a big mean Voyager 205

Hacking at the BT Voyager 205 adsl router modem

This started as a wee collection of miscellaneous telnet cli commands, tweaks, hacks and other fun for the BT Voyager 205 router. a.k.a. "Globespan Viking" (Globespan is now owned by conexant), but my original BT Voyager 205 text file started getting a lot of google-type action, so I eventually got around to doing a web page proper, as promised.

If you are looking for a quick, automatic solution, check out ARSE.

What we now have is pretty much Viking Central, and owners of all the viking chipset based routers; BT Voyager 205, of course, CastleNet AR502, Dynalink RTA100, RTA500-D51, GlobespanVirata, Netgear DM602, Solwise SAR100 & SAR130, Riger db102, Callisto 821, BT Voyager 205, CastleNet AR502, Cell pipe 22A (21A) -BX-AR, Dynalink RTA100 (Viking I), Dynalink RTA500-D51 (Viking II), Siemens E-010-I, Speed Modem 50, Speed Modem 100, Tenda TED8620R and probably many others; as well as folks with no pretence of owning anything even remotely similar, drop by with their router woes and triumphs. It's been a lot of fun. Check out the full story in the many hundreds (make that thousands! -ed) of comments.

BT Voyager (not 205) users, please go HERE!

I'm told the voyager pages are a good read for other network n00bs, too, so if you're looking to find out what a "Static IP" is, or learn a few proxy tricks, setup a webserver, or maybe just soak up some network basics, you may just find what you need right here. I'll let you be the judge.

As well as how to configure the voyager router, most folks seem to be looking for security and stealth, NAT rules (with examples), port-forwarding, and porn, well, apart from the porn, it's all here!

There's been some re-organising, splitting up the data into separate pages (please see the menu at the top), usually in response to the groovy comments at the foot, clarifying and expanding things as we go along, mainly so people don't have to keep asking the same questions over and again.

Fire away! but do bear in mind, if it's a technical issue that's already been covered here, the response is unlikely to be what you'd hoped for! At least run through the troubleshooting checklist before asking FAQs. Otherwise, feel free to add a comment, or just rant and flame. There's no such thing as a stupid question, though barney's come pretty close (hehe, just kiddin' dude! ;o)

meet the black box...

Model       : Viking
Name        : voyager
Domain Name : corz.ath.cx
Description : DSL Modem
Location    : Aberdeen, Scotland
Contact     : cor.. http://corz.org
Vendor      : GlobespanVirata Inc.,100 Schulz Drive, Red Bank,NJ 07701,U.S.A
LogThreshold: 1
Object-id   : 1.3.6.1.4.1.50000
HwVersion   : 810020
SwVersion   : V1.1
DSL Version : Y1921a
System Time : Sat Nov 27 14:11:44 2004
Time Zone   : GMT
DST         : On
Services    : physical datalink internet end-to-end applications
UpTime(HH:MM:SS)     : 13:37:23
Backup Interval      : Disable

Power Required	: 16V ~ 1A [16VA] AC

It's worth investing a little time in getting to know the unit, setting it up properly. With only a couple of simple commands you can create a hardware-firewalled, safe, internet-enabled LAN environment for your home or organisation. The box comes free with BT's current 1MB/2MB broadband package, possibly other packages. With free adsl connexion thrown in, it's actually not a bad deal. At least until the limits set in, circa May 2005. *sigh*

The BT Voyager 205 is a good wee box. As well as a simple USB modem (you won't need to remove that sticker, ever!), it's a "real" router, so you can just connect it to an ethernet switch and tada! your whole LAN has internet. No drivers required! I repeat: NO DRIVERS REQUIRED!!! The unit can act simultaneously as a router AND a modem, all by itself.

Using ethernet, the voyager works independently of any computer, so it doesn't matter if you're running OS X, BSD, Linux, Solaris, Classic Mac OS, Amiga OS, even Windows®; this box can act as your "always on" internet gateway. It's got NAT, a good IP filter firewall with stateful inspection (don't believe the rubbish they tell you elsewhere!), dhcp server, access control, comprehensive attack protection, automatic DUC, the works! It begs to be tweaked and hacked, and we've already discovered some useful undocumented functionality doing just that, as well as render at least one unit completely unusable!
NO-USB!

NO USB past this point!

Before we go any further..

If you insist on using USB to connect to the router, expect to a) have lots of trouble with your internet connexion, b) be ignored here when you ask perfectly reasonable questions, and c) spend a lot of time at the troubleshooting page, on your own! Simon says, "Get a NIC!", or words to that effect, which is a "Network Interface Card" and will cost around three bucks in any currency. We really did have a Simon that said that! Check the comments.

But Kev tells us that if you go into your Windows Device Manager (run "devmgmt.msc") and bring up the properties for your USB root hubs, and on the "Power Management" tab, UNcheck the box where it says "Allow the computer to turn off this device to save power", you may at least not have to suffer the thing cutting out every five minutes. This will keep you going until you get a switch!

Okay, NOW we can start..

Getting Started..

Ironically, the best way to begin hacking this thing, is to start with the web interface..

http://192.168.1.1 (the preset default address, you can change this)

If you have a static IP on your puter, ensure you are in the same "subnet", in other words; 192.168.1.something (if your whole LAN uses static IP's and they are *not* on that subnet, you can change the IP of the router to match your LAN, though you will have to temporarily flip your computer's IP to 192.168.1.3 to alter the router's IP to 192.168.0.1 (or whatever), oh the pain! but you can also create "virtual" ethernet connexions, serving multiple subnets)

note: the 205, as supplied by BT comes insecure out of the box. I think BT imagined the ethernet port would be used only by XBox and PS2 gamers, or perhaps they wanted to drop in sometime. Anyway, the unit connects itself to your favourite ISP right at startup (remember this if you are trying to setup the 205 for different ISP, like Tiscali, or AOL (puleeze!) or whatever, you'll need to enter your login details before you connect the 205 to the phone line!) so first thing to set is..

set this to "High", which is better than it was, but not a lot. Apply, and Save your changes. (the oddly-placed red save button appears on all the advanced pages) now you can breathe a little while you get this thing properly secure and working the way you want it to. after enabling the basic security, setup any other stuff you understand, save again, then go to..

and click the 'Save Config' button, which will save the current configuration to your hard drive.

this exported file is no more than a list of cli commands for the voyager router. with this list of commands, you can recreate your router's current state at any time in the future. make a copy of that file, and start adding to it. Later you can upload it to the router via FTP, and use it as your default command set.

Let's Hack!

With our current configuration safely backed-up, we can start to really hack this thing.

There are two schools of thought as to how best to approach this task. Some folk prefer GUI tools, and others prefer a command line. Each has advantages and disadvantages. The main disadvantage of the cute web interface gui is that only some of the pages are available, however we have overcome this and though I personally prefer to use the command line to configure my router, I have created a couple of tools allowing GUI fans to access the "hidden" pages of the web interface, where you can now get to most every setting you will ever need to tweak. It's certainly easier to view the results in the web interface, anyway.

Those page selector tools are right below this article, above the comments. Conveniently, you can also open them in a separate window, and if you save the resultant page to your hard drive, you can use these tools at home, even when you're offline. If you have a webserver with php running, source is also provided.

But it's from the command line that ALL the settings are available. The ability to drag & drop commands into a telnet session, not to mention its scriptability, makes the shell ideal for a job like this. There's something wholesome about plain text commands, a particular clarity. So let's open a telnet session..

telnet

Telnet is just a protocol, like FTP is. It allows you to run a command line on a remote machine (in this case, the router). All modern operating systems have a Telnet program built-in, usually called simply "telnet". Only via telnet can we access the router's raw command line, where commands can be typed directly into the router's brain.

When I first dropped into the command line (from my mac) I was frustrated by the inability to delete characters, or move around with the arrow keys. One wee mistake, and BANG! you have to start again. I tried using Putty, and other tools on the peecee, but still the same effect, eventually I just accepted that it was "a router thing".

However, if you open a plain old telnet session from a plain old DOS box, at least on XP, you have a magic telnet session that allows all these things! BobR tells me it's because of the "Terminal Emulation" mode used, of course! XP defaults to the old DEC vt100 emulation, which works perfectly! Cheers Bob!

Scattered throughout this area of the site are clickable links (there's one coming right up) which will, in theory, open a telnet session on your machine. And if you are running windows, you'll likely get the same magic telnet session as me!

by default the router lives at 192.168.1.1 so go into your shell and do..

telnet 192.168.1.1   <-- click here to telnet into your router!

telnet to vogayer router
( note that inside my LAN "router" resolves to 192.168.1.1 )

The account login is the same as the web interface ( preset defaults are user: admin  password: admin ) very secure! you can ftp in, too, but although there's lots to see, there's not a lot to do, at least, so far. we'll see. with the right firmware it might even do ssh.

On a mac, you can select any command line from this page (or your own script), drag it into your terminal (connected via telnet to the router, of course) and your hacks go live!
telnet tip: before you drag-and-drop, when you select the command, select the whole line, including the following line-break; then <enter> will be pressed for you as well. in bbedit, TextPad, EditPlus, etc., this can be achieved by simply clicking to the left of the line. (this also works in certain Linux desktop configurations) note: if you drag-and-drop from this page, make sure the example IP matches yours!

another tip: Ctrl-D will close most telnet/ssh sessions.


IMPORTANT: when you login to a telnet session, you will not see your password being entered, no asterixes, nothing, but for sure, it's going in just fine! Hit <enter> as normal, and you'll login without any problem. It's not broken, it's a security feature!

I've used greyed-out text here, to differentiate between the telnet commands and my comments, to (hopefully) make things clearer, at least, clearer than they were to me when I started messing with this thing this morning, getting most of my clues from Chinese web sites! they've had the Viking chipset a while, apparently. okay ...

In a telnet session with the router, you can type any command and then a space and then a ? to get help for that command, like this..

get ?

which would produce a list of possible "get" commands, next you could do..

get ppp ?

I can honestly think of no reason whatsoever to have this image here for a list of "get ppp" commands, etc.. this tip will save you hours!

?

on it's own is the same as

help

which gets you a list of top-level commands.

use the UP key to recall the last input command. use this a lot!

after giving help, the cli puts that same command back on your current command line minus the "?", so you can build up long commands one command at a time, getting help all the way. neat. okay, first..


Stealth and Security..

You will probably want to begin by stealthing your router. A stealthed router sends a definite signal to any potential attacker, and also refuses to needlessly leak information about your computing environment. You can stealth a voyager 205 with just two simple commands..
create ipf rule entry ruleid 5 dir out act accept storestate enable seclevel high medium low
create ipf rule entry ruleid 500000 ifname public dir in act deny seclevel high medium low
Much better! a simple start.

Now you got stealth, nothing's getting in! so if you want to run any servers, ftp server, web server, whatever, or effectively use any p2p application, you'll need to create individual rules to allow this inbound traffic, inserting them numerically between the two magic stealth rules above. an example BitTorrent rule..

create ipf rule entry ruleid 6881 ifname public dir in act accept destport range 6881 6899 transprot eq tcp seclevel high medium low


After dropping in another rule for the±wire it looks something like this..

stealth firewall settings, click for the stealth page
this screen is here ..

You might want to enable standard attack protections..

modify fwl global blistprotect enable attackprotect enable dosprotect enable

these should be on by default, do check your model/settings (and exported .cfg file).

who da bad boys? ..

get fwl blacklist

to delete a firewall rule..

delete ipf rule entry ruleid 6881


check out the stealth page for a great deal more information about stealthing your router, including important notes on firewall testing.


NAT   (not an insect)

If there are a few or more users in your home/business/organisation, you'll likely want give them all internet access. broadband was made for sharing. this is where NAT comes in. NAT, or "Network Address Translation" is simply a way for multiple "private" computers to share a single "public" IP address.

The NAT "gateway" (our beloved BT voyager 205) translates all the outbound requests from our individual "private" computers (called 192.168.1.whatever, safely inside our Local Area Network, or "LAN") and alters the packets so they appear to originate from a single "public" IP address (which is all the folk on the outside can see). When the requested packets return, the NAT reverses the translation, and routes the data back to the originating "private" machine. clever stuff.

Because the Voyager can apply "stateful inspection", inbound packets are examined on arrival, and only those packets we requested are forwarded on inside the LAN. Essentially nothing gets through the NAT unless we asked for it first, or, like the BitTorrent rule above, we specifically open up a port.

So first we.. NAT everything!

create nat rule entry ruleid 100000 napt

I recently discovered that the voyager has a hidden NAT rule which does exactly this. Mine is rule ID no. 4294967295 ! I still add my own though, where I can see it.
more gratuitous voyager 205 imagery!

port forwarding.. maximum 20 rules!

After opening ports to allow inward traffic, you need to route that traffic to a particular "private" computer inside your network. To do achieve this, we use port forwarding. It does exactly what is says on the can, forwarding the data packets on to the private machine.

In order for this to work as expected, your private machines (machines at this side of the firewall) need to have "Static IP's". Most computers will, by default, get their IP address dynamically, that is, it will be assigned by the gateway computer, which is our router (aye, there's a wee computer inside there!). You'll need to ensure that dynamic IP addressing (dhcp) is disabled on your computer, and you have instead manually  assigned a static IP to the computer, probably something like 192.168.1.3. For more information on how to do that, see here.

It could be argued that "my computer always gets assigned 192.168.1.3", but that's asking for trouble when, six months down the line, you add a laptop to the network and suddenly all your firewall rules stop working, and it takes you six hours of troubleshooting to figure out why! If you need DHCP, mindfully create a special pool of addresses, for "guests", or whatever. In a discipline with so many variables (networking) it makes a great deal of sense to convert as many as possible to constants. So with your target machine at a fixed, reliable, constant address; let's do it..

This example NAT rule will forward all inbound bittorrent traffic to a machine at IP address 192.168.1.3..

create nat rule entry ruleid 6881 rdr prot num 6 lcladdrfrom 192.168.1.3 lcladdrto 192.168.1.3 destportfrom num 6881 destportto num 6889

Something very similar would work for any p2p application and protocol; eMule, edonkey, kazaa, LimeWire, WinMX, Gnutella, Direct Connect, etc, etc. same for servers; FTP server, Web Server, whatever.


check out the recipes page for lots more details and a whole bag of ready-made NAT rules!


