August 1st, 2003, 05:56 AM
Allowing IP passthrough on DSL?
A very simple idea, yet a serious question for anyone who is familliar with VPN's.
I am currently using a well know ISP, for my DSL connection, as an avid online gamer I have made several recent attempts to host IP games.
Here is my situation, people who attempt to connect to me, whether directly, or through game servers, can not realize my IP adress as valid. After dialing into my modem and poking around a bit, it is a Westell Wirespeed. Long story short in expert mode it allows you to enable IP "Passthrough", which as far as I know allows access to my IP, beyond the VPN. Is this a bad Idea?
August 1st, 2003, 07:31 AM
If i am right (but i'm wrong) it's sth like the supernode of KaZaA?
Don't kill me YET.
August 1st, 2003, 08:06 AM
Hmmm I'm not familiar with VPNs [to start off with ]
But couldn't a DNS solve that issue somehow? DynDNS.org offers free accounts, for either static or dynamic [which is your case] IPs. Anyway, dunno if it helps... but good luck!
August 1st, 2003, 11:01 AM
( Hmmm, I thought I posted this, but it did not show up )
'll admit it, I don't know what a VPN has to do with this.
But, Westell makes a lot of different model DSL modems.
Some have the capability of using more then one IP address, some are routers, some do bridging, some do NAT, some have built in firewalls.
First you have to find out which model number you have. Then find out what it does and does not do. You also have to know your IP address: sounds easy, but how are you getting it? Is your ISP supplying it via DHCP to your computer or to your modem? Is the modem supplying your computer with an IP address via DHCP or is it static?
Find the model number then go to Westell's site and check out the documentation. You mentioned “Passthrough” but does that mean it will bypass the built in firewall or pass the DHCP requests from your computer directly to the ISP??
Read the documentation for your model.
( P.S. If it does NAT then your In Like Flint! )
" And maddest of all, to see life as it is and not as it should be" --Miguel Cervantes
August 1st, 2003, 11:33 AM
I think you might want to clarify a bit more. I can't see how a VPN connection would have anything to do with a gaming server unless all the other participants are using the same VPN solution.
Now, the gaming server should see the WAN interface of your DSL modem. If the DSL modem is NATing, it should make no difference to the server as the traffic will always appear as coming from your routable IP address on the WAN interface of the DSL modem. If you are operating in bridge mode, you are allowing routable IPs through the DSL modem. This is not necessarily a bad idea unless you don't add a firewall between your PC and the LAN interface of the DSL modem.
Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden
August 1st, 2003, 03:23 PM
The fact the people cannot connect to your server tells me you are nating or pating. Nat only works one way (unless it's bridged). That is it will make a connection that you initiate from inside. There is no way to route a connection from the internet that is not initiated behind the router (incoming). They only way to do that is to build a static route inside the router to the ip address of your box. If you are lucky your router will support something that most call a virtual server (sounds like it with IP Pass-through). By enabling that, the router will take care of the static route itself and then you will instantly be able to access the server through the public ip on the wan interface.
Now if you have your own public ip already assigned to your PC then some software you have is blocking it. Make sure the people are connecting to the specified port in case their client isn't defaulting to it already. All on-line games I play usually have a specific port you must connect to.
It's a bad idea to open that up unless you understand what ports it opens. Sure you’re not running a web server or a mail server but.... open ports. At least as a minimum take others advice and get some software firewall. I would block ports in the router/modem if they allow it. Most do now with commands like "disable www" "or "disable telnet" etc. They essentially block those ports. Have fun.
Oh one more thing, if your router/modem lets you build your own static routes, you can just open one port and it will keep all others closed. Something like "static route 220.127.116.11:24503 10.1.1.5:24503" if supported something like that will ONLY route that port and nothing else.
West of House
You are standing in an open field west of a white house, with a boarded front door.
There is a small mailbox here.
August 1st, 2003, 03:32 PM
If you hate your pc and dont care about security and as long as your modem supports it you could just assign your machine to the DMZ.
I remember when Nihil was ickle. Does that mean I'm old?
August 1st, 2003, 03:45 PM
VPN has a lot to do with it
I appreciate the many answers, and solutions.