Topic: Generals works behind a nat with direct conenct!

[spit]

Hey all, ive been interested in this issue for a long time and I like the way it is being investigated here so I decided to post my discoveries.

After reading on this site that someone got DC (direct connect) to work with wingate's VPN , I downloaded and installed it.

I still havent even attempted to install VPN, but Ive made progress in other areas! I dont think VPN is neccisary anymore.
Wingate comes with what I belive is techinally known as an ALG (aplication level gateway) that runs on the client computer and fools all applications into thinking they are directly conencted to the internet, this is different to NAT (which wingate also supports). For the first time ever i was able to join someones IP hosting a generals game from a client computer behind my server and play the whole game without any problems! Im still not entirely sure why it works!

Here is what i did:
Installed wingate on the win98 server, configured win2000 client manually (no DHCP) so that I could manually add my dynamic online IP to the NIC list so that it will be availabkle in the generals online IP selector.  I installed the WGIC client also, which generals will use to communicate. I started generals and selected the correct online ip. Thats it!

But there are some other issues Im faced with now. I cannot host a direct connect game yet, and now I cannot play on GOL (Generals OnLine - the official server) anymore. I can connect to GOL, but when the game starts im the only one to load. When  I get into the game, it semi-freezes. I cant exit the game and I cant make any units move, but I can open menus and click on units and even talk to ppl using the communicator. Its all very weird!

I tried using the port forwarding suggestions in the readme.txt but I either dont understand what they mean, or it simply doesnt work. I also installed normal NAT and told generals to use that, as this is how it worked when i was using winroute pro, but still no go.

Im so close! Im sure there is a solution, but wingate is very hard to configure! And the new people who took over wingate dont seem to have a clue either, as most posts on their site are about people not being able to get NAT to work, and the qbix staff have no solutions for them. I couldnt either untill I disabled the hosts file, it was just a guess, and its probably why noone else has thought of it.

Ive been doing nothing but play with the network for over a week now, and progress is slow. I wouild aprecciate any suggestions! Can a network expert, like gryphon maybe, tell me what I should look for in the log files to see why it is working? I think that is more important right now than figuring out why other things dont work.

I dont reccomend wingate to newbies.

[gryphon]

Can a network expert, like gryphon maybe

I like you already ..
no really. . I am just a kid with to much time on his hand, no social life and a computer, who sucks in games. . so I started doing networking.

Just so we are talking about the same thing. You have used Wingate's VPN software [ not in VPN mode ] to connect to some ones computer [ not GOL ] and play a local or internet game ?
[ I am guessing local at this point ]

Now from behind that same router you also wanted to play on GOL. . although that gives you the errors you mentioned ?

You probably already know this but the below listed posts are required for Generals to work properly as a host if you are behind a NAT router.

TCP ports:
80, 6667, 28910, 29900, 29920

UDP ports:
4321, 27900

Those ports should be forwarded from any router to your client if that is hosting an internet game.

Could you provide a little more info on yoru network layout ?
You are using a Win98 computer with wingate software as a router, so that Win98 computer is the only one with an internet connection and is routing it for your Win2K client ?

Or are both computers behind a hardware router anyway, and the use of the Win98 computer as a router is optional and they both have an internet connection via that hardware router.

one last question, you are using the WGIC client just for Generals to connect via the Wingate server, can you use th einternet to surf, MSN and email [ examples ] wihout that client ?
If the answer is yes the question above this one applies. . . how is it connected.

[spit]

Just so we are talking about the same thing. You have used Wingate's VPN software [ not in VPN mode ] to connect to some ones computer [ not GOL ] and play a local or internet game ?
[ I am guessing local at this point ]

Thats all correct exept it wasnt local, it was from my local machine to the internet, which is why its so significant! I used normal wingate which also has VPN support, which I just didnt enable.

You are using a Win98 computer with wingate software as a router, so that Win98 computer is the only one with an internet connection and is routing it for your Win2K client ?