As well as simple redirection, you can create different kinds, or "flavours" of NAT rule, and put ranges of ports into one rule, too. handy, because you can only have twenty rules maximum. you can also create IP ranges (aka round-robin), more useful for sharing load on multiple servers. check out the PDF's at the foot for an almost complete list of all the NAT, and many many other rules.

A simple NAT configuration might look like this..
basic NAT settings
click the magnifying glass to look at stuff close up..

detail image of NAT rule

you'd think the "global address to" would need to be 255.255.255.255, but the voyager doesn't seem to care. I guess when neither are specified it just presumes you mean everything.

you can do..

create nat rule entry ?

for a list of all the NAT options. You can delete a nat port forwarding rule like this..

delete nat rule entry ruleid 6881

If you are looking for a particular solution, it's probably on the recipes page!

If not, consider making a donation, and request that it be added!



essential tweaks..

ppp link...

Enable ppp keepalive..

modify ppp global keepalive enable

ppp sessions time-out after thirty minutes inactivity. let's change that..

modify ppp global pppsesstimer nevertimeout

(for v1.8 firmware, replace "nevertimeout" with "99999")

time to live..

modify ip cfg ttl 64

network connexion limits...

The maximum number of IP sessions the modem can manipulate simultaneously is 512. the default is 192, let's fix that..

modify nbsize maxipsess 512

note: if you have upgraded to the v1.8 firmware (which I have not) you can only set that to 511, not 512.

for gamers..

Opening and closing lots of connexions quickly (like some p2p apps and most networked games do) can fill up that connexion table pretty fast, because you open new connexions before you have closed the old ones. exactly how long the old connexions stay open is up to you..

modify nat global tcpidletimeout 3600 tcpclosewait 45 tcptimeout 30 udptimeout 90

those are the default setting, but you can probably get off with using much lower values, especially if you search for game servers a lot, something like these..

modify nat global tcpidletimeout 1800 tcpclosewait 30 tcptimeout 10 udptimeout 15

or even less. Every setup is slightly different; experimentation is the key to success. There are other parameters that may be set, too, for more details, open a telnet session with your router and do..

modify nat global ?

replace a time server entry..

modify sntp cfg disable
delete sntp servaddr dname Time.apple.com
create sntp servaddr dname pool.ntp.org
modify sntp cfg enable
get sntp stats



etc..

Get stats on stuff..

get system
get nat stats
get ip stats
get sntp stats
get pfraw stats
get ethernet stats
get fwl stats
get dsl stats curr

get user
get ipf session



create a new user..

create user name boss passwd mypassword root


alg rules...

"Application Layer Gateways" are clever things, allowing you to run IRC and ICQ clients, FTP servers and the like without endless firewall hassles, thanks to the 205's "stateful inspection" mechanisms. Most of the common ones are already in place, but if you need something special, you can add it yourself.

This example would allow you to connect successfully to an IRC server running on a non-standard port, in this case port 7000..

create alg port portno 7000 prot num 6 algtype mirc


more than just for fun...

modify system contact "cor, http://corz.org"
modify system location "Aberdeen, Scotland"
modify system dname "corz.ath.cx"
modify system name "Starship Voyager 205"


you can do them all at once, too..

modify system contact "cor, http://corz.org/" location "Aberdeen, Scotland" dname "corz.ath.cx" name "Starship Voyager 205"

Would be fun to have a finger server on the unit, presenting this info to whoever asks.
For more of these sorts of fun and games, don't forget to check out the tips & tricks page! (Hacks for Dynamic DNS, alternative DNS servers, ping, traceroute, custom logging and much more!)


cool it!

This box runs hot. There's enough anecdotal evidence going around to suggest that when things start to wonk out, heat can be a factor. In short, keep it somewhere cool, like under a window, or sit some nice flat-bottomed, metal object on top of it to act as a heat-sink, or both..



If you REALLY want to cool it, check out this.


lastly..

Don't forget to check out the router directory in my public archive for many interesting files ( including PDF's containing ALL the possible commands), firmware utilities, patches, shell scripts, and much more..

http://corz.org/public/docs/comms/router/

you can download the main two directly, here..

pdf document icon    pdf document icon
if you don't have a PDF viewer, you'll need to..

get acrobat reader logo
have fun!

;o)


ps.. the original protective sticker is still stuck over the USB socket of the Voyager 205,
and it's going to stay that way, too!

Secret Page Selectors..

Telnet may be a superior tool for configuring your router, but your web browser is certainly a much cooler way to view the results. Don't forget to bookmark your favourites!

Secret Admin Page Selector!

Skip the tedious interfacing, and open all the "advanced" pages directly, including quite a few you can't get via the regular BT pages!

(opens in a cool windoid, or possibly a new tab)

special pages..

get the source!   open this tool in its own window

Secret PopOut Page Selector!

More of the same fun, but this time, for the PopOut pages.

(opens in a cool windoid, or possibly a new tab)

get the source!   open this tool in its own window

Before you ask a question..

PLEASE ensure you have at least run through the troubleshooter at the foot of the troubleshooting page and checked EVERYTHING!

Note: If your router isn't a Voyager 205, go here.

Please note: comments on this page are now disabled: but that doesn't mean I want you to mail me with your router troubles! If you want my time, the PayPal button is in the top-right of all pages!

NOTE: If you load this page with ALL comments, you will probably find someone has already asked your question, and been answered.

return to paged comments
anonymous - 14.12.04 5:38 pm

thanks


sean - 14.12.04 8:31 pm

re:yr explanation of port forwarding. very concise and to the point...excellent! me been a total noobie it didn't mean that much to me tho. don't suppose its possible to put into noobie layman's terms is it??? do i need to set up a static i.p as well?? keep up the good work.
sean.


anonymous - 14.12.04 8:39 pm

ps...the ports i'll be trying to open are..bittorrent,winmx, and prob one for battlefield 1942. don't know if you needed to know that, but there you go. cheers.


cor - 14.12.04 11:06 pm

you can adapt these rules to cover any port, just pick one, say the Gnutella rule, and replace every occurence of 6346 with whatever port you need. different games use different ports, so check the game's manual. Also you may need UDP rules instead of TCP. (UDP is faster, I'd imagine many games use this)

There are different flavours of NAT rules, too, open a telnet session with the router and mess about with them. do.. create nat rule entry ? to see all the possible options. I'm no gamer, so if you learn anything interesting, share it back!

I've added a wee note about NAT, which will shed some more light on things. Being a noob is good, you've got so much fun ahead!

remember to commit
for now..

;o) Cor




sean - 15.12.04 12:41 am

thanx for advice, you've been a great help. looking forward to getting some speedy downloads now. cheers.

sean



anonymous - 15.12.04 12:55 am

thats great. thanx v much for advice. looking forward to them speedy downloads now. cheers......sean


cor - 15.12.04 10:37 am

och, I enjoy it!

As for static IP's, generally, if you never need anything other than basic internet (web/email) access, leaving the defaults (at least for most OS it is the default) of dynamic IP's (dhcp) is just fine.

But as soon as you start to want to do anything, like run multiplayer games, or servers, or interesting communications devices, static IP's starts to make a whole lot more sense.

Check out my stuff on hosts in the /serv/ section of corz.org. Static IP's doesn't always have to mean long ugly numbers! For instance, in my own LAN, the other machines know my mac as "imac".

;o) Cor



Snoopy - 16.12.04 11:42 am

Looks like i'm another noob as far as routers/ststic ip's and port forwarding is concerned! I've tried following all this and have attempted some of the instructions without much success!
I'm running a mixture of Kazaa Lite Revolution, eMule & use SuprNova as well. One thing I have noticed is that whenever I try to run eMule, my Outlook and Interent Explorer cease to connect!
What I don't understand is why everyone else get great upload speeds from me whilst I cannot get the downloads!
These instructions have been very clear and concise but I think I'm just to inexperienced as far as networking and routers are concerned!

HELP!!! lol


cor - 17.12.04 4:43 am

True, these instructions do assume a working knowledge of certain concepts. reading it over again more slowly is good, we humans often need to do this with "new" material. you'll find a little more information soaks in each time.

If you are experiencing good upload speeds (others downloading from you) then at least it looks like the port forwarding worked! I notice kazaa lite revolution now uses port 3392 by default rather than 1214. you can change these things in its prefs, I'd imagine.

The key is experimentation and determination. very little of this worked first time for me, either! how far have you got?

;o) Cor



Snoopy - 17.12.04 5:35 pm

I have set up what I believe to be the correct NAT Rules to handle the port forwarding but it doesn't seem to have made any difference.
I think perhaps I need to understand the principles a little better first.

Maybe a stupid question but how does my static IP address fit into all this?
Is traffic that the various programs direct to their own port numbers all meant to be directed to my static IP or vice versa?

Also, Bit Torrent sites do not seem to have port settings on them so how does the router handle these? Or am I missing something very obvious here?

Any thoughts on why my Outlook and Internet Explorer fail to connect when I am running eMule?


It's trying my patience so I hope I am not trying yours! lol


cor - 17.12.04 9:33 pm

First the ports. you have 65536 of them, we all do, well, our computers. Some are familiar numbers; port 80, world wide web; port 21, FTP, etc. By default, BitTorrent uses ports 6881-6889, but you can use whichever ports you like, so long as you alter your firewall/NAT rules to match them.

Your BitTorrent client announces your current incoming port to the tracker (one per torrent) and that is the port on which other torrent clients will attempt to connect to you. It doesn't matter what port you use for BitTorrent, so long as you create firewall/NAT rules allowing traffic on that same port.

The main reason we have "default" ports is simply to prevent global confusion and network bottlenecks. A web server could easily run on port 5735 or whatever, but having them all running on port 80 (mostly) allows us to configure firewalls and create web browsers without the whole show going completely haywire. having separate port numbers for different kinds of traffic allows us to organise things more effectively, too. On most unix systems, for instance, running a server on any port below 1024 requires "root" privileges.

A Static IP is simply a "fixed" address where other machines on your LAN can find you, like a telephone number. Most computers on the internet have a static IP that we use to find them. Google is 216.239.57.99, and typing http://216.239.57.99/ into your browser will take you straight to google. Fortunately we have DNS to translate these numbers into cute names. That is google's "public" IP (one of them), behind their NAT is probably a thousand sepearate machines, each with different "private" IP's, but we don't see those.

Inside your own LAN, you can use whatever numbers and names you like, so long as all your own boxes (including your router) can find each other, it doesn't matter too much how you achieve it.

Your router uses this private IP address to route incoming connexions to your individual computer. When an incoming packet arrives at your public IP, that is, your outside IP (currently 217.42.237.***), destined for port 6881, our router checks the firewall rules; Yes, that port is allowed, then it checks the NAT rules, to find out where to send the incoming data packet. In my case; it redirects it to a machine at 192.168.0.4. The router will only do what it's told to do.

As for the eMule/Outlook issue, firstly I would recommend getting a decent email client, and if that doesn't fix it, ask the dudes at the eMule project, they may already be aware of the issue. I don't think it's a router problem.

And don't worry about my patience; it's endless!

;o) Cor



barney rubble - 18.12.04 2:14 pm

Well as a newbie i at first found it all quite daunting hey but I just followed your commands and bingo I have a stealthed machine that works great and have backed up this config for future use.
Much appreciated

barney


barney - 18.12.04 2:18 pm

Would appreciate a Janet and John guide to setting up a static IP for one machine just to make sure I have actioned correctly
Thanks once again

barney



cor - 18.12.04 2:22 pm

the rules you need for eMule are..

firewall:
create ipf rule entry ruleid 4662 ifname public dir in act accept transprot eq num 6 destport eq num 4662 seclevel high medium low
create ipf rule entry ruleid 4672 ifname public dir in act accept transprot eq num 17 destport eq num 4672 seclevel high medium low


nat:
create nat rule entry ruleid 4662 rdr lcladdrfrom 192.168.0.4 lcladdrto 192.168.0.4 destportfrom num 4662 destportto num 4662
create nat rule entry ruleid 4672 rdr lcladdrfrom 192.168.0.4 lcladdrto 192.168.0.4 destportfrom num 4672 destportto num 4672


I installed it on a peecee this morning. all eMule port tests passed, High User ID, Kad "open". it's a nice app, impressive.

;o) Cor



cor - 18.12.04 2:35 pm

great news barney!

To setup a static IP on a windows machine, open the properties for your LAN connection (control panel > Network Connections (on XP)) and go to the "General" tab. Select "Internet Protocol (TCP/IP)" and click "Properties"

Then click "Use the following IP Address" and enter in your desired numbers, likely..
IP Address 192.168.1.3 (or whatever you desire)
Subnet mask 255.255.255.0
Default Gateway 192.168.1.1


for your two nameservers use..
192.168.1.1
212.159.11.150

You can add more nameservers in the "Advanced" dialog, but shouldn't need to.

This presumes you have the router at its default IP of 192.168.1.1. If not, alter the address to suit. (mine is 192.168.0.1)

If you run Mac OS X, these settings are in the System Preferences, "Network" settings. On Linux you just edit the hosts file. That's it!

have fun!

;o) Cor

ps.. give my regards to Betty!


barney - 18.12.04 7:28 pm

everything still working ok after many reboots although only getting local connections when using torrent system I had static ip correct thanks for the calibration.
Any idea on local problem, i have set client to 6881.

betty says hi!

best

barney


cor - 18.12.04 9:12 pm

"local connections". explain.

;o) Cor

ps.. feel free to jump into my site chat about this!



barney - 19.12.04 12:59 pm

have downloaded wire can it talk to
a mac from pc? will chat when you have the time

best

barney


barney - 19.12.04 1:09 pm

My Word I wish I had Putty yesterday?

best

barney


AgentGates - 19.12.04 5:25 pm

Hi Guys,

How could I use dynamic dns options on voyager 205?
I tried this way:

"create ddns hostname name myhome.example.org ifname ppp-0"

How could I give the username and password of my dyndns account?

Thanks for your help :)

AgentGates



cor - 20.12.04 4:40 pm

yeah barney, Putty is da shitz!

to chat; there's a link under my smiley (almost invisible) in the right of the toolbar at the top of this page, and the±wire, of course, which keeps all the puters in my LAN talking to each other. mac to pc, no problem!

of course, I'm not always on the other end.

