Ventrilo Tech Support

Ventrilo Tech Support (http://forum.ventrilo.com/index.php)
-   Server (http://forum.ventrilo.com/forumdisplay.php?f=8)
-   -   Problem with incoming conns on a bit more complex network. Any help is welcome. (http://forum.ventrilo.com/showthread.php?t=41379)

Holchr 01-13-2010 05:26 PM

Problem with incoming conns on a bit more complex network. Any help is welcome.
 
Okay, I have a slightly more complex network at home so this is what is my problem, others can't connect to my server. Now is there something I missed or setup wrong or is there something more i should've set up.

Here is my network configuration and my server configuration.

[Server]

Name=MyServer
Phonetic=MyServer
Auth=1
Duplicates=1
AdminPassword=
Password=*******
SendBuffer=0
RecvBuffer=0
Diag=0
LogonTimeout=5
CloseStd=1
TimeStamp=0
PingRate=10
ExtraBuffer=0
ChanWidth=0
ChanDepth=0
ChanClients=0
DisableQuit=0
VoiceCodec=0
VoiceFormat=1
SilentLobby=0
AutoKick=0


Now for the network i'll try to draw it.

PC 1 (my pc) (VentSrv)
192.168.1.10
|
| PC 2
| 192.168.1.20
| |
| | PC 3
| | 192.168.1.30
| | |
| | |
xxxxxxxxxxxxxx
192.168.1.1
ROUTER 1.... Ports forwarded for tcp/udp to PC 1
192.168.0.10
xxxxxxxxxxxxxx
|
| IPTV
| |
xxxxxxxxxxxxxx
192.168.0.1
ROUTER 2.... Firewall down entirely
dynamic IP
xxxxxxxxxxxxxx
|
ISP


I can't seem to get down to the issue but it's not working. Internet access works nice and everything, and some other apps that need port forwarding also work fine.

Prog-Rocker 01-14-2010 04:41 PM

cool drawing. easy to follow.

you need to configure portfowarding on router 2

Holchr 01-15-2010 12:03 PM

I can't port forward on the router 2. As i drew, firewall is entirely off in the router 2 thus rendering port forwarding obsolete. tried some more stuff but still nothing.

mjgraf 01-15-2010 02:57 PM

firewall does not matter. router 2 is the first NAT point for incoming connections.

Wolfric 01-17-2010 03:22 AM

when someone tries to make a connection into a service on [PC 1], the steps it needs to goes through are as follows after entering the network from the ISP:

External to your network: Dynamic IP -> Entrance to [Router 1] on port XXXX

[Router 1] needs to tell packets where to go. [Router 1] needs to be told to send traffic on that port to 192.168.0.10 ([Router 2]'s ip on that subnetwork)

Leaves [Router 1] to enter [Router 2] on port XXXX

[Router 2] as you say is configured to forward anything received on port XXXX to 192.168.1.10 - [PC 1] within that subnetwork.

without telling router 1 where an incoming connection needs to go, they will be ignored completely

options:

Port forwarding (which is not necessarily a part of Router firewalls)
Enable port XXXX to be forwarded to [Router 2]'s IP on that network (192.168.0.10) from within router 1

OR

Configure DMZ on [Router 1] to point to 192.168.0.10 (Router 2's ip on that subnetwork) - this will forward all incoming traffic to Router 2, removing the need for configuring port forwarding for any additional apps



a possible reason other applications that 'require' port forwarding work while others don't is possibly their implementation of NAT - some programs may be able to take care of the port forwarding themselves through [Router 1] if it allows them. not all applications can do this.

Mindscrew 02-02-2010 04:45 AM

Fios?
 
I have a quick question for you.

Do you have FIOS?
if you dont have FIOS just disregard this post.
And i applogize ahead of time for spelling/grammer mistakes. I am tired however i came across your thread and wanted to help.

For a more indepth guide scroll to the bottom and check on my links (highly advised)

If your answer to the above question is "Yes", I have a easier method that will eliminate the double NAT that you currently have configured.

I have the same setup FIOS with fios TV. Just so you know a little about me i have am minor in Computer Networking and im working on my bachelors in network security.
I have many servers that i run at my house so when i switched over to FIOS, as you can probably imagine the double NAT cause many issues for me.

What you are trying to do, will be 100% easier if you do the following.

Basically right now your internet and all that is probably setup using the MoCA connection (Media over coax). Basically in lamens terms, you have a box on the outside of your house called a ONT that your fiber line comes into. From there, the ONT throws all of your ethenet traffic on the cable coax throughout your house. That is what makes it possible for your TV set top boxes to get video on demand and TV guide informtaion. You also have a "router" that plugs into the COAX connection, and provides a wireless/wired connection to your computers for internet.

