this:


Using UPnP, you need only forward UDP 6500. That's it. At least for me, using this different one (which has UPnP).

Disabling UPnP, I needed to forward UDP 2302, in addtion to UDP 6500. That's it.


Either or method, I can host 8 people fine (*praises 1Mbit upstream*)

Seclude
3rd Feb 2007, 14:37
OK, using a different router (Which I shall not post!) I've found this:

it's one of those magic moments where you're supposed to post the router name and model number for reference.

ozzo
3rd Feb 2007, 14:42
well i doubt there's many people so i didnt post it, but okay. a PC, with two NICs running m0n0wall. (was also going to find out the exact cause and fix before posting that, but just to satisfy your curiosity!!)

Update:

At the moment, it's looking like this:
If you have plain NAT, port forwarding works fine. If you have UPnP, it's even easier. It seems necessary to manually portforward UDP 6500 though.

If you have stateful packet filtering (/SPI) there may be issues - at least, that's the only lead I have with my problem in this thread. If anyone else has a firewall of a similar nature I'd be interested to hear if you have problems hosting from behind it (yet have no problems hosting other games).

Slim Vision
5th Feb 2007, 19:12
When I turned UPnP off, the game stopped with the whole "no challenge data error" but it kept asking me to forward port 6500. Although when I did it wouldn't work, just kept asking me to forward 6500 even though I had. However, when I had UPnP on, I had already tried forwarding port 6500 and I just kept getting that challenge data error. Shame I had to remove the demo to make room for a DVD image really otherwise I'd have another go in case I missed something.

For the record my router's a 3Com 3CRWDR100A-72. Just as soon as I have this DVD burned to disc I'll re-download the demo and try it again...

Edit: Okay, so I just spent the last 5 hours downloading the demo, again, because my net connection decided to slow right up right at the point I decided to download it. Anyway, it finishes, I install it, I open open up port 6500 expecting to sail on in there enter my login info and try and host. Or so I thought.

I got to the login part, and it amazed me to find it chucking up could not connect errors. Now, considering I had exactly the same setup before with exactly the same login info and it worked AOK then, it strikes me as odd that it won't now. "What the hell" I figure. "Just a glitch" I figure. "I'll do what I did the first time I couldn't create/login, I'll DMZ my comp and turn the firewall off." Now the first time I tried when the demo was released, this solved the registration problem. And after that I was able to login, even without any ports forwarded.

So I DMZ my computer and turn the firewall off. And... I get could not connect errors. Again and again and again. I quite the demo, re-ran it, and tried again. No luck. Re-ran it again. Still no luck. So not wanting any more hassle, I uninstalled the bastard. Quite simply put it was taking the fecking piss. Nothing was different from when I was logging in before, I know the account info was correct because I damn well wrote it down and its been sitting beside me on a piece of paper ever since. I had no ports forwarded before and it logged in perfectly fine, so why the hell wouldn't it now?

I don't care why not. This game gets a thumbs down from me and shall never sit beside my other games on my shelf. It's a shame, a real shame, and to think the problem is likely so simple too and right under my nose but I don't care, it pissed me off so, screw it. At least other people fixed any issues they may have had with it and are now enjoying the game. I don't know what I was apparently doing wrong but I've accepted I'm doomed from the start and I was silly to think I might be able to fix these stupid issues. Whatever is wrong, be it the game, me, my poxy router, the game doesn't work, so while everyone else enjoys it, I certainly won't be. /rant

EuT.be
6th Feb 2007, 07:29
I dont get how you guy's are ending up with errors for hosting a game.

All I have is:
NAT enabled => This does the trick I think!
UPnP enabled => The game doesnt use it at full, yet, it's there?
SPI Disabled => How can a game have Statefull Packets?
Correct Port forwarding => How else would your router know where to be?
DMZ on the router but I do have to set my modem

The images will tell you:

First point one, Modem Setup -> Advanced NAT Configuration
(eg: Port Forwarding to router, forward what needed)
http://home.scarlet.be/degangthierry/img/BSM_Advanced.NAT.configuration.gif

First point two, DMZ PC on router
(this because I cant place all games rules in it due to limitations :()
No image required, you should know how to DMZ your pc I guess...

Second, Firewall setup -> Advanced Program Rules, defining what necessary
(to allow connections between the ports)
http://home.scarlet.be/degangthierry/img/BSM_Advanced.Firewall.configuration.gif

If I check my LAN interface for UPnP, I only see 1 port listed that's using UPnP for BSM, though, the game doesnt use it but still it's there listed and it totally aint a port the game needs... weird I would say!

Yet, I've found out, when UPnP is disabled, the game seems to CTD less or return to desktop w/o crashing.

So it must be the NAT that my modem is using to allow these connections.