As for the ddns, Woah! DUC capabilities! I didn't even realise it could do DUC! neat. TZO works for sure, dunno about other service providers. There's nothing about it in any references I have, but in a telnet session I just got this..
$create ddns intf ?
Parameter                         Description
---------                         -----------
ifname <name>                      Interface Index
srvcname tzo|dyndns                Name of the Dynamic DNS service provider
username "<name>"                  Username registered at service provider
passwd <name>                      Password provided by service provider
[ system dynamic|static|custom ]   Type of system
[ wildcard enable|disable ]        Wildcard CNAME to be resolved or not
[ mailexchger <name> ]             Name of the mail exchanger
[ mailbackup enable|disable ]      Setup MX as a backup MX
[ offlinesupport enable|disable ]  Set hostname to offline mode    

very interesting! go mess about with that lot!

I'll have a play with this shortly myself, see if it can do my no-ip.org for me. that would be very handy!, one less job for the puters. this router just gets better every day!

thanks for the heads-up!
for now..

;o) Cor




cor - 20.12.04 5:15 pm

it works!

it only works with tzo.com or dyndns.org, but it does work!. cool!

you can create multiple dynamic DNS entries, too. here's my wee lot..
# make the entries first..
create ddns hostname ifname ppp-0  name corz.dyndns.org
create ddns hostname ifname ppp-0  name corz.ath.cx
create ddns hostname ifname ppp-0  name corz.serveftp.org

# then setup
create ddns intf ifname ppp-0 srvcname dyndns username "corz" passwd PaSsWoRdHeRE system dynamic wildcard enable

w00h00! I got DNS!
for now..

;o) Cor



barney - 20.12.04 7:26 pm

Hello Cor

So I wiped out all my settings in the ipf filter and
added your suggestions, plus opened the ports for
for Bittorrent and Shareaza so that gives me 4 entries
in the ip filter.
No problem per se with downloading in BitComet, however
all my connections are local.
I think this explains whats happening
(initiate connections with other peers (known as local connections, or L), you are not able to receive connections initiated from other peers (known as remote connections, or R). When you are not able to receive remote connections, this is nearly always to do with incorrectly forwarded ports, from your router or firewall.)
Mind the way the torrent scene is at the moment its probably
going to be unneccesary!!
Can you help please

Best

barney


cor - 21.12.04 2:17 am

ahhh, your bittorrent connexions! right! well, I've been torrenteering pretty much since BitTorrent appeared, and although I've noticed that (in a few clients) you can get this information; whether a peer is "local" or "remote"; it's never been a factor. If you can get a green light, good upload speeds, then everything is just fine!.

I'd always imagined the L/R thing meant, local; we are directly connected to a peer, or, remote; we are indirectly connected to a peer (as your box can only directly connect to so many peers). or something like that. I haven't really thought about it much.

What is seems to mean is, local; I connected to them, and remote; they connected to me. I usually have a mix of both; the linux distro I'm grabbing right now is mostly local connexions, and coming down (and up) very quickly, so this definitely ain't broke! If you use the rules from this page, you should have green lights all the way.

You may have noticed that grc.com now does custom port scans, so you can easily check your incoming connexion capabilities..

Fire up a torrent, check which port it's using for incoming connexions (in the "advanced" page if you have one in your client, or by doing a netstat or some other app(lication) that can display your listening ports), and then scan that same port from grc.com. just enter the port number into the text input between the two silver bars for the "User specified custom probe". pretty neat.

Ideally it will show "open!" Failed! Although in our case of course, it's a success!

;o) Cor


barney - 21.12.04 9:47 am

Good Morning cor
Thanks for that checked out 6881
while running Bitcomet Gibson says
port fully stealthed. Health says 800%
(I assume this means the same as a
green light)download speeds significantly
lower than uploads all connections are L
no R,s when I used to have a mixed
collection before stealthing.
Heres a doozy for you, switched of my
router during the past two nights.(hot)
When I restarted and checked the IP filter
instead of just the 4 rules 5, 6881, 6346
and 50000 it had generated rules 10,11,
12,31,32,50,51,52,70,71,72,90,91 and 92
after correcting after the first night I also
changed passwords in case BT had, had
a peak.What has happened? any ideas?
Thanks again

best

barney


cor - 22.12.04 5:57 pm

damn! I knew there was something I forgot to post when I killed forefox last night. 30-odd open tabs and too much bloody shockwave flash.. och, just eff off will ya! oops.

erm. Stealth is BAD! at least for our BitTorrent ports. We're looking to have that port WIDE OPEN!

First, ensure that really is the port on which you are currently accepting connexions. It changes for each torrent, some clients even "randomize" the incoming port, so you need to ascertain that immediately before testing. or is that "assertain"? smiley for :ken:

I don't know what 800% health is, sounds like Duke Nukem! It's a client-specific thing, for sure. On my peecee I generally use BitTornado, the bittorrent client formerly known as "Shadow's experimental BitTorrent client", an interesting fork from the maim BitTorrent source. It has a traffic light system for reporting torrent health, which I like a lot.

I too experienced the router's automatic rule creation just the other night. I'm guessing it's something in the BT firmware. Perhaps an unofficial firwmare flash would resolve. At any rate, so long as your own rules, partcularly the last one, are still in place, these automatic rules not a problem. They just clutter up the page a bit.

keep 'em coming!

;o) Cor


cor - 22.12.04 6:04 pm

by the way..

if you use a peecee for your torrenteering, especially if you use BitTornado, you might want to grab this.
As well as the cool concept menu customisations and icons, etc, you get my own custom traffic lights!

have fun!

;o) Cor


cor - 22.12.04 8:37 pm

I think I may have found out why emule craps-out all your other internet applications, at least a possible cause, for Snoopy, and others..

Apparently, XP's SP2 update limits the total number of tcp/ip connexions on your machine. some say this is to curb p2p usage, others a "security measure", but whatever, the maximum number of simultaneous connexions, even half-open connexions per port, is now TEN! one zero. yup.

you can get more info, and a patch, here. I haven't tested this. let me know if it's useful.

for now..

;o) Cor




jay - 22.12.04 11:57 pm

hi i have followed your rules and im still gettin yellow light and crap speeds on bittornado, i used to have a xoom router and never had these troubles? any chance of some help?


Country - 23.12.04 10:29 am

I got this router and a BT adsl link. I'm suprised to hear you can connect the router to your LAN and all works well. My peecee connects to the router via a direct (ethernet) cable. When I try to insert my hub between the two, the router simply fails to connect. The hub (and router) connection leds tell me there's no connection.

Perhaps this is because I haven't set up any NAT rules yet? I do use static IPs, and (with the router connected directly - sigh) I can connect to the internet. But I have other puters to share the connection... so would like to connect the router via the hub.

Any ideas?

Cheers


cor - 23.12.04 8:03 pm

jay, if you have followed the rules, the firewall/nat rules that is, and you're still getting a yellow light it means one of two things. a) you didn't exactly follow the rules, or b) there's another firewall somewhere, maybe your operating system's built-in firewall. obviously, if your setup is different, different IP range, whatever, then you can't follow the rules exactly, but ensure the imporant bits are still the same!

to all; the grc.com custom port scan is an invaluable tool. use it! let's say I have allowed all incoming connections between ports 6881-6899. with no torrents running, and no nat rules created, the grc scan will show these ports not as stealthed, but as "closed". Adding NAT rules won't change this; they will still show as "closed". so far so good.

But as soon as you launch a torrent, you now have a "listening" service on that port, and the port will read "open". GOOD! Unless you can scan yourself and get "open" for your current torrent port, you can forget any hope of a green light/"remote" connexions. When I was first setting up my router, I must have performed dozens of such scans.

Country, your trouble all likley stems around that piece of equipment fondly known as a "hub". "connecting the router to switch box" and "connecting the router to a hub" are not the same thing! Relying on a "hub" is just soldering all your CAT-5 cables together and hoping for the best!

Get a "switch". These days network switches are dirt cheap. you often see them going on ebay for very silly money. A switch is a whole different breed of device from a hub. For a start, a switch knows the addresses of the devices connected to it, and routes incoming data to the correct destination, whereas a hub just sprays it everywhere.

Once you have a decent switch, you just plug the router into it, and let it do its job. I'm on record as saying my switch box was the most important piece of computer gear I ever bought, and that's totally true; myriad networking "issues" dissolved the day I installed it. (twenty quid, brand new from Maplins)

With a well setup router, and a good switch, your ADSL is truly "always on" and you just add as many computers as you need! If you run out of sockets on your switch, simply connect another one, and another, and so on, ad infinitum.

Dump the hub, get a switch.

;o) Cor


anonymous - 25.12.04 1:43 am

Hello, noob here

Anyone know the right settings to setup the BT Voyager 205 Router so I can use my comp as a Ftp server ?

Thanks to all that can help


cor - 26.12.04 6:15 pm

hi noob,

I haven't tried this yet, but I reckon if you open ports 20 (ftp control) and 21 (ftp data) you should be good to go.

If you want to allow clients to use "passive" FTP, you'll need to define a port range for that (probably something high in the tens of thousands) and create another rule for that range. Remember to set the same range in your ftp server software.

Also remember to create router NAT rules to route the traffic to whatever machine the ftp server is running on. With any luck, one of the 205's ALG's might kick in and work in reverse!

Let us know how it goes.

;o) Cor


anonymous - 26.12.04 7:54 pm

cor, Thank you so much for the reply.

I had no problems to setup a ftp server before only just sins I got an ADSL with a router.

I know how to setup a server with ftp server software but what I dont know is what the right settings are to create router NAT rules and how to open the right ports for this ?





ash - 27.12.04 11:56 pm

hi
im goiong crazy... trying to use my playstation 2 through my voyager 205 router to play online tiger woods 2005... but.. i cant connect to all other bt users and some other network users... the manual mentions about data ports UDP 3658/3659 and UDP 6000/6001 .. can anybody please advise me on what i can do... have been on phone to bt and they not much help .. many thanks


cor - 28.12.04 3:33 am

noob, the firewall and NAT rules on this page (for instance, the BitTorrent rules) should work just fine, simply alter the port numbers to whatever you need. if that doesn't work, get back here.

ash, I know that you can use a playstation 2 to watch DVD's, that's about it! If it were mine, I'd probably start by assigning a static IP to the unit, and then putting that IP into a DMZ, or "DeMilitarized Zone". This is an unprotected zone, especially for servers and consoles.

I'm guessing there's some kind of network setup in the PS2? perhaps a separate disk, perhaps part of the game, dunno. but if you can get the PS2 to have a static IP, it's a piece of cake to throw that IP into a DMZ rule, even with the router's web interface. ( Advanced >> IP Routing )

You may also need to create a firewall rule to allow all UDP and TCP traffic in and out of the DMZ; put it late on in your ruleset, after your regular rules and before the final rule, and simply allow everything, officially, the ports you need for the new Tiger Woods, are.. 0 - 65535 smiley for :lol:

anyways, once your PS2 is (un)safely in the DMZ, all your games should work without further tweaking.

have fun!

;o) Cor

ps.. the DMZ is ONLY for games consoles and highly secure Mac OS X/BSD type serving rigs, don't be tempted to put your regular peecee in there unless a) it contains no personal/private/suspect data whatsoever (basically, anything you don't want the world to see) and b) isn't connected to any other machines that contain personal/private data. For a purely games-only rig, though, it's an interesting option.


barney - 28.12.04 6:33 pm

Go on Cor give us a Janet And John
with pictures how to set up a
games consul please

best

barney

betty says hi



Alex - 29.12.04 3:31 pm

I want to have a web server (there's no problem here), but when put my dinamyc ip (Ej. 200.121.39.29), it is the router modem direction, I want to redirect all incoming requests to my machine http://192.168.1.2:8080.

I hope someone can help me...

Regards


Paul - 29.12.04 5:38 pm

what a great xmas present finding this site was.
Ive been trying to get Green Lights on my bt client for weeks, nothing but slow downloads.
Ive used your nat mapping rules, but still got yellow.
I opend the ports in Kerio Firewall, still yellow.
Tryed patching tcpip.sys to allow more tcpip connections, and could not get any internet activity. put original Tcpip.sys back, and at least use my broser again. Looked at my Localarea connection properties and found a firewall hiding under the advanced button. where the heck did this come from? disabled it and, WOW, GREEN all the way. Now getting max download speeds. I can use the grc.com port scanner to watch the ports open and close as bt need them, bill. i feel like ive got control of my PC at last. Thank you, ive learned SOOOO much from this one page.


Paul - 29.12.04 5:41 pm

PS.
I had SP2 installed, and uninstalled it, back on SP1 now, maybe uninsaller leaves a firewall behind?


cor - 29.12.04 11:36 pm

PS2, as much as I'd love to give you a full-blown how-to on setting up a networked PS2, I don't have the hardware to test it out. I had a wee scout about and I know that there's "Network Setup Disk" that comes with the PS2 (or perhaps it's optional) that allows you to set a static IP on the PS2. From there, you're on your own, though there's enough probably data on this page to figure it out.

Of course, if someone were to send me a PS2 ...***

web server..
create ipf rule entry ruleid 8080 ifname public dir in act accept transprot eq num 6 destport eq num 8080 seclevel high medium low
create nat rule entry ruleid 8080 rdr prot num 6 lcladdrfrom 192.168.1.2 lcladdrto 192.168.1.2 destportfrom num 8080 destportto num 8080


That would work. It assumes your public address also uses port 8080, in other words, folk use that to connect to your web server. (ie. they type http://your.address:8080 into their browser) I'm fairly sure it would be possible to have incoming regular web connexions (just http://your.address ) routed to your local port 8080, too, which might be preferable.

Those two rules (except with port 80 instead of 8080) work great for me, though. (I tested this the other night, toying with a back-up for my very shakey web host). So long as you give folks the correct "public" address (remember you can use the 205 to do your Dynamic DNS for you automatically) they should get to your server just fine.

I'm guessing you are using an original viking voyager as you are in Latin America. The commands should be the same, though. Have fun!

SP2, thanks Paul, there sure is a lot squeezed into this page, so much that I'll probably need to reorganise it before we're done. Anyways, although windows XP SP2 seems more focused on security, the XP built-in firewall is a "feature" of even the original XP, and is best disabled altogether using "services.msc", the windows service control centre. (enter that at a run command (win-R) or go into "Administratve Tools" in the Programs menu - the admin tools sub-menu can be activated from the start menu properties, btw. *phew*)

If you need a local firewall on your windows machine (and with the router setup correctly, you really don't) I recommend ZoneAlarm (preferably pro version). The only reason I can think of running a local firewall behind a secure router is to prevent outgoing connexions, and there Zone does a great job. The XP firewall allows all outgoing connexions by default, and this can't be changed. syat.