Inside of the ONT you will have a coax output and a cat5 ethernet output. Basically what you need to do is run a cat5 cable from the ONT on the side of your house, to Router 1. This is the router that you are trying to port forward all of your stuff through. You will need to call verizon and tell them that you would like to change the media type on your ONT from media over coax, to cat5 ethernet. Then that cat5 ethernet that you ran from the ONT to router 1 get plugged into the WAN port of that router. Basically what you are doing, is making Router 1 the most forward facing router in your network so that when you get a connection request form the outside, it gets routed correctly. Now as far as Router 2 goes (the one with the coax connection) YOU WILL STILL NEED TO HOOK THIS ROUTER UP!. Basically what you are going to do is hook up Router 2, off of Router 1. So bascially, backwards from how you currently have it.

The reason you need to do this is because the Router 2 is how all of your TV's set top boxes get there TV guide data and there video on demand. If you dont hang router 2 off of router 1 then your TV's will not function correctly.

Now its better to do it this way because you are not trying to forward special ports for your television. However you are trying to forward ports for other things in your house. By making router 1 your forward most facing router, it will eliminate many of the port frwarding problems you are having right now.

Here is a link to a more in-depth How-To to get it done. i would be happy to write it up for you however its 1:40 in the moring and i have to work at 8am :P

Here is the basic HOW-TO for your current setup. Keep in mind there is 4 parts depending on what services you currently have installed (example: Mediashare DVR)

http://www.dslreports.com/faq/15990 (this is the main How-to)

For some FAQ's and more info...

http://www.dslreports.com/faq/verizo...3.0_Networking


I hope this helps make things a little bit simpler for you.
I will check this thread tomorrow and look it back over to make sure i didnt miss anything important. Its late and im tired :P

Mindscrew 02-02-2010 07:44 PM

Here is your picture revised to show how the network would look when you eliminate the double NAT.

(i shouldnt say eliminate because what you are actually doing is just moving the double NAT to a side of the network that works correctly with it, without the configuration headache.)

PC 1 (my pc) (VentSrv)
192.168.1.10
|
| PC 2
| 192.168.1.20
| |
| | PC 3
| | 192.168.1.30
| | |
| | |
| | |
| | |
| | |
| | | IPTV
| | | |
| | | xxxxxxxxxxxxxx
| | | 192.168.0.1
| | | ROUTER 2
| | | The WAN ip in this will be something like 192.168.1.40
| | | xxxxxxxxxxxxxx
| | | |
| | | |
xxxxxxxxxxxxxx
192.168.1.1
ROUTER 1.... Ports forwarded for tcp/udp to PC 1
DHCP,DNS
xxxxxxxxxxxxxx
| (right here you will have your external IP bound to WAN)
|
ISP


It is OK to double NAT the FIOS router in this situation because it does not affect how tv guide, video on demand, medaishareDVR actually works. This is where it saves you the configuration nightmare of configuring both routers to pass the correct forwarded ports.

I hope this makes sense. If anyone spots a mistake in my revised drawing please feel free to call me out on it.

deadlystryker 03-13-2010 11:52 PM

I have a similar setup, and the same problem. This is my first post, so bear with me. Before I set my network up as defined by MindScrew, can we narrow this down? I am sure I have missed something along the lines of port-forwarding.

Quote:

Originally Posted by deadlystryker
  • AT&T FiOs. Multiple "set-top boxes" running on cat5 cables and coax.
  • Netgear gigabit switch in between.
  • 192.168.1.101 (nate_pc) is my main, this box.
  • 192.168.1.73 (server) running Ubuntu server 9.10. Remote administration of server through eBox.
  • The server is started on boot, in daemon mode (I guess...)
  • I am able to connect from my home network, but others cannot.
  • Outside connections can view my http server at hostname.
  • Ports are forwarded to 192.168.1.73 (TCP/UDP 3784. UDP 6100 after reading threads.)
  • DynDns Open Port Tool shows the port as "timed out", although I did have it show "open" once, but cannot return to that configuration.
  • Nmap shows port 3784/tcp as "tcpwrapped"
  • AIM: Deadlystryker88 best method of contact.

/etc/network/interfaces looks like
Code:

auto lo eth0
iface lo inet loopback
iface eth0 inet dhcp

Through eBox, I have an option of designating my eth0 interface as external.
Quote:

Originally Posted by eBox Administration
Traffic being routed through interfaces marked as external will be NATed. Also, services meant for the LAN users will not be available on external interfaces.

