Newbie- Forwarding tcp and udp on cisco 804

Newbie- Forwarding tcp and udp on cisco 804

Post by A C Vicker » Sun, 31 Dec 2000 02:02:41



Here is the problem I am having. I am not able to get my router to forward
udp and or tcp packets for microsoft direct play applications. I have
included a copy of my running config and some of the things I have tried.
According to microsofts sight I need to have these ports open.

TCP Port 47624 (inbound and outbound)
TCP Ports 2300-2400 (all ports in this series, inbound and outbound)
UDP Ports 2300-2400 (all ports in this series, inbound and outbound)

Other non direct play apps. have no trouble opening up the ports they need,
the problem lies with direct play only. Here are the steps I have tried to
correct the problem.

1) I have created access lists to permit all protocols with no results.
Please correct me if I'm wrong but if I have no access lists created I am
not resricting acceess at all...I think ?

2) I have inserted a ip-helper address of 10.1.1.1 (router ip) in my
ethernet0 interface with no result.

3)I have enabled the ip directed-broadcast on all interfaces...no result.

4)I have tried to use the ip forward-protocol udp command on my ethernet0
interface but it does not seem to take the command...I believe it has
something to do with a conflict with the ip directed-broadcast command...?

I am a newbie with IOS but I have been trying to learn. But I am just
beating my head against the wall now. I realize that it is probably
something simple or a combination of commands that I'm missing. Any help or
guidance that you can give will be greatly appreciated. If you need more
info on my setup please email me...Thanks in advance.

vmsnet#show running-config
Building configuration...

Current configuration:
!
version 12.0
no service pad
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname vmsnet
!
enable secret 5 $1$X8xU$uXZePc2vy6cBf/64aUiOs0
!
username xxxxxxxxxx password 7 045A5F525F2C4D49
!
pots country AT
ip subnet-zero
!
ip dhcp pool 1
   network 10.1.1.0 255.255.255.0
   default-router 10.1.1.1
!
ip name-server 204.xxx.xxx.xxx
isdn switch-type basic-ni
!
!
!
interface Ethernet0
 description connected to EthernetLAN
 ip address 10.1.1.1 255.255.255.0
 no ip directed-broadcast
 ip nat inside
!
interface BRI0
 description connected to Internet
 no ip address
 no ip directed-broadcast
 ip nat outside
 encapsulation ppp
 dialer rotary-group 1
 isdn switch-type basic-ni
 isdn spid1 xxxxxxxxxxxxxx
 isdn spid2 xxxxxxxxxxxxxx
 no cdp enable
!
interface Dialer1
 description connected to Internet
 ip address negotiated
 no ip directed-broadcast
 ip nat outside
 encapsulation ppp
 no ip split-horizon
 dialer in-band
 dialer idle-timeout 600
 dialer string xxxxxxx
 dialer string xxxxxxx
 dialer hold-queue 10
 dialer load-threshold 1 outbound
 dialer-group 1
 no cdp enable
 ppp authentication chap pap callin
 ppp chap hostname xxxxxxxxxx
 ppp chap password 7 032F0C313F592C7F40
 ppp pap sent-username xxxxxxxxxx password 7 032F0C313F592C7F40
 ppp multilink
!
router rip
 version 2
 passive-interface Dialer1
 network 10.0.0.0
 no auto-summary
!
ip nat inside source list 1 interface Dialer1 overload
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1
!
access-list 1 permit 10.1.1.0 0.0.0.255
dialer-list 1 protocol ip permit
snmp-server community public RO
!
line con 0
 exec-timeout 0 0
 password 7 045A5F525F2C4D49
 login
 transport input none
 stopbits 1
line vty 0 4
 exec-timeout 0 0
 password 7 045A5F525F2C4D49
 login
!
end

 
 
 

Newbie- Forwarding tcp and udp on cisco 804

Post by Phillip Remake » Sun, 31 Dec 2000 10:27:47


Your issue is not access lists, but NAT.  Because we change the address
headers of the packet, DirectPlay might not work.  But a little research
shows that DirectPlay SHOULD work in a NAT environment.

http://www.shadowfactor.com/nat.html talks about the topic.

http://dplay-masq.sourceforge.net/ talks about how to use Linux IP
Masquerade for DirectPlay

and the clues from there, it looks like you just need to open a conenction
to a server, no packets will be INITITATED to you.

So your config should work with no special changes.  Does ANYTHING work with
your config?  Just directplay fails?

Note:  You cannot be a SERVER in the scenario.  If you want to be a server
and have people connect TO YOU, you will
need additional configuration to map requests to the overloaded address.
And you can have only ONE server on your LAN, since you only have one "real"
IP address from your provider.