;o) Cor

references:

1:
Yeah, I'm serious! Also send a networkable game!


cor - 30.12.04 7.12 am

pdf protection update!

I have removed the protection from the two pdf technical manuals. You can now copy the text to the clipboard, drag-and-drop into your telnet session, etc, etc, just as one would expect from a technical manual. I mean, what was going through their minds?

If anyone has a problem with this, feel free to be ignored at the usual email address.

;o) Cor



anonymous - 31.12.04 1:35 am

cor:

How can you list the rules & rules information saved on a 205 through the cli?

Thanks


cor - 31.12.04 7:06 pm

answer: use the web interface..
Advanced >> System >> Backup Config

tada! note, what gets saved will be the commands at the last commit or "save" from the web interface. If you make changes, remember to commit before you save the backup.

I'm repeating this information because I only just found out that you need to commit before you save, if you want your new changes in the file.

okay, I've got some drinking to do.
have a merry one!

;o) Cor



Alex - 01.01.05 1:22 am

Hi again, thanks for your answer, I've created the rules
like you suggest me, but when
I try to connect (Ex. http://200.107.153.111:8080) it gets
an error, "Connection refused" and if I put
http://200.107.153.111:XXX (XXX, is the port for modem router's web interface administration) there's no problem, Throught
web interface, I saw that Operation Status is in "red",
it doesn't display like the image you show up there (Operation
Status in green).

This are some screenshots

an image

an image

I get my current ip throught this test site

I wait your answer, I've been trying for a while but as you
can see, without any positive results

Regards


cor - 01.01.05 2:41 pm

okay, first the red lights.
don't confuse the operation status red/green lights that we see in the router web interface (above) with the red/green lights in BitTornado, which we were discussing earlier.

the reason your operation status lights are red, and mine are green, is because you have no security level set. or rather, it is set to "none". this is how it works..

there are three security levels, four if you include "none", which equates to "off". when you create rules, you can assign a security level to that rule, the idea being that you can switch between different security states. rules which are active at the current security level are green, this which are inactive (though may become active if you increased the security level) are red.

in reality, almost no one will need or use this, and it's best to just create rules that are active in ALL the security levels, and then it doesn't matter which security level you choose, they are all the same, thereby reducing this tedious functionality to a simple, sensible on/off switch.

your firewall is off. that is why the rules are inactive.


now your web server..

Assuming you are still at the IP you used to post here, attempting to connect brings up a password login box, and when I cancelled it (after trying a few standard passwords, of course) I got a "Protected Object This object on the RomPager server is protected" which some routers will throw at you after you enter the password incorrectly many times, so I probably wasn't the first to try! (there's no such thing as a "secret" webserver)

I grabbed the raw source code, from that I figured out what modem it is, and then I checked the manufacturer's website and got the default user/password combo, and I am, at this very second, looking at your router configuration page!!!.

get some security!

then remove IPF rule 5, it's messing things up!

;o) Cor

ps.. I also successfully opened a telnet session!





cor - 01.01.05 2:45 pm

another thing..

you'll need to disable the WAN access for web/telnet/ftp. not only because it's crazy insecurity, but also the web interface would most likely over-ride your efforts to route incoming web traffic.

;o) Cor


cor - 01.01.05 2:48 pm

hey! it's my page! I can post as much as I like! smiley for :lol:

another thing, you need an outgoing firewall rule at the top of your ruleset. maybe that's what rule 5 was trying to be, but wasn't. check my examples above.

I'll be back..

;o) Cor


Matt - 02.01.05 4:09 am

Hi Cor :).
I cannot seem to get any p2p filesharing programs to work with my voyager 205 modem, despite following the instructions listed here. I tried opening UDP and TCP ports on both the web-interface and through telnet, using various ports and specifying them within the p2p program, but i am still unable to search files/transfer files. Also, i am unable to play certain online games since transferring to adsl from cable. Could you possibly talk me through how to open ports to allow p2p programs such as ed2k and direct connect? once i get the just of it i should be fine.
Thanks in advance!


PapA - 02.01.05 7:29 pm

@cor

I notice with your examples you've managed to delete the default ipf ruleset, more specifically rules 10 thru 92. Have you managed to make this permanant (survive thru reset/reboot) and if so how?
Have tried deleting these via the http and telnet interface but when issuing commit/save the router throws back an internal system error.
Tbh not sure where this ruleset is actually created from, but it's definitely not the commitedcfg.cfg or the TEFacs.dat.
Any insight greatly appreciated.


Duffus - 02.01.05 9:26 pm

cor:

I'm trying to create rules so that Apple's iChat AV traffic can pass in/out of the Voyager 205 from/to a number of Macs on the inside with static IPs.

For outgoing traffic I have entered the following into the Voyager cli for one of the ports:

create nat rule entry ruleid 5 rdr prot udp lcladdrfrom 192.168.1.50
lcladdrto 192.168.1.60 destportfrom num 5060 destportto num 5060
lclport num 5060

which results in the following from the web interface:

NAT Rule - Detail

NAT Rule Information
Rule ID: 5
Rule Flavor: Virtual Server
IF Name: ALL
Protocol: UDP
Local Address From: 192.168.1.50
Local Address To: 192.168.1.60
Global Address From: 0.0.0.0
Global Address To: 0.0.0.0
Destination Port From: 5060
Destination Port To: 5060
Local Port: 5060

Does this look right to you? Is there any need for the "lclport num 5060" entry or is that superfluous?

There are a number of ports to open for outgoing packets (5060, 5190, 5297, 5298, 5353, 5678, 16384-16403) but I'm confused by Apple's terminology; they refer to "internal source ports" & "external destination ports". The ports I've mentioned are internal source ports & the external destination ports are 1024-65535. How should these be configured in the Voyager?

Lastly, for incoming packets I need to open the opposite; external source ports 1024-65535 & internal destination ports of 5060, 5190, 5297, 5298, 5353, 5678, 16384-16403. How are these configured in the Voyager?

Thanks for your time & enjoy the new year.

John


omer - 04.01.05 5:40 pm

hi cor:
this is a great page, thanks for the information. I was actually dumping my voyager 205 and buying another router because of the lack of the technical information. I have a few problems with my router I wonder if you can help

1- when I open the router's config manager on IE6 I get the quickstart page, and clicking on any other links doesn't load anything, I tried netscape nav, worked fine, but after a while the dsl overview doesn't load (clicking the link doesn't do anything)

2- can the router log any activities, if yes where can I access those log files.

3- the router is connected to a switch with 3 computers 192.168.1.4 - 6, sometime when I reboot two simultanously the router hangs up with all lights on, or when I reboot to a different OS (I have dual boot on all pcs) the router disconnects from BT (i.e when I open the config manager the quick view displays username and password to connect) this is particularly annoying because whenever the disconnects I get a different ip address from bt, but i want to keep connected as long as possible

Thanks for your help and the great webpage


cor - 04.01.05 6:16 pm

Matt, hopefully my new recipes page (see new links at top of this page) will have your answer, but more likely, you have another firewall somewhere, like the XP built-in firewall. check that.

PapA , no, I haven't managed to make it permanent, like I said above, it seems to be something in the firmware, perhaps a firmware flash would fix it.

Having said that, it doesn't put back all the rules, just some of them, and they are quick enough to delete in a telnet session if you really want to (I do!), and leaving them in would do no harm, either.

My router has been on (and connected) for over two weeks, though, and I don't envisage rebooting it, ever! Well, if I can help it.

Duffus, you got some fun ahead!

okay, firstly, you do not have to configure for outgoing packets, the first rule takes care of that, thanks to the "stateful inspection"

The ports you need to configure for incoming connexions, are (as far as I know, I don't unse iChat)..

5060 (UDP)
5190 (TCP) file sharing
16384-16403 (UDP) video conferencing

Just how specifying a range of local IP's for these services is going to work, I have no idea. This facility is really for sharing load across web servers (and similar) and works in a round-robin fashion. It's unlikely that this will make for successful iChat for multiple clients, but possibly the stateful inspection will compensate for this. test test test.

the lclport is usually used to translate incoming requests from, say, a web client connecting to port 80, to a private server at, say port 8080. you shouldn't need this.

Lastly, consider using ALG rules for iChat, for instance the NetMeeting ALG might be useful.

omer
1. the ie thing; sounds like you have a local firewall with "javascript protection" or similar funtionality. check that and disable. or use another browser.

2. yes, you can send the log output to a log daemon running on another machine. see above for clues.

3. highly unusual. I reboot my machines, plug and unplug them (even unplug them all from the switch), you name it, the router never waivers. It can connect to the net by itself and doesn't need any computers to do its stuff. Hmm.. make sure your USB cable isn't plugged in anywhere!

for now..

;o) Cor

ps.. check the new links at the top, I'll probably add to these as we go along.


PapA - 04.01.05 11:20 pm

Thx for that, I have a spare router so might try one of the firmware releases on the solwise site, hopefully this might replace the <sarcasm>amazingly detailed web interface </sarcasm>, if it actually works smiley for :D



cor - 04.01.05 11:51 pm

I, for one, will be most interested in the results of that firmware flash!

See, with the 205 being my only broadband router, I'm too chicken to go messing about with its firmware, so PapA, you da man!

Go for it!

;o) Cor


PapA - 05.01.05 12:06 am

Don't try this at home kids ;)

I now have a new paperweight smiley for :D

Like I say it was a spare and more importantly a cost free spare.

Pheeeew.


cor - 05.01.05 12:39 am

It will make a fine paperweight, I reckon. smiley for :lol:

och well, it proves a few things; bt suck, you are brave, my intuition was right, erm, what else? oh yeah, unnoficial firmware is a Very Bad Idea! Don't try this at home kids!!!

Have you tried the reset switch? (the one that needs a pin to push) might be worth a shot. there may also be a way to get the original firmware back in, too, maybe connecting it to another 205, or something. erm.

you may want to send that 205 to me! as a sort of experimental test unit, ye never know..

;o) Cor


anonymous - 05.01.05 9:33 am

hi there cor i wonder if you could help me with a problem i'm having....

i have bt yahoo broadband (1MB) with a BT Voyager 205 ADSL router..i
read your excellent and detailed guide and have applied all the
principles to my router.....here comes the problem.
i've uploaded a shedload but downloaded next to nothing... i'm using emule and i have a high id in the server info bit and i have two green arrows on the little world thingy.when i use the port tester on emule in the preferences/connections section i get two green tics saying that all is right with the world :o) also when i goto http://www.preinheimer.com/cgi-bin/connectiontest/connectiontest.cgi while i am running emule it says success! i just cant understand what i am doing wrong..

I Would REALLY appreciate some help on this matter as i am totally
stumped mate..
Thanks for your time ;o)
Coke


omer - 05.01.05 4:27 pm

hi cor,
I'm still lingering around your webpage, lots of info. I found some info about the logging in the ref guide pdf page 112, it mentioned the log can be forwarded to an ISP or LAN mail server I'm gonna try my ISP email until I figure out how to setup my linux mail server, let me know if you experiment with the logging before me, then I can save a bit of headaqe and concentrate on the linux mail server.

Another interesting thing about the router, it can do VPN (page 64). There is alot than I expected under that turtle's skin.


PapA - 05.01.05 5:19 pm

@ omer

The logging works although a little limited, if your gonna have it logging to linux, I'd recommend using syslog-ng, you can have the logs posted into their own file that way.
The PPP module will create a lot of useless spammage, in fact the only module to produce remotely useful info is WALL, keep in mind it is very limited.


omer - 05.01.05 5:37 pm

PapA
thanks for the help, I would be grateful if you can explain more please on how to get syslog-ng to interact with the module in the router, my router is 192.168.1.1 and my linux box is 192.168.1.6, I'm new to linux and haven't touched on the logging yet.
Thanks


PapA - 05.01.05 8:08 pm

Not a prob.

Once syslog-ng is installed, edit the conf file (usually found @ /etc/syslog-ng.conf)

Make sure the file has the entry:


source remote { udp(); };


This is to make syslog-ng listen on port 514 UDP for remote log sources and call its input "remote" (you could use something else: source voyager, source router - it's up to you)
In the destinations section, you'll need something like the following:


destination remote_mesg { file("/var/log/router"); };


In the filter section there's no real need to add anything.

Finally the last section:


log { source(remote); destination(remote_mesg); };


If you used somthing else for the source name, don't forget to change the source name on the line above.

Restart/start syslog-ng and it **should** be ready to log.


On the router you'll need to start it sending logs.

Use: get trace cfg
to see all available modules and their current destination.
Choose the mod(s) you want to forward to the logging box and use:

modify trace cfg module MOD syslog dest xxx.xxx.xxx.xxx port 514

then commit, syslog should now be receiving the logs.

There's also flow and level options for the trace, still trying to ascertain exactly what changes these make (modify trace cfg ?).






PapA - 05.01.05 8:19 pm


modify trace cfg module MOD syslog dest xxx.xxx.xxx.xxx port 514


The xxx.xxx.xxx.xxx being the IP of your linux box of course.

Almost forgot, if your using klogd to log kernel messages, comment the kernel log sections in syslog-ng.conf otherwise you may find you end up with no kernel logs at all (the 2 deamons trying to log the same messages can conflict).



cor - 05.01.05 10:19 pm

coke, sounds like your pipe's choked.

all uploads and no downloads usually means your upstream is saturated. try setting your max upload speed to around 80% of your upload capacity, should do the trick.

and hey! good work on the logging, PapA! real nice. If you figure out the filters (reduce spammage) that would be great, too. I haven't come across syslog-ng, so I grabbed the source, looks interesting, though was a bugger to compile, and refuses to work at all. I'll come back to that, hopefully soon. (I have a few hectic weeks ahead, so maybe not that soon)

Apart from the most basic things, I haven't really had the time to delve much into the inner mysteries of the unit, though you're right omer, this box sure has lots of tricks hidden up its sleeve.

I'll likely add a "tricks" page or something like that, and put these kinds of things on it, so do feel free to keep 'em coming!

;o) Cor

ps.. don't worry about the double-posts, almost everyone does it! I just delete them. no problem.