.
.
.
.

Server

192.168.1.73
|
|
| Nate_pc
| 192.168.1.101
| |
| | PS3
| | |
| | | Xbox360
| | | |
| | | | 192.168.1.xxx (another pc)
| | | | |
| | | | | Two set-top boxes for TV
| | | | | |
Netgear 8 port Gigabit Switch Model GS108
|
|
| Main set-top box
| |
AT&T 2Wire Gateway (192.168.1.254 for configuration)
|
|
Hello World

Fonzie311 03-15-2010 12:53 AM

Quote:

Originally Posted by Holchr (Post 146762)
Okay, I have a slightly more complex network at home so this is what is my problem, others can't connect to my server. Now is there something I missed or setup wrong or is there something more i should've set up.

Here is my network configuration and my server configuration.

[Server]

Name=MyServer
Phonetic=MyServer
Auth=1
Duplicates=1
AdminPassword=
Password=*******
SendBuffer=0
RecvBuffer=0
Diag=0
LogonTimeout=5
CloseStd=1
TimeStamp=0
PingRate=10
ExtraBuffer=0
ChanWidth=0
ChanDepth=0
ChanClients=0
DisableQuit=0
VoiceCodec=0
VoiceFormat=1
SilentLobby=0
AutoKick=0


Now for the network i'll try to draw it.

PC 1 (my pc) (VentSrv)
192.168.1.10
|
| PC 2
| 192.168.1.20
| |
| | PC 3
| | 192.168.1.30
| | |
| | |
xxxxxxxxxxxxxx
192.168.1.1
ROUTER 1.... Ports forwarded for tcp/udp to PC 1
192.168.0.10
xxxxxxxxxxxxxx
|
| IPTV
| |
xxxxxxxxxxxxxx
192.168.0.1
ROUTER 2.... Firewall down entirely
dynamic IP
xxxxxxxxxxxxxx
|
ISP


I can't seem to get down to the issue but it's not working. Internet access works nice and everything, and some other apps that need port forwarding also work fine.

PC 1 (Your Server)
192.168.1.10
|
|
|
|
|
|
|
|
xxxxxxxxxxxxxx
192.168.1.1
ROUTER 1.... Virtual Server - IP 192.168.1.10 - Protocol both | Private and Public port 3784
192.168.0.10
xxxxxxxxxxxxxx
|
| IPTV
| |
xxxxxxxxxxxxxx
192.168.0.1
ROUTER 2.... Firewall down entirely- you still need to open the port
dynamic IP.... Virtual Server - IP 192.168.0.10 - Protocol both - Private and Public port 3784
xxxxxxxxxxxxxx
|
ISP



-------------------------------------------------------------------------
Use this
[Server]

// Public Server Details
Name= "YOur SERVER NAME HERE"
Phonetic=


// Admin/Server Stuff
AdminPassword=
Port=3784
MaxClients=8
DisableQuit=0
AutoKick=0



// Client Settings
Auth=1
Duplicates=1
Password=
LogonTimeout=5
PingRate=10



// Quallity Settings
SendBuffer=0
RecvBuffer=0
ExtraBuffer=0
VoiceCodec=3
VoiceFormat=16
SilentLobby=0



// Misc Settings
Diag=0
CloseStd=1
TimeStamp=1



// Channel Settings
ChanWidth=0
ChanDepth=0
ChanClients=0
-------------------------------------------------------------------------
Quality Settings Cods