That is correct, no hardware router. ISDN dialup connection.

one last question, you are using the WGIC client just for Generals to connect via the Wingate server, can you use th einternet to surf, MSN and email [ examples ] wihout that client ?
If the answer is yes the question above this one applies. . . how is it connected.

I can use other internet protocols with or without the WCIG client, I also have nat enabled which my computer will only use if I tell WGIC to specifically leave that application alone.

Those ports should be forwarded from any router to your client if that is hosting an internet game.

Ok so tell me exactly what i must do with those ports? I wasnt sure if I must just allow them, or redirect them. Are they only for incomming connections, outgoing, or both? Also to which ip must I redirect? Ive set generals to use my WAN ip, so must i send to that or to that computers lan ip? If i use port override, is that only for incoming, outgoing, or both? Must i still open those other ports?

[gryphon]

ok. . kind of a weird setup to use Win98 for that server. Although as you got that working it's ok.

What you have done, or tried to do would have been easier with a hardware router. But it should still be possible with your current setup.

On the Win98 routing computer you have to allow te ports listed in my previous post as incomming connections. Allowed incomming connections. And route them to the internal IP address of the computer you use to play Generals on.

With most hardware router all those functions can be set just by using the port forwarding option, and forward the ports to an IP. It will automatically allow them.
I am not really familiar with the Wingate NAT function you are using, so just as a general remark. If you would like to allow port 80 for your generals computer which is on IP address 192.168.1.11. The forwarding rule you should make looks something like :

Inbound port : 80
Direct to IP : 192.168.1.11
Direct to inbound port : 192.168.1.11 [ this is the post on your client where the incomming traffic get's routed to ]
Protocol : TCP / UDP [ usually you can just select one of both, some setups also have the "all" option ]

A rule looking something like that [ for all ports listed ] should do it.

[ edit : for some games just the listed ports don't always have to be the only ones [ manufactorers can be wrong ]. Usually you can use a DMZ, or folwarding of all incomming ports and protocols to one IP to trouble shoot that. If the game / application doesn't work with just forwirding ports  .. place it in a DMZ and see if it works ok then. If not you are in bigger troubles then just portforwarding. . . ]

[spit]

Actually software routers are much better than hardware routers. Their software gets updated and usually has a ton more features. Theres nothing a hardware router does that a software one cant do.

Maybe i shoudl try forwarding all ports or dmz. I dont know how to do that in wingate yet but i can look it up. How would you do it on your router?

[gryphon]

Actually software routers are much better than hardware routers. Their software gets updated and usually has a ton more features. Theres nothing a hardware router does that a software one cant do.

actually . .harware routers are better then software. The preformance is usually better [ when you are comparing the harware specs ]. And they are not depending on a OS that can be crashed. .
Hardware routers get so called firmware updates to. Cisco for one released one for the core couter series last summer, they appeared to have a pretty big bug in them ..
And I am not really shure about software routers being able to do the things Cisco core routers are doing, or making Frame relay connections for that matter. .

At home I am between 2 routers, which both use a different interface type.
One of the option to set up a DMZ is taken from a Cisco router. With console access you have to use the below command [ not compleat but sort of ]

interface FastEthernet0/0
 description DMZ
 no ip address
 duplex auto
 speed auto
 bridge-group 32
!
interface Ethernet0/1
 description Internet
 no ip address
 bridge-group 32
!

With web based config's for home routers it's a little bit easier. Example taken from a Linksys router.



Port forwarding can be done using the below on the same Linksys router.

[Doc Nyar]

Software or hardware routers.. I guess it all depends on what you want to do with it. Having worked for Cisco, I can tell you that their (hardware) routers (and those of their competitors) are far more advanced then any "software router"...

[spit]

I dont want this thread to go off topic, so i will post my last thoughs on this matter and ignore all replys pertaining to it. I will let you have the last say. If you really want to argue about it, make another topic.