PapA - 06.01.05 5:01 am

Run down of modules so far:

IPF: Only outputs changes/inserts made to the IPF rulesets (all I've seen so far).
Example:

Jan 1 22:37:31 192.168.0.xxx IPF;8;42;INFO: Ipf_UpdateRulePtrList: successfully inserted RuleId 1010 in device = 16
Jan 1 22:37:31 192.168.0.xxx IPF;8;42;INFO: Ipf_UpdateRulePtrList: going to insert RuleId 125 in device = 16
Jan 1 22:37:31 192.168.0.xxx IPF;8;42;INFO: Ipf_UpdateRulePtrList: successfully inserted RuleId 125 in device = 16


WALL: Outputs when IPF/FWL rule condition met (dependent on minlogtime, doesn't output every rule hit).
Example:

Jan 6 00:08:46 voyager.home WALL;8;92732;IPF Rule Matched,Type: HTTP To Server,RuleId:180 ,062.253.032.xxx->192.168.000.xxx,Prot:TCP ,SPort:49454,DPort:80 ,Len:64 ,Intf: ppp-0,Act:ALLOW,VltCnt:4
Jan 6 00:17:28 voyager.home WALL;8;93255;IPF Rule Matched,Type: Int PKT ins,RuleId:1030 ,192.168.000.xxx->195.068.221.xxx,Prot:TCP ,SPort:32788,DPort:6667 ,Len:72 ,Intf: eth-0,Act:ALLOW,VltCnt:5842


TEL: Shows when telnet sessions are opened.

Example:

Jan 5 06:33:03 voyager.home TEL;8;29393;TEL_Server(): New Telnet session opened with handle 37.


SNTP: Shows attempts to sync time.

Example:

Jan 4 22:11:15 voyager.home SNTP;2;37;ERROR: Send Fail
Jan 4 22:11:20 voyager.home SNTP;2;42;ERROR: Send Fail


PPP: Stay well clear!!!
All it seems to output is:

Dec 31 21:14:52 192.168.0.xxx PPP;8;8966;PPP_Input(): LCP packet received.
Dec 31 21:14:52 192.168.0.xxx PPP;8;8966;PPP_LCP_Interpret(): Current LCP State: <9>. Input Pkt Type: <9>.
Dec 31 21:14:52 192.168.0.xxx PPP;8;8966;LCP_Open_State(): LCP Echo Req received.
Dec 31 21:14:52 192.168.0.xxx PPP;8;8966;LCP_Send_Echo_Reply(): Sending Echo Reply.

over and over again - makes big log files very quickly!!!

Will enable all of them (except PPP), and see what the others throw up at some point soon.


Omar - 06.01.05 12:51 pm

Hi there, I had an adsl modem,but I decieded to get a router to add my xbox to for online gaming,the problem is that I use a program called WinMX to get music files, but the problem is It connects as a secondary conection and not a primary connection like my adsl modem, the program requires a TCp 6699 incoming connection and a UDP 6257 connection, so that I can get faster downloads.

I was hoping you could send me some instrutions to get winmx running to its full service.

Thankyou



anonymous - 06.01.05 2:44 pm

How do I log on to my router remotely (from the internet)? If I try to telnet to the address on the ppp-0 I get the unauthorised access warnings etc. trying a browser to that address doesn't work either. I haven't changed any settings on the router apart from the admin password.

I want to be able to remotely log onto to my home computer via the internet.


omer - 06.01.05 3:18 pm

@anonymous
I think to enable internet connection to the router you need to enable WAN access for that type of connection, the problem with telnet is that data sent unencrypted over the Internet, since I'm too paranoid I won't recommend it and rather wait till the experts here sort some way to enable the router to do SSH.
With http access to the router's config manager, I don't think it's a good idea either, with bt you get this quick view where anyone can disconnect the router. And as cor mentioned earlier if you enable http access for the router you won't be able to link your IP to a webpage on you LAN if you want.

@PapA
Thanks for the detailed explanation, it's very helpful and easy to follow. I've checked my /etc folder and only found syslog.conf, so I'm assuming I don't have syslog-ng, but I will try to download it, I'm running Redhat Linux 8 by the way.

@cor
ha, just seen a couple of double posts...
I'll likely add a "tricks" page or something like that, and put these kinds of things on it, so do feel free to keep 'em coming
I think this is a brilliant idea, you know I was reading the messages above and found your dyndns post, great stuff, now got my own domain name and it's working fine. You might be able to bundle that stuff together under one heading say "How to setup voyager for dyndns" or "Get voyager logging"


claire - 06.01.05 3:45 pm

hi i'm thinking i really need your help!! i obviously have the mentioned router and am having sooooooo much trouble with it its unbelievable!! firstly i use edonkey and i think the highest download speed i can get is about 15kbs which is obviously dodgy in its self! i also keep getting msgs saying port **** is unreachable and you have a lowid review network config! now to me this is way over my head totally!!!also my connection on the router does not last very long and all i get all the time is power and dsl lights static but when active the usb port flashes after a while will go solid meaning i have no connection! bt advised me to use the usb as the ethernet was not working for me at all.....please can somebody help me cos at the mo i feel like throwing the lot out the window!!! thank you xx


cor - 06.01.05 7:40 pm

woah! busy busy!

thanks for that PapA, I'll definitely be adding some of that to the tricks page when I get around to that.

Omar, WinMX is just like any other p2p app, don't be confused by the primary/secondary thing. Set it up exactly the same as eMule, except with the ports specified. Chose "Primary" connexion.

You DO NOT need a UDP connexion for WinMX, but if you can allow incoming UDP, it speeds up your searches, that is all. I just installed it and it works great, although the UDP test at the setup seems faulty; it said I wasn't accepting incoming UDP, but once I got past that and got WinMX running, it all worked fine, searches are fast (2000 results in a couple of seconds), downloads and uploads work fine, the first (random) track I tried came in at 105KB/s, so that definitely works!

anonymous, dude! use a name next time!

anyways, if you want to access the unit from the WAN (Wide Area Network - ie. internet) side, you'll need to go here..

Advanced >> Security >> Access Control

and check whatever you need; you crazy person.

Thanks for the input omer, that tricks page will be a handy resource when it's done. Some of these comments are dynamite, and a lot of these bits will end up in there, hopefully in meaningful sections.

claire oh gal! you sound at the end of your tether! okay, gotta get back to basics. First I recommend you scrap eDonkey, and install eMule instead. afaik, it lets you do everything eDonkey can do, and more. then check out the recipes page (link at the top of this page) for instructions on how to make it work.

But before that, ensure you've carefully read this page (maybe even twice!), there's tweaks for ppp timeout, and a few other things you'll likely find useful.

Some folks find telnet/shell access scary, but there's nothing to it, just login and tweak away! If you are running windows, get Putty (link above) which is way superior to the telnet built-in to windows.

I don't recommend using the USB at all. Like I said, the sticker is still stuck over my router's USB port, and that's the way it's going to stay! I know exactly nothing about configuring the router via USB, though I presume you can still use telnet/http interface, and I definitely recommend trying the ethernet again.

If it all gets too much, hop into my site chat (link under my almost invisible smiley in the toolbar), I should be around most of the evening.

have fun!

;o) Cor


PapA - 06.01.05 11:58 pm

MRTG working for the Voyager now smiley for :D

Will prepare a mini tut. and post it here later.

http://router.ssk-clan.ath.cx - to see the working example


cor - 07.01.05 12:07 pm

round of applause! smiley for :D

I've had those graphs running all night dude! reckon it's gonna be a new spectator sport, it's like darkstat for your router!

n1! looking forward to the mini-tut; certainly to be inserted in the yet-to-be-created "tricks" page.

next!

;o) Cor


omer - 07.01.05 4:05 pm

cor:
I was applying the stealth rules above to my router, but I play online games alot mainly unreal tournament 2004, do I need to define ipf rule for the game, if yes any idea which ports and protocol to consider
Thanks


cor - 07.01.05 9:06 pm

try here

;o) Cor



simon - 08.01.05 10:25 pm

Hi there all. Gee I am glad I found this....I have a 205 router and a really strange problem.....I cannot get into the advanced settings at all anymore after I moved house. I can use the net normally but when I go to use edonkey or shoutcast the whole thing freezes. Guessing I need to configure the ports etc in the advanced tab I ventured in on 192.168.1.1.....

But the damn box that allows me to log in as admin/admin has gone and when I click advanced, all it comes up with is '401 unauthorised'. My login for the net is correct but I cannot even gain any access to the features to play about!

Any help please I am going mad!


cor - 08.01.05 11:02 pm

hi simon!

login; unless you've changed it, the login should still be user: admin pass: admin. is that what you are using?

You can reset the unit (there's a wee hole in the back, you need a pin, or similar, to do it) and that would definitely reset the user/pass back to admin/admin.

My guess is your browser's automatically logging you on with the wrong password, try a different browser, or, if possible, go to your browser's prefs and delete the login info for 192.168.1.1

If it's internet explorer in Windows, you can disable the automatic login "functionality" in the "Internet Options" control panel (content tab, click "AutoComplete" button for options). try again with it disabled.

And of course, try a telnet session (in your shell, or if you are on windows, grab putty), and login. this will confirm definitively whether the pass has been changed or not, and it's a better way to play with the router, anyway.

let us know how it goes.

;o) Cor



simon - 08.01.05 11:21 pm

thanks for te quick reply. Really weird this one. I have already turned autocomplete off, and reset the router. The user/password box is just simply not appearing anywhere so I can't put the admin/admin names in anywhere.

Any ideas?

Thx


cor - 08.01.05 11:39 pm

I think there's something about this further up in the comments. possibly a firewall (or similar "security" software) is altering the page, as some do, removing javascript elements, that sort of thing. the bt web interface relies on this stuff.

have you tried another browser, like firefox?

And what about telnet? does that work?

;o) Cor




omer - 09.01.05 5:45 pm

simon, cor
Today is the happiest day in my life, I told you I had a problem with my voyager config manager web page, it loads, but then none of the links seems to work. I tried IE6 , NS7.2 , FireFox 1.0 you name them and it worked sometimes and other times it didn't, and that really annoyed me so much, I tried installing the latest jave vm from sun, enabling disabling microsoft vm and nothing worked.

And today it turned out to so simple, it was a cache problem, the paged are cached and the browser is using the cached version. to solve the problem do the following:

Internet Explorer 6
Tools menu \ Internet Options \ General Tab \ In the Temporary Internet files select the settings button \ In the "Check for newer versions of stored pages" select "Every visit to the page" click ok and you are done.

Netscape Navigator 7.2
Edit menu \ Preferences \ Advanced \ Cache \ for the Compare the page in the cache to the page on the network: select "Every time I view the page" click ok and you are done

Mozilla FireFox 1.0
I couldn't find a clear option to set but I thought this might do
Tools menu \ Options \ Privacy \ Cache, click the clear button and then set the use up to 0kB of disk space for the cache.

simon
clear your cache and stored passwords and try, let me know if it works




cor - 09.01.05 10:15 pm

nice one omer!

hey! that's the default setting! (and definitely recommended, always) you must of been messing around with it! It's a good call, though, will remember for furure reference.

;o) Cor


Chris - 09.01.05 10:40 pm

Hi - hope you can give some advice to a novice - just set up the 205 to one PC fine - as it was replacing my previous cable BB I was hoping to use my existing router (Safecom 4 port) for my 4 PC home network until I realised the 205 was itself a router not just a modem. Of course it dosen't work when I put my router in after the 205 (Ethernet). I guess I can't use the Safecom as a simple switch can I? I saw your mention of a switch from Maplins which might do it. Can you give me any more detail of the switch and will it allow my PCs to share files between them as I was doing with the Safecom?
Many thanks for your time.
Chris


omer - 10.01.05 1:07 am

Chris
http://www.maplin.co.uk/Module.aspx?ModuleNo=34826&TabID=1&source=15&WorldID=4&doy=9m1
This is the cheapest switch in Maplin £24 and connects up to 4 computers and share files, you connect the voyager 205 to the uplink in the switch and it can act as a gateway and dhcp server giving you LAN computers IP addresses dynamically if you want


Clarke - 12.01.05 1:39 am

Im currently having a problem with my router , i have forwarded my ports and am using BitTorrent . Now my problem was that it my internet disconected after about 15 minutes ranging to 3 hours.

So i did a little googling and found this :

Telnet into the router

Issue the following commands:

modify nbsize maxipsess 512

modify nat global udptimeout 10

commit

reboot

Edit: (issue reboot to router to make the change to nbsize effective - AND no it doesn't mean reboot your pc!!)..
currently working with the steam server lists

The default settings are maxipsess 192
allows a maximum of 192 connections to a single host (including LAN pc's).
the udptimeout 300 (seconds) holds connection open for 300 seconds before destroying it (if you have similar queries that require server queries over TCP there's also tcptimeout).
The dos protection also doesn't help with the default settings @ maxsinglehostconn 75 (75% of nbsize), but with the above settings there should be no need to disable dos protection.
Have a play with the settings, should be possible to get a nice balance between allowing server list to update and maintaining an effective dos protection.

Now it still disconnecting and at times doesnt re-connect like before.

Clarke


cor - 12.01.05 2:24 am

clarke, the stuff you need is on this very page! apart from the nbsize tweak, try these (also from this page)..

modify ppp global keepalive enable
modify ppp global pppsesstimer nevertimeout


The stuff about server lists and UDP timeouts, dunno what yer on about. I'd leave the UDP/TCP timeouts alone (all my stuff works great without touching that), and what server list are you talking about? (gamers!) And what does the DOS protection have to do with this? :confusled:


Anyways, while I'm here...

I noticed the port probe is starting to get a lot of action now. good.

I noticed a few port 80 scans, too, and thinking I may find some juicy new dynamic websites, I loaded the IP's in my web browser.

In each case I go the user's router configuration. and in each case the default user/password were still in effect. not good. WAN access is okay. Default user/pass is okay. BUT NOT BOTH! *sheesh*

Fortunately, for you guys, I'm not the sort who would do anything nefarious with such access, but some would. Please disable WAN access on your routers!

you have been warned!

;o) Cor


Clarke - 12.01.05 10:23 am

well i originally got that stuff from :

http://forums.steampowered.com/forums/showthread.php?s=&threadid=187451

Just popped up and sounded similar to some problems i had.

Clarke


Chris - 12.01.05 12:05 pm

Hi, has anyone ever experienced having problems seeing the advanced options. I have cleared cache and passwords to login to the advanced options and i still cannot see the pages. The links come up at the left hand side but the main page does not change to the options for that selection. Have tried resetting router etc with no luck, any help would be great, thanks in advance, chris. ;-)




barney - 12.01.05 12:12 pm

Chris
Having experienced the problem I always turn my software firewall OFF before I try the advanced links then click through all options
it always seems to do the trick you just have to keep clicking!

best

barney


Chris - 12.01.05 12:30 pm

Thanks barney, will try when get home. oops ;-( posted question twice by accident... sorry.


