So you've got some computers behind a firewall, eh?

You can't play games with both people behind your firewall and outside of the same firewall.

Well, let me show you how I have fixed our problem in the hopes you can modify it to fix yours. Also, visit this incredible site to fix your router for almost all Windows games.

If you have a Cisco 678 router, you should be able to follow my instructions exactly.  First, I'll list the General Steps.  Then I'll list my Specific Steps so you can see how I did it.  Finally, I'll explain why my games work when you do this.

General Steps

  1. Go around to each machine and bring up a DOS Prompt (called a Command Prompt under the Windows Start Menu).
  2. Type ipconfig on the prompt.  This will list the machine's IP Address.  Write this down.  Do this at each machine.
  3. Follow the instructions that came with your firewall for connecting to your firewall.
  4. For each machine, open up a port from the outside to the internal address.  Although you can do this for all protocols, my games only need the UDP protocol open on this port.
  5. Make sure that this is permanently written into your firewall using whatever instructions your firewall manual says.

Specific Steps

  1. I go around to each machine bringing up a Command Prompt from under the Windows Start Menu.
  2. I then go around typing ipconfig at each machine's Command Prompt.  Our machines are thankfully assigned numbers like 10.0.0.2, 10.0.0.3, 10.0.0.4, 10.0.0.5, 10.0.0.6, and 10.0.0.7.  I figure that more machines might be added, so I go ahead and write down 10.0.0.8, 10.0.0.9, and 10.0.0.10.
  3. I then go back to my machine, and at the Command Prompt, type telnet 10.0.0.1 .  This connects me to my firewall.  I type in my password (no I'm not giving that here).  Then I type enable (and then the associated password for that).  This allows me to modify the Network Address Table.
  4. For each machine, I type set nat entry add 10.0.0.xx 50xx udp .  For example, I do set nat entry add 10.0.0.2 5002 udp , set nat entry add 10.0.0.3 5003 udp , all the way to up set nat entry add 10.0.0.10 5010 udp .  This opens up the given port (like 5002) directly to the machine 10.0.0.2.  Now all a person has to do is find their internal IP address to know which external port is open!
  5. Finally, I type write to write the new port additions and then exit to leave the firewall.

Why do you need to do this?

I write my games using UDP.  This allows me to bypass firewalls by using a single port.  Unfortunately, I can't guess which ports are open, so I need each user to open them and inform me of this. This is why you must type a port number into my games.  If you aren't behind a firewall, you can just pick a random port.   I then open this port for reading and writing.  Since no programs are listening to this port except my games, you should still be protected from random attacks.  (If somebody does attack your machine and they do find an open port, they can still attack you, but I've learned that you're not safe anyway because port 80 is open to everybody for HTTP browsing.)  If you want to play my games with people both behind a firewall and outside of the firewall, both the internal people and the external people must connect using the external IP address (like 65.101.220.200, not 10.0.0.5).  I don't know why this is necessary, but it does work.

If you have any questions, feel free to email me (my address is on the home page).  I may not be able to answer your question, but I might have an idea where to start (as I've been trying to work this for years).

Hope this was helpful!