Performance of software routers depends on the hardware it uses, and the components can be changed for the router unlike a hardware router (youll have to get a whole new router). You cant say a software router will not be as fast as a hardware router, the speed is a factor of the hardware. An OS doesnt crash itself, ive used a win98 machine this whole year simply as a router and have never needed to reboot it untill now (thats 10-11 months without any maintenance and my connection was as fast as ever).

Well i wont pretend to know what frame relay is, but a quick search in google for "software Frame relay connections" turned up  many hits, including this one
http://www.hp.com/products1/unixserverconnectivity/adapters/frame_relay.html.

Doc nyar, how many software routers have you used? Thats quite a broad statement to make considering its assuming that the coders are slacking?


And now to get back on topic! Someone just made a lan patch for need for speed underground, and when asked they said one of their tools was "commview" for viewing network connections. I got hold of a full version now and it looks really in depth! Ill be using it to find out exactly wtf generals is trying to do.

[spit]

Ok it works 100% now.  

The problem: Generals and Zero Hour won't direct connect to an internet IP, when the computer it is running on has an IP in a different network range.

Solution: install an ALG. ALG stands for Application Level Gateway and will fool the program 100% into thinking that it is directly connected to the internet. The problem with the way I did it, is that only one person can direct connect from the network to the internet at a time. But this should be ok for most people.

For direct connect hosting, you will need to open the following ports on the internet server:
UDP 8086 - lobby
UDP 8088 - in game

Note that it is the game.dat file that handles all network communications and not the generals.exe.

On the client machine, you will need to add your current WAN (interenet IP) to the network cards' list. Do this by going to TCP/IP properties of your network card, then click on the advanced  button and add your WAN IP under the "IP addresses" list (do not replace your network address).

Start up Generals/Zero Hour and click on the options menu. In the "Online IP" drop down box, select your WAN IP.

Now all you need to do is set up the ALG client and server. I used wingates' WGIC (WinGate Internet Client) . I have installed wingate 5.2.2 on the server, with NAT, some proxies and WGIC enabled. On the client machine I installed the WGIC and removed all applications from its  "Applications" list.

I still use normal NAT for all internet tasks, but when I want to play direct connect, I toggle the WGIC on and play. Afterwards I switch it off again.
The WGIC will take over all network communication from the machine it is on.  If you want to play on the official generals (GOL) servers, do not use the WGIC, use normal NAT. Remember to add your new online IP to the list your network card uses, each time it changes.

[gryphon]

thanks for letting us know .. ..

and enjoy playing it online ..

[Frosty]

Posted by: gryphon

You probably already know this but the below listed posts are required for Generals to work properly as a host if you are behind a NAT router.

TCP ports:
80, 6667, 28910, 29900, 29920

UDP ports:
4321, 27900

Ok, but then ...

Those ports should be forwarded from any router to your client if that is hosting an internet game.

I see this time and time again, these are outgoing ports and are not needed to be forwarded in order to play or host on GOL.  You only need to forward one port and that can be picked by typing the port number in "Firewall Override" box in options. Works fine for me and my friends. Here my wife plays at the same time and the only port that is open to each machine is that single port for generals, the rest are blocked.

Granted we are not behing NAT, we have a single DSL router, but its not NAT, we have an IP block and the router does nothing. I too use a "software router", if thats what you want to call it, a small machine with 2 network cards, router goes in one, the other connects to the internal lan, works as a firewall too. http://www.smoothwall.org/ excellent system, is an entire OS based on GNU Linux but is just a firewall/router. Cant recommend it enough.

Anyway, my 2p wub you all!

[KarahaNa]

say, i have an Alcatel Router...
my network IP is 10.0.0.1...

i realy realy realy realy want to be able to play with my freinds C&C zero hour...
on DIRECT CONNECT..

what do i do..?

i'v added the WAN ip the router gets to my local machine IP list
i can see this ip on the game's option box... but still , cant host or join a game on direct connect..

plz help

[gryphon]

what have you done sofar to get it to work ?