Chris - 12.01.05 7:56 pm

Hi Barney, i turned of all firewalls and windows firewall, and lowered security of internet options to lowest but still no damn luck. I can get in through telnet though but really wanted to do all my changes through browser (siigh) oh well, will keep trying different things tonight.


cor - 12.01.05 10:06 pm

Chris, forget the browser! If after clearing the cache (and setting ie to check with every page load, as above) and removing any software firewall javascript "security" features, it's still not working, screw it! Some changes can only be done in a telnet session anyway, so just install putty, and en-joy!

how's the disconnexion? still happening?

;o) Cor

ps.. PapA! you sure do get around dude! smiley for :D


Clarke - 12.01.05 10:26 pm

well im still having the problem i just reset modem and did only what you said but it still disconnects , takes a bit longer though i manages to get it to download for 5 hours today , but i was away so thats the least i knew it did.

ANy other ideas ?

Clarke


cor - 12.01.05 11:11 pm

hi Clarke

I'm surprised by the disconnexions, up until this evening (when I reset my router to test something out) I was connected, with the same IP, for over two weeks. And I work my router hard! I've got a minimum of four machines connected through it at all times, and it's usually maxed out, capacity wise; multiple torrents is the norm; so this seems strange to me.

I recommend you open a telnet session (using putty, of course, latest version), and leave it open. The reason is, if there are things wonking out, they will be reported in the telnet session. I often get this..

Wed Jan 12 20:00:49 2005 : WARNING : ATM VC Congested : Interface - aal5-0, Port Id=7, Vpi=0, Vci=38

..for instance, which, although indicative of serious overloading somewhere, doesn't cause any actual problems with the up/downloads, and I ignore it, but, you may see different error messages.

And if you do, you could post them in here.

;o) Cor

ps.. don't worry about the double-posting, almost everyone does it, I just delete them*

When I created the comment mechanism, I initially wanted the post creation to happen in a javascript pop-up, to prevent this very phenomena, but the hurdles and limitations were too great (for a start, not everyone has Javascript enabled), and so we are left with regular html POST.

Usually, when you refresh the browser it warns you that you are about to post the data again, all mine do, but I guess these days most folk just click everything without reading it first, and I guess that's why almost everyone has to use anti-virus software. I say almost because I don't. smiley for :ken:

pps.. As I have mentioned before, I keep an old 1940's paper punch on top of my voyager, which acts as a truly effective heat-sink. Also, my router (and switch) live right underneath my window; the coldest part of the room. could this be the secret of my voyager 205 success? 'scuse the mess, it's my workshop! ..

an image

references:

1:
I should mention, although extremely unlikely, it's not impossible that one day, I might re-save the comment file at the exact same moment someone else is posting here, and their comment would utterly fail. But we'll likely still see it, because, fortunately, most folk double-post! smiley for :D


Clarke - 13.01.05 12:49 am

Wed Jan 12 23:10:55 2005 : WARNING : ATM VC Congested : Interface - aal5-0, Port
Id=7, Vpi=0, Vci=38


as requested


cor - 13.01.05 6:11 am

aye, but are there any other errors?

keep it open! with any luck, if it reconnects, it should tell you why

;o) Cor


Chris - 13.01.05 1:05 pm

Thanks cor, figured out why the advanced options not coming up..
It was my nvidia A8N-SLI motherboard firewall, forgot it was there, had turned of mcfe internet security and windows firewall but security centre still said firewall running wich led me to that. Perhaps i should use one or the other and not both. Hey, got e-mule working last night with your port forwarding examples, ;-). My next job is when my wireless adsl router comes today, going to try and link that up to it though i understand it could be quite a job. Thanks and keep up the good work, i would be eating my wrist by know if this page did not exist. lol


cor - 13.01.05 2:04 pm

Great news Chris! It's all good, hell even claire is getting 120KB/s downloads in WinMX now, just shows ye! smiley for :lol: I've done some reorganising up top, hopefully things should be even clearer! *dead-pan grin*

You're right about the firewalls, running two firewalls together is a definite no-no, and can paradoxically lead to a decrease in security! To think, only a few short years ago firewalls were toys of the elite, now the buggers are hiding everywhere! Seriously, I've worked on machines with three firewalls effectively running, and the user blissfully unaware of all of them!

With the router stealth rules in place, you don't really need a local firewall running at all, unless, of course, you're the sort who likes to keep an eye on outgoing connections. I do, at least on my peecee.

As for the WiFi, sounds like you're stepping out of 205 territory. I know folks have had success simply plugging WiFi access points/base stations into the 205, apple airports and such-like; at any rate, methinks the mileage variables are going to be well stretched! But if you get the thing talking to the 205, do share!

Talking of wrists, I gotta rest mine, RSI is becoming a real threat! for now..

;o) Cor


Mackila - 13.01.05 3:01 pm

Hi Cor,

Do you know the software date release of the latest Voyager 205 firmware ? Do you think it could be used with HwVersion 810012 ?

Here are some software I wrote you could use with the Voyager 205. Some of them have english translations.


cor - 13.01.05 3:45 pm

hey! cool tools Mackila !

I tried DM602GUI_english.exe, impressive stuff! All the functions seem to work perfectly, too, sure saves a lot of messing around in the shell. Perfect for total noobs. Many thanks! The statistics pages are also excellent. good work!

I only wish I could make the window bigger! I've got a lot of rules! (I achieved this with "ResizeEnable", but the results are less than satisfactory). I'll play with your other applications later on. If you like, I could host the relevant programs here, too, share some bandwidth. let me know about that.

As for the firmware, is there an update available? My router is: HwVersion : 810020, SwVersion : V1.1, and I'm not sure how a custom firmware (like the BT one is) would work in another model, we've not had much success with firmware, so far, the Solwise firmware update is a definite no-go!

Perhaps there's something more generic kicking around, a GlobespanVirata firmware update. If anyone has any information, drop it here.

ok, this time I'm really off!

;o) Cor


omer - 13.01.05 3:45 pm

hi cor,
I wondered if everyone here is subject to BT's 30Gbyte maximum traffic allowance for 1 month with their 1 Mb/s broadband.

I'm designing some php webpages on my LAN and I want to do some testing from an IP address external to the LAN, at the moment I disable LAN on one computer and use dial-up to get an external IP address. I was wondering if I can plug the router's USB into my second ethernet card and change the USB IP address to say 192.168.0.1 bearing in mind my routher's eth0 IP is 192.168.1.1, do you know if I can actually do that with the USB or it has to be in the same subnet as the eth0


cor - 13.01.05 3:54 pm

briefly (aye, still here!), the limit isn't in effect yet, so get them torrents going NOW!

For the webserver, just use a local address, it's all the same, really. You can't "loopback" with the Voyager 205, so unless you have access to a remote desktop (this works well), viewing the pages from outside could be difficult. Some sites online will do something similar for a page, but not much use for real testing.

check out the web server section for juicy details on creating your own spoof virtual internet within the confines of your LAN, along with cute "proper" host names. Usually this is all that's needed.

l*rz..

;o) Cor


omer - 13.01.05 4:38 pm

cor,
thanks for the reply, the webserver section is full of goodies specially the html to php really valuable tool.
what I really meant is an IP address external to my 192.168.1. subnet, I'm setting up two webservers, one normal on port 80 for LAN access and another one over https over port 633 I think! for external access and I was wondering if I can get the router to give me an IP address through USB, external to my subnet i.e. 192.168.23. so I can test that https is working for external access.


Chris - 13.01.05 7:28 pm

DM602GUI_english.exe where is the english version? i cant seem to find it?


cor - 13.01.05 7:29 pm

hmm.. well, the USB, by default, will have IP address 192.168.1.2, and if you change it to a different subnet, your LAN machines simply won't talk to it any more.

If I were you (which, as ever means; "if you were me"), I'd just ask someone else to test it for you. would probably save time.

;o) Cor


Verbal - 13.01.05 8:58 pm

Hi all,

I need some help. I would like to ask whether someone has tested whether it would be possibile run SIP Protocol behind Voyager 205.
This router implements Symmetric NAT (very bad for VOIP) and does not preserve port number. I've tryed with STUN protocol but it doesn't work with Symmetric NAT.

Can you give me some hint to configure properly the router with SIP Protocol?

Many thanx

Verbal


cor - 13.01.05 10:14 pm

Hi Verbal. Yeah, SIP works fine (almost) straight out of the box, at least for me.

I use BT Communicator to make calls to landlines (for free) almost every day. It's a SIP based service (as far as I know) and it works superbly.

No specific rules are neccessary, the first stealth rule, along with the global NAPT rule seem to cover it along with most other communications, the units' "stateful inspection" translating packets without problem. certainly, I've not had to add any rules manually, it just works.

Chris, try the "Outils traduits" link.

;o) Cor


Verbal - 14.01.05 1:02 pm

Hi cor,

thanx for your quick reply...another question...do you get from BT on the WAN interface of Voyager a static public IP address or dynamic....now I've disabled the STUN protocol in my SIP Client...anyway, as far as I know, the Vojager doesn't implement the ALG of SIP Protocol...or I wrong something??

Many thanx

Verbal


Country Bumpkin - 14.01.05 3:59 pm

Cor,

Interesting to see others are having disconnection issues. Yesterday I could connect to the internet fine, today it looked like the BT ISP was down. Eventually took a long shot and restarted the router, and hey presto all sprang back into life. I hadn't touched the config in days - and it still looked the same to me (I checked before restarting)

Incidentally, whenever I restart I always get 30 or so rules - even though I have (repeatedly) applied your stealth suggestions (I'm not running any net services so I don't need more than a simple client connection to the net.) In fact, I found that the outgoing rule (id 10) conflicted with one of the un-deletable BT rules, so every time my router powered down (eg from a power cut) I then had to reconfigure the router before we could use the internet again. I just changed the ruleid to 5 and now power cuts are not so fatal to our connectivity :-)

Has anyone else got the same problems "commit"-ing their rule set / permanently deleting the IP filter rules that ship with the box?

Finally, just for your info, I had little success buying a switch over Christmas due to my debit card being expired, and new one not yet activated. So in the meantime I figured out the problem with connecting the box directly to a hub. There has to be some hard-wired cross-over inside the 205 - which is why you can connect a PC directly to it using a normal CAT5 cable (not a cross-over one like you'd expect).

To prove my theory I modified an old ethernet cable I had, turning it into a cross-over cable. I connected the 205 to the hub, and hey presto - all is networked, and still running on a cheap and nasty hub ;-)

Will get a switch one day, if speed becomes an issue.

Cheers
Andy


Country - 14.01.05 6:38 pm

Sorry - should have read the latest before my comment on rebooting. You already covered it :-)

..If you ever reboot the router (or switch the power off), some of those automatic rules will be re-inserted. We are still looking for a firwmare flash which might successfully resolve this issue



Xxplosive - 14.01.05 7:09 pm

Been reading through your replies and it seems to make sense. Inve just got a bloody voyager 205 and i cant connect to xbox live becos my nat is at level 3. ONE PROBLEM! When i type 192.168.1.1 into the url box and press enter i get onto the site, i then click on advanced and type in the user name and password. BUT it then just stays on the QUICK START menu no matter what i click??! pls help!:'(:'(

Thanks


cor - 14.01.05 7:18 pm

Gr8 news Andy!

The disconnexions are going to need some investigation methinks. It's almost like a windows® machine, getting all choked up and needing a reboot. strange. The automatic rule creation we covered earlier, (spotted that!) it's usually less rules, though, I get maybe 10 or 12 appear. And rule id 10 is rule id 5! (look again!) and has been almost since I made this an HTML page, you must have been raking about some of the old text files onsite! smiley for :ken: Interesting thing is, I changed it to id 5 for totally different reasons!

Apart from those few automatic rules, everything else seems to "commit" okay, there are quite a few other automatic (non-firewall) rules, too, eventually we'll start offering rewards for locating a firmware update!

As for the hub, good call! The big difference is, a switch would immediately detect the router is crossed-over and reverse the pin assignment (with most switches you can use both types of cable interchangeably), so that makes perfect sense! And hey! speed probably already is an issue, it's just that you haven't experienced your LAN in a "non-issue" state! With a hub you get by, with a switch, you fly!

Thanks for the info, will add a note to the articles somewhere about this.

Verbal, true, there's no defined ALG for SIP, but for sure, the VoIP software I use every day is definitely SIP-based, and it definitely works. I've used Skype and others, too occasionally. No problems.

Some may remember the old speedtouch USB modems had a built-in ALG for SIP, useless. but as soon as you removed the ALG rule, SIP started to work!. I know there have been lots of router issues with SIP in the past (even with BT VoIP services on BT-issued routers!) but the Voyager seems to handle everything okay. Just try it!

I can't imagine BT, on the eve of its grand VoIP roll-out, would purchase zillions of VoIP-incompatible routers to give away with all their broadband packages. Mind you, they'd done stupider things.

;o) Cor


cor - 14.01.05 7:19 pm

Xxplosive, are you sure you read all the comments?

;o) Cor


Xxplosive - 14.01.05 7:39 pm

OK read through the top half again. Before i just skipped straight to the nat rules and tried to create one for my xbox, changing the port from 3074 to 3079. Should i have done stealth first or wouldnt it make much of a difference? If im missing something please tell me which bit to read:'(. Sorry lol.


Xxplosive - 14.01.05 7:56 pm

ARGHGHGHGHGGH Im so pissed off its unbelievable. Ive typed in EVERY code uve got on the page and xbox live still isnt coming on!!:@. I will love you forever n ever if you could tell me the exact commands and port numbers i need to connect xbox live to a bt voyager 205 512k! PPllleeeeeeeaaaaaaseeeeeeee


countzero - 14.01.05 9:05 pm

Hi there cor, I just thought I would add some comments to your excellent thread about the things I have done with my 205's.
First up I tried the solwise 101 firmware update and it definetly dosnt work :) one useless router. As to plugging in a 205 to a wireless router, it works fine when plugged into the wan port of my origo router. my pda works fine with it. I would be really interested in finding out if I can rescue my other 205 with a bt firmware update.
Keep up the good work
cheers


Clarke - 15.01.05 2:07 am

Ok Cor after 2 days of trying i get this

Sat Jan 15 00:20:12 2005 : WARNING : ATM VC Congested : Interface - aal5-0, Port
Id=7, Vpi=0, Vci=38

thats the only thing that comes up with putty , and the connection stil drops , so i was thinking of the heat theory you got , just placed 2 coke cans sideways on my modem , not got much else .

will report with its progress smiley for :D

Clarke


Clarke - 15.01.05 3:08 pm

Well , swapped 1 can for some chunky spanner and im downloading on the laptop with the ethernet not usb , and guess what IT WORKS , ill try with the usb later , or it could be the slow speeds currently 12kbps.