Codec\Format\Description:
0\0\GSM 6.10 (8 KHz, 16 bit) 1625 bytes/sec
0\1\GSM 6.10 (11 KHz, 16 bit) 2210 bytes/sec
0\2\GSM 6.10 (22 KHz, 16 bit) 4420 bytes/sec
0\3\GSM 6.10 (44 KHz, 16 bit) 8905 bytes/sec
1\0\DSP Group TrueSpeech (8 KHz, 16 bit) 1056 bytes/sec
2\0\Lernout & Hauspie (8 KHz, 16 bit) 600 bytes/sec
3\0\Speex (8 KHz, 16 bit, 0 Qlty) 424 bytes/sec
3\1\Speex (8 KHz, 16 bit, 1 Qlty) 620 bytes/sec
3\2\Speex (8 KHz, 16 bit, 2 Qlty) 865 bytes/sec
3\3\Speex (8 KHz, 16 bit, 3 Qlty) 1110 bytes/sec
3\4\Speex (8 KHz, 16 bit, 4 Qlty) 1110 bytes/sec
3\5\Speex (8 KHz, 16 bit, 5 Qlty) 1502 bytes/sec
3\6\Speex (8 KHz, 16 bit, 6 Qlty) 1502 bytes/sec
3\7\Speex (8 KHz, 16 bit, 7 Qlty) 1922 bytes/sec
3\8\Speex (8 KHz, 16 bit, 8 Qlty) 1922 bytes/sec
3\9\Speex (8 KHz, 16 bit, 9 Qlty) 2384 bytes/sec
3\10\Speex (8 KHz, 16 bit, 10 Qlty) 3168 bytes/sec
3\11\Speex (16 KHz, 16 bit, 0 Qlty) 620 bytes/sec
3\12\Speex (16 KHz, 16 bit, 1 Qlty) 865 bytes/sec
3\13\Speex (16 KHz, 16 bit, 2 Qlty) 1110 bytes/sec
3\14\Speex (16 KHz, 16 bit, 3 Qlty) 1355 bytes/sec
3\15\Speex (16 KHz, 16 bit, 4 Qlty) 1698 bytes/sec
3\16\Speex (16 KHz, 16 bit, 5 Qlty) 2188 bytes/sec
3\17\Speex (16 KHz, 16 bit, 6 Qlty) 2678 bytes/sec
3\18\Speex (16 KHz, 16 bit, 7 Qlty) 3070 bytes/sec
3\19\Speex (16 KHz, 16 bit, 8 Qlty) 3560 bytes/sec
3\20\Speex (16 KHz, 16 bit, 9 Qlty) 4344 bytes/sec
3\21\Speex (16 KHz, 16 bit, 10 Qlty) 5324 bytes/sec
3\22\Speex (32 KHz, 16 bit, 0 Qlty) 669 bytes/sec
3\23\Speex (32 KHz, 16 bit, 1 Qlty) 1061 bytes/sec
3\24\Speex (32 KHz, 16 bit, 2 Qlty) 1306 bytes/sec
3\25\Speex (32 KHz, 16 bit, 3 Qlty) 1551 bytes/sec
3\26\Speex (32 KHz, 16 bit, 4 Qlty) 1943 bytes/sec
3\27\Speex (32 KHz, 16 bit, 5 Qlty) 2433 bytes/sec
3\28\Speex (32 KHz, 16 bit, 6 Qlty) 2874 bytes/sec
3\29\Speex (32 KHz, 16 bit, 7 Qlty) 3266 bytes/sec
3\30\Speex (32 KHz, 16 bit, 8 Qlty) 3756 bytes/sec
3\31\Speex (32 KHz, 16 bit, 9 Qlty) 4540 bytes/sec
3\32\Speex (32 KHz, 16 bit, 10 Qlty) 5520 bytes/sec

Fonzie311 03-15-2010 01:21 AM

Quote:

Originally Posted by deadlystryker (Post 149381)
I have a similar setup, and the same problem. This is my first post, so bear with me. Before I set my network up as defined by MindScrew, can we narrow this down? I am sure I have missed something along the lines of port-forwarding.


/etc/network/interfaces looks like
Code:

auto lo eth0
iface lo inet loopback
iface eth0 inet dhcp

Through eBox, I have an option of designating my eth0 interface as external.

.
.
.
.

Server

192.168.1.73
|
|
Nate_pc
192.168.1.101
| |
| | PS3
| | |
| | | Xbox360
| | | |
| | | | 192.168.1.xxx (another pc)
| | | | |
| | | | | Two set-top boxes for TV
| | | | | |
Netgear 8 port Gigabit Switch Model GS108
|
|
| Main set-top box
| |
AT&T 2Wire Gateway (192.168.1.254 for configuration)
|
|
Hello World

Quote:

Ports are forwarded to 192.168.1.73 (TCP/UDP 3784. UDP 6100 after reading threads.)
Virtual Server - IP 192.168.1.73 - Protocol both Private and Public port 3784 "6100 is wrong"

Q: Running a server with XP Pro firewall on. If you are trying to run a server on XP Pro and have the XP Pro Firewall feature enabled then you must explicitly enable port 3784 for both UDP and TCP. Some firewall programs, like those that ship with Windows XP, do not have an option called "Both" or "UDP/TCP". In these cases you must create two entries in the firewall: One for UDP and another for TCP. This is easy enough to do by simply giving each entry a unique name such as Ventrilo TCP and Ventrilo UDP and assigning the appropriate network protocol to each one.
If you are running a local server you must have both UDP and TCP enabled for port 3784.


All times are GMT -5. The time now is 03:03 AM.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2017, vBulletin Solutions, Inc.