Clarke


^Coke - 15.01.05 3:49 pm

Hi Cor

I gave up trying to get emule to work and switched to Ares which has been superb,i have no trouble downloading at speeds of 120Kps and i upload at around 30 odd (not sure exactly), the problem i seem to have is that i will be downloading something then all of a sudden my connection seems to break and i watch my speeds drop until i'm at 0.00 on dl and ul,and i cant connect to the internet.. then i turn off ares,restart my pc, and then bam straight back to normaL DL speed and everything functions normally!

Its bizarre, sometimes it can happen after 5 minutes, sometimes after 5 hours its so random i cant seem to work out why its happening.. if anyone's got any idea's i would be grateful if you could let me know why this is happening.

i read through your guide again and applied these
modify ppp global keepalive enable
modify ppp global pppsesstimer nevertimeout

but it hasn't helped. Any ideas?
Thanks for your time


syslog - 15.01.05 8:23 pm

Hi all,
I am trying to get syslog working on a similar DSL modem. So far, all I can get it to log are telnet connections. What I am really intrested in are ATM events. i.e. when the modem goes in and out of sync. If I leave a telnet session open, it will spit it out to my session. But I would prefer if it logs it to my server. Anyone have any ideas ? I am guessing its something to do with the flow levels


$get trace cfg
Module Flow Level Type Destn Port
------------------------------------------------------------------------
ADET 0xffffffff 0xffffffff Syslog 192.168.7.2 514
ALG 0xffffffff 0xffffffff Syslog 192.168.7.2 514
ALPS 0xffffffff 0xffffffff Syslog 192.168.7.2 514
ATM 0xffffffff 0xffffffff Syslog 192.168.7.2 514
CDB 0xffffffff 0xffffffff Syslog 192.168.7.2 514
CIN 0xffffffff 0xffffffff Syslog 192.168.7.2 514
CLI 0xffffffff 0xffffffff Syslog 192.168.7.2 514
DCL 0xffffffff 0xffffffff Syslog 192.168.7.2 514
DDNS 0xffffffff 0xffffffff Syslog 192.168.7.2 514
DHR 0xffffffff 0xffffffff Syslog 192.168.7.2 514
DHS 0xffffffff 0xffffffff Syslog 192.168.7.2 514
DNSR 0xffffffff 0xffffffff Syslog 192.168.7.2 514
DSL 0xffffffff 0xffffffff Syslog 192.168.7.2 514
EOA 0xffffffff 0xffffffff Syslog 192.168.7.2 514
EW 0xffffffff 0xffffffff Syslog 192.168.7.2 514
FDL 0xffffffff 0xffffffff Syslog 192.168.7.2 514
FLOG 0xffffffff 0xffffffff Syslog 192.168.7.2 514

Thu Jan 01 21:07:21 1970 : WARNING : ATM VC Congested : Interface - aal5-0, Port
Id=7, Vpi=0, Vci=35
FTPC 0xffffffff 0xffffffff Syslog 192.168.7.2 514
GAG 0xffffffff 0xffffffff Syslog 192.168.7.2 514
GENP 0xffffffff 0xffffffff Syslog 192.168.7.2 514
HDLC 0xffffffff 0xffffffff Syslog 192.168.7.2 514
IPF 0x3 0xffffffff Syslog 192.168.7.2 514
IPML 0xffffffff 0xffffffff Syslog 192.168.7.2 514
IPOA 0xffffffff 0xffffffff Syslog 192.168.7.2 514
IPPK 0xffffffff 0xffffffff Syslog 192.168.7.2 514
LED 0xffffffff 0xffffffff Syslog 192.168.7.2 514
LMAN 0x1 0xffffffff Syslog 192.168.7.2 514
MEA5 0xffffffff 0xffffffff Syslog 192.168.7.2 514
MEAL 0xffffffff 0xffffffff Syslog 192.168.7.2 514
NAT 0xffffffff 0xffffffff Syslog 192.168.7.2 514
OAM 0xffffffff 0xffffffff Syslog 192.168.7.2 514
PING 0xffffffff 0xffffffff Syslog 192.168.7.2 514
PPE 0xffffffff 0xffffffff Syslog 192.168.7.2 514
PPP 0xffffffff 0xffffffff Syslog 192.168.7.2 514
RBTN 0xffffffff 0xffffffff Syslog 192.168.7.2 514
RIP 0xffffffff 0xffffffff Syslog 192.168.7.2 514
ROOT 0xffffffff 0xffffffff Syslog 192.168.7.2 514
RPF 0xffffffff 0xffffffff Syslog 192.168.7.2 514
SAG 0xffffffff 0xffffffff Syslog 192.168.7.2 514
SMTP 0xffffffff 0xffffffff Syslog 192.168.7.2 514
SNTP 0xffffffff 0xffffffff Syslog 192.168.7.2 514
SURF 0xffffffff 0xffffffff Syslog 192.168.7.2 514
TAG 0xffffffff 0xffffffff Syslog 192.168.7.2 514
TBM 0xffffffff 0xffffffff Syslog 192.168.7.2 514
TEL 0xffffffff 0xffffffff Syslog 192.168.7.2 514
TFTC 0xffffffff 0xffffffff Syslog 192.168.7.2 514
TRC 0xffffffff 0xffffffff Syslog 192.168.7.2 514
WALL 0x3 0xffffffff Syslog 192.168.7.2 514


barney - 15.01.05 9:06 pm

Hello All

Do not no if I am speaking out of turn here but anyway
when I first visited this site I was connected by usb and
even after I followed the instuctions correctly I still
encountered a lot of the problems everyone is experiencing.
Then cor pointed out that these instructions were specifically
for ETHERNET connections.Cor says he had never tested on USB
connections and had no Idea how these would work with USB.
I do know that USB drops connections frequently.
I reset my Voyager bought an ethernet card and followed the
instructions again and have had no problems since.
Hope I am right and hope it helps you all.

Best

Barney



Clarke - 15.01.05 10:06 pm

Coke^ , i did have same problem so now im downloading using ethernet , works great . No problems downloading 24hrs so far no dissconections. ive just taken the "heat sink" off well i did about 5 hous ao and still running strong . i dont see the disadvantage of udsb , but im just taking it as it comes.

Clarke


^Coke - 16.01.05 11:44 am

Thanks for the reply clarke
i've taken your advice and am now connected via etherlink to my NETGEAR FA310TX Fast Ethernet Adapter (NGRPCI) i appreciate the response and i'll let you know if it makes a diference.
just out of interest i reset my router and now i cant get off the first page, even after i enter admin and my password it shows the options of ip addresses ip routing etc but the section on the right stays the same displaying my sent/recieved/speed stats.. any idea why?


barney - 16.01.05 1:34 pm

Coke

youv'e got a software firewall on somewhere

best

barney


^Coke - 16.01.05 3:14 pm

Thank you for the reply barney
Your right that was the problem woks fine now =o)

thanks again


cor - 16.01.05 11:38 pm

well Xxplosive, First, apply the stealth rules. although simple (it's only two rules) they do much more than provide stealth.

I'm no gamer, and no one's sent me a an XBox (or anything!) to try some of this stuff out, but I reckon your best option would be start by assigning the XBox a static IP address..

In the Xbox Dashboard, set up like this:

Config: Manual
IP address: enter new address here. probably 192.168.1.100 or something
Subnet Mask: 255.255.255.0
Gateway: enter the IP address of your router, probably 192.168.1.1

In the Xbox Dashboard, navigate to DNS Server and set it up like this:

Config: Manual
Primary DNS: enter the IP address of your router, same as gateway (above)
Alternate DNS: enter a DNS server address here, see main article for two good ones

Some folk get things working with dynamic addressing, so you may want to try that first. At any rate, we'll need to know what you've done so far. applying all the rules willy-nilly is usually not the best way forward!

Clarke and ^coke, stick with the ethernet! barney's right, I don't recommend, nor offer any knowledge/support for USB connexions. USB modems are trouble, always have been. A proper ethernet connexion doesn't need extra system resources/drivers to get working, it "just works", and for any platform, too. connecting with USB is all disadvantages! And as you can pick up NICs (Network Interface Cards) brand new for only a couple of pounds, there's no reason whatsoever to use the USB!

The ATM VC Congested messages are an ongoing thing. I'm guessing it's something to do with contention. But so long as I can still get 120Kb/s downloads, they don't bother me. Someone might want to tell BT about them, though, maybe we all should.

countzero , brave soul! I do remember reading somewhere about an alternative way to apply firmware, but I'd have to track that down; my spare time is very limited (maybe in the PDF's). With any luck, BT themselves will release a firmware upgrade, and your router could be resurrected. Perhaps it's possible to dump the firmware from a working router, too.

syslog , really PapA is the man for this. He's going to be putting together a mini-tut about logging, so you might want to wait for that. If you find anything out in the meantime, though, do share, this is (mostly) unexplored territory.

Lastly, you may have noticed I reorganised things a bit up top (of this very very long page!), any feedback on that appreciated. The "tricks" page still isn't started yet. maybe next week.

for now..

;o) Cor



anonymous - 16.01.05 11:45 pm

exceptional site. i followed your instructions, they worked like a charm. outstanding.


ant - 17.01.05 2:17 am

I've been driving myself mad. Sorry I am new to this.I can not get WinMx to work with this router. I have followed your instructions. Have I missed something?
1. opened up a telnet session
2. stealthing the router by inputing the two comands
3. inputing the four comands (two firewall and two nat)from the recepie page for win mx
3. closed the telnet session.
4. tested with p2p probe. (6699-connection refused, 6257 - connection refused)

Help!



cor - 17.01.05 12:19 pm

ant, don't drive yourself mad, let us help! smiley for :lol:

Okay, first, check you have a static IP on your computer, and that the IP you used in the NAT rules matches that IP exactly. Then check again.

Also check you have no other firewalls running (unlikely; you would generally get a stealth result from the p2p probe in this case, but do check anyway, especially for the windows® built-in firewall)

Did you remove the extraneous firewall rules first? (the automatically-generated ones shouldn't interfere, but some of the default set may, and need to be removed, and replaced by the two stealth rules) And the new commands, they entered without error?

Lastly; wait a minute. Strange, I know, but more than once I've noticed that after applying new rules they don't seem to work straight away, but a minute or so later, they "kick in". Patience sure is a virtue, especially when it comes to networking.

;o) Cor


^Coke - 18.01.05 12:43 am

I took the advice of using etherlink instead of usb and it has not lost connection once or interfered with me using the internet while i have Ares running.I can say to anyone who is having problems with their connection dropping, to try this out as it solved my problems immediately.
Thanks guys for all the help i really appreciate it
Awesome site


Chris - 18.01.05 2:29 pm

Hey cor, my wireless ADSL Router arrived today, going to try out and let you know how it goes. Going to push the boundries to the outer limit by adding a phillips streamium (Wireless Media Streamer),XBOX and...... wait for it, a wireless pacific digital memoryframe. mmm, gunna throw a party if can get all working. Think i might change my job from computer programmer to technical department at this rate. smiley for :lol:


cor - 18.01.05 3:04 pm

go man go!

With a decent switch, I'd say it's doable. But I'm gonna be away for a couple of days, so all I have to say on the subject, for now, is.. good luck!1

;o) Cor

ps.. ^coke! glad you've seen the light m8! (I mean that ethernet LED, of course) btw, I tried out Ares myself yesterday, good stuff, yup.

references:

1:
I don't believe in luck


G402 - 18.01.05 7:17 pm

Fuckin dynamite tips mate, im running at least 5 times faster with bittorrent!

Much appreciated


Mick - 19.01.05 5:07 pm

How do I set up the Voyager 205 to allow connectivity to a WAN via VPN-1 SecureClient
Help!
Thanks


Ant - 20.01.05 1:17 am

Hey, Nice site by the way.. i am starting to understand... i think. Anyway, my question/problem is thus: I have a Voyager 205 and I need to be able to connect to a private company network using VPN-1 client over GRE (i guess). What I dont know is, do i need to crete a rule for ipf or nat.. or is this just not possible on this router. I'm sure I read somewhere thaht it allows VPN.. any ideas?


Stevie Fleetwood - 20.01.05 11:22 pm

Hey Guys,
Hope somebody can help, I need to access the advanced settings on my Voyager 205 so that i can configure it so that i can get rid of my low id on emule, but when i double click on "advanced" in the menu and enter my user name and password as "admin" it gives me the drop down menu, but when i double click on "ip Routing" and everything i click on doesnt alter my screen from the initial "quick start up" screen.
Its driving me mad. I am using the USB cable.
Hope somebody can help.
Cheers... Steve F


cor - 21.01.05 2:50 pm

heh, I think in my absence, the comment mechanism broke, I recovered yours Stevie, from my admin page. By the way, your question has already been aswered (above), more than once.

I think I'm gonna have split the comments up into pages, or something, there's just too of them! Which means almost no one will read the previous comments! *sigh* This page is way more popular than I expected it to be. so it goes. I'll hopefully code that up this weekend. Maybe hack something in, in the meantime. hmmm.

Mick, Ant, VPN, no idea. The Voyager 205 certainly has VPN capabilities, check the PDF's for details, particularly the reference guide. If I get some time over the weekend I could look into, but it would be better if you did; you can tell us if it works, too. I can't, I've nowhere to VPN to!

thx G402! k, gotta shoot-

;o)


cor - 21.01.05 2:53 pm

correction!
I have exceeded my site's disk quota, with COMMENTS!!! smiley for :lol:

now that is funny! okay, I deleted one of Karma's videos, sorree doggie-fans!

Now we got 3MB more space for comments!

;o) Cor


Clarke - 21.01.05 7:03 pm

Cor why dont make a FAQ for this smiley for :D , or are suffering from laziness ???

Clarke


cor - 21.01.05 7:42 pm

nah, I never suffer from laziness, it's completely painless!

seriously, I've been incorporating the answers into the main article itself, which is why there's extra pages now, "articles". I plan to do a "troubleshooting" page, too, especially for folks who can't be bothered to read all the comments.

Time is always a factor,
and sadly, no one here is paying for mine!

;o) Cor


prv.joker - 21.01.05 7:44 pm

Have tryed useing Telnet to accses modem

but keeps coming up as :login failed

have tried bith both my Pc and BT user names and passwords.

but it still won't let me in.
I am having prob's with online games,ie. multiplayer MOHAA/brk'throuh. When looking for servers the voyager 205 SUCKS,
It finds very few and most of them are very high ping.

Im trying to change the folowing as i have been told this will
work : maxipsess 512 nat global udptimeout 10

but cant get accses. PLEASE CAN SOMEONE HELP



^Coke - 21.01.05 8:09 pm

prv.joker..
user name : admin
password : admin
unless you've changed it yourself to something else and fogotten what.. :)


levitt - 21.01.05 11:31 pm

hi all

i am really struggling to set up the 205voyager, i need to open udp ports so that i can get a primary connections in winmx, any ideas please?


ant - 22.01.05 1:02 am

thanks for your reply. I am none the wiser though. How do I find my Static IP address? I have now managed to get a "conection timed our (probably stealthed" message when I probe the two WINMX ports/ At first i thought that was it, winmx seems to work, other users can access my computer and my files at a good upload speed. however after a few minutes or if i start to download, the connection slows down to a point that it disconects...

What are the extraneous firewall rules you mentioned? how do I remove them. I have simply stealthed and followed your Winmx Nat and firewall rules. Sorry if i sound like a complete dweep this is all new to me. please feel free to e-mail me directly. ant


prv.joker - 22.01.05 12:29 pm

Thanks people have got Telnet sorted


modify nbsize maxipsess 512

modify nat global udptimeout 10

commit

reboot

This work great for finding online multiplayer servers MOHAA/CoD/STEAM ect. The defult for voyager205 SUCKS
Also thanks to the lads at UK Broadband forums



prv.joker - 22.01.05 12:32 pm

^Coke- Thank man sorted


Jerry - 23.01.05 8:21 am

Good day ,
first of all thank you very much because you gave me the solution I was seeking for 6 months.I had a lowid at emule and now I managed to get the highid.I made a stiatc ip, configured firewall and ports through telnet, I have very good download and upload speeds but something very strange happens.I connect to e-mule, I'm having a highid but 10 minutes later the connection freezes for 2 minutes.After these 2 minutes it continues again with but with problems (connect,freeze,connect).
Any idea?
Thank you very much for your help.
Jerry


Jerry - 23.01.05 9:45 am

I solved the problem.I always had some alerts from my Antivirus that e-mule was trying to connect through port 25(ip 217.xx.xx.xx).I saw that at my advanced settings my ip (192.168.1.xx) was redirected to 217.xx.xx.xx. I deleted the rule and everything works perfectly.No lag with my connection, e-mule keeps downloading at high speeds.
Any idea what was that and how it may have happened?
Thanks
Jerry


pabloz - 23.01.05 11:37 am

Hi! I've got a big problem with this modem and e


Ant - 23.01.05 5:45 pm

ahhhhh.. VPN works fine now. The problem was that the ip of the Voyager (192.168.1.1) existsed on my works network... they have kindly removed this for me, and I can now connect fine. Though it is anoying that I cou;dn't just chage my routers ip address. The problem now is tahht Remote Desktop doesn't work (port 3389). I ano not actually sure how I shoudl configure this with "create nat .." Anyone know how to create a rule which would allow me to use/open port 3389?
Cheers


digitaldazz - 23.01.05 9:08 pm

I have read all of this site and setup my 205 - nee probs.
top notch advice mate!
I would like to know, however, if there is a way to add i.p addresses to the blacklist as this would be really effective against spyware. I have a list of i.p's i woild like to block?

Any ideas

Many thanks in advance!


sam - 25.01.05 12:29 am

your site was really helpful. not only have i now got p2p programs to work (only this site out of all i looked at that helped) but i feel safer now i've customised my router.

many thanks.


jet - 25.01.05 5:06 pm

Hi,

I use the BT 1 MB broadband service which came with the 205 router. Recently, I bought a Creative Webcam Live Pro webcam and tried to use MSN Messenger v 6.2 (and later in desperation v 7.0 (beta)). The video aspects are fine I can see the person on the other end of the line and they can see me. However, the audio is a complete failure: I can neither hear or be heard. I've tested the Webcam and microphoneand they are both fine ( it seems to work with BT Yahoo Messenger)

I have since learnt that this is due to an inherent problem within MSN messenger when used with NATs based routers. Anyway according to various sources on the net (e.g. http://messenger.jonathankay.com) that the solution is to open up UDP ports 5004-65335. Being a complete novice at this can you please explain in excruciatingly explicit instructions how I do this via the web based user interface that came with the router.

Do I need to open up ports in both the outbound and inbound direction?
Do I need to write some NAT rules as well?

If it is not possible to open these ports via the aforementioned user interface, then I suppose I shall have to use Telnet. If so how I do this?

Thanks in advance.

PS: This site has been very informative and one of the most helpful I've found Cor.


goozol - 25.01.05 9:43 pm

I can't open other menus (adwanced, troubleshooting) in this router menu. When I click to adwanced or troubleshooting menu, then I see always only:
Quick Start
This page is used to connect/disconnect to ADSL.
Connection Status
Online Time 0:43:3
Data Transmitted 447668 bytes
Data Received 3339326 bytes
Downstream Speed 576 Kbps
Upstream Speed 288 Kbps

Any idea?


anonymous - 25.01.05 10:42 pm

Thats this is the site i have been looking for!!!! BT technical line are useless!!!! I am ok on the portforwarding but the link above were it says click here for creating a static address is not working - whats the correct page anyone - i need to set up a static address for my games and P2P - i need step by step instructions like above on port forwarding.

Thanks a lot

Paul


cor - 26.01.05 3:44 am

hi

levitt, no you don't. check the recipes page.

Ant, Paul, and others, check the new link in the menu at the top of this page, or click this link for the step-by-step on getting a static IP address. The other link you mentioned *should* lead to one of the comments right here on this page, but some browsers don't do it properly. Of course, reading all the comments would also get you the information! Oh, and the "Extraneous Firewall Rules" are just the pile that come as standard with the router. Delete them all! Start the two stealth rules only.

jet, that's a HUGE list of ports to open, same as given here, a favourite source of mine. You may want to consider enabling UPnP on the router, though I haven't investigated the possible consequences of this because I've always simply equated UPnP with "Security Hole" and disabled it wherever I find it. Having said that, it will probably prove to be more secure than opening tens of thousands of ports! I don't use MSN messenger, believing it to be a "total pile of shite", but each to their own! If the UPnP doesn't work, get back here and we'll goto Plan B.

By the way, you never need to create outgoing NAT rules. Everything is allowed out, by default (first firewall rule)

digitaldazz, I don't think you can add IP's to the blacklist manually, though that certainly would be a very cool feature. Perhaps someone should mention this to Globespan (or whatever they're called this week). It would be possible, I suppose, to create rules for the individual IP's, though in practice this would be extremely tedious, and there is a definite ceiling on the number of rules you can create, anyway.

Jerry, sounds like your over-zelous antivirus got upset about eMule sending mail. At least it works now, and that is the main thing.

pabloz, looks like you got hit by my site quota, which should now be fixed. (deleting the 3MB video didn't help at all, seems I was very over-quota. log files, say no more.) Feel free to post again if you're still having troubles.

goozol, please start again at the top of the comments, this time reading them! If you are feeling lazy, just search the page text for "advanced", or something; you'll soon find what you need. That "troubleshooting" page is becoming a priority...

for now..

;o) Cor


Jet - 26.01.05 4:13 pm

Thanks Cor for the quick reply.

The only problem is its not obvious to me how one enables/disables the UPnP on the router. I know that the router supports UPnP (its says so on the product sheet and I've checked with BT)and have thus far been assuming that the UPnP is turned ON by default. I've turned on the UPnP within XP (home edition). Any suggestions as to how I can turn ON the UPnP inside the router?

Also, judging by what's written under the heading Internet Connection Sharing using ICS/NAT at http://messenger.msn.com/Help/Issues.aspx its not obvious to me that turning the UPnP in the router will be sufficient to solve the problem. From my browsing thus far the only sure way seems to be to open up the aforementioned ports. Can you tell me how I exactly do this and any accompanying NATs rules that may be necessary. I was messing about with the web based GUI for the router and think I know how to do it (by comparing it to stuff written on this site by your kind self), but am not at all confident that I've got it right. Your assistance would be much appreciated.

Cheers.


Ian - 26.01.05 5:23 pm

bt voyager 205 is infact a dynalink RTA500-D51. i opened mine up and that is what i found can provide pictures if needed but the label on the underside of the board cleary stated RTA500-D51 with bar code and number under that and then another label with the mac: address on it


Ian - 26.01.05 11:45 pm

a few more specs for you

BT Voyager 205 (aka RTA500-D51)
chipset: GS8120-174-008D (CPU+DMT), GS3780-174-001Z (AFE), ESMT M12L64164A 7T (64M SDRAM flash memory), ATmel AT45DB161B (GSV-VIKING), Realtek RTL8201BL 10/100MB Single-port PHYceiver



boff - 27.01.05 12:22 am

hey cor mate i aint got it all sussed yet but i just wonna thank you for this page THANX


boff - 27.01.05 12:44 am

actually if ya cud i cud do wi sum elp (as if u never saw that comin)
ive been reading the posts and the origional instructions and i cant seem to figure out how to forward a port range to my pc (its probly obvoius nd i aint read it right but for example after i have logged into telnet with my usname and pass how do i create a rule to forward ports 49001-49010 ip 192.168.1.3 for both udp and tcp
i can create the rules fine with the default interface but only for one rule a simple example will suffice and then i can adopt that as a template for other rules in the future


cor - 27.01.05 2:27 am

Yo! smiley for :D

Jet, aye your right, UPnP should be enabled by default. You can check by issuing (in a telnet session) ..

get upnp cfg

It should report "Next Boot Status : enable"

or something like that. You say the video works fine, so I'm guessing UPnP is enabled, and perhaps creating rules for only the audio would suffice, so we'll start with these rules, which allow TCP and UDP traffic only on port 6901..

firewall:
create ipf rule entry ruleid 6901 ifname public dir in act accept transprot eq num 6 destport eq num 6901 seclevel high medium low

create ipf rule entry ruleid 6901 ifname public dir in act accept transprot eq num 17 destport eq num 6901 seclevel high medium low


nat:
create nat rule entry ruleid 6901 rdr lcladdrfrom 192.168.1.3 lcladdrto 192.168.1.3 destportfrom num 6901 destportto num 6901


assuming "192.168.1.3" is still the correct IP of your private machine. This may be all you need, try it and test again. If it's still not happening, we can move on to opening the big hole.

boff, check the Standard BitTorrent section of the recipe's page, swapping the port ranges and IP for your own. Then repeat the first (firewall) rule but use transprot eq num 17 instead of transprot eq num 6 But, question: do you really need a range? If it's Azureus you're running (just a guess/update promo), check out the new Azureus section, which is worth a look anyway, if only for the unusual use of smileys-in-a-regular-article.

Ian, Good Call! I was at the dynalink site last night, following your hint (I'm presuming it was you) above, downloading some RTA100+ papers, but the rear connexions looked too different to be our Viking. There's nada on their site about this model, apart from an "express setup" which looks interesting; I don't imagine it would be that difficult to hack BT's parameters into its .cfg file and zap the black box. PaPA, you still got that zapped 205 kicking around? Fancy a shot at ressurection? smiley for :D

Our trusty Viking will likely be appearing under many disguises over the next few months, so these sites will certainly be worth keeping an eye on, Dynalink's updates look way more comprehensive than anything we could expect from BT, that's for sure!

thanks all, this page just keeps getting better and better, keep 'em coming, even the flowers!

for now..

;o) Cor



Emma - 27.01.05 5:14 am

I think that finally finding this site could be a gods send for me. I have found more help in the headline of this webpage than I got from talking to BT advisers for 20+ hours. I'm quite good with PC's and been a single mum means I have to do everything! I have had massive problems since buying this router so that my son can play on his xbox in his bedroom.

Basically this is what I need to do:

*Connect router to PC using USB
*Connect XBOX to router using ethernet, and use xbox live efficiently.
*The only other 2 programms I'm worried about for now are bittorent and Kazaa lite.

Since I set it up my son has not been able to connect to some servers or cant hear some of his friends when playing certain games.

I really don't want to tamper with the natural settings of the router too much, all I want is for the above to all work! My main problem was the "configuration manager" would keep refreshing, but I think I've solved this using the cache method above.

Cor, can you give me a few links as to what you would advise as the main things to do to my router. ie. port forwarding, DMZ. I read above about entering the DMZ in the xbox dashboard, but is that safe to do? what if i do that and he cant connect to any games whatsoever!!!

I noticed that you were online a few moments ago, if you still are, I could perhaps chat to you on that live programme and you could guide me through, tommorrow maybe?

Thanks very much for this site.


Emma - 27.01.05 5:15 am

OK so the time is a bit buggered, you were online a few hours ago!!! I'm an insomniac trying to get this sorted!!!!!!


Paul - 27.01.05 4:34 pm

Hi,
What an excellent resource for the Voyager router...it's helped me sort out port forwarding....Does anyone else have a problem with the router locking up, and showing all five lights on....It happens around once a day, and can be corrected by switching off and then back on...
Thanks in anticipation
Paul


Emma - 27.01.05 7:47 pm

I have solved the bittorent problem by turning off the firewall within the router, and I am using Norton PF on the PC.

However the xbox problem still persists, I have tried configuring the IP addresses and DMS server as you stated above but still no luck.

I phoned Microsoft and they have told me that I need to configure it so that:

"The IP of your xbox is in the DMZ of the router"

How would I go about doing this? I've been in the DMZ settings and tried creating a new rule, but it always says "failed".

Getting frustrated now!!


cor - 27.01.05 8:33 pm

sorry Emma, the last time I was in the chat, I didn't log off properly, it looks like I'm there when I'm not. I was still awake though!

The XBox setup is still an unknown, no one's got back here with anything concrete, and I still haven't received one in the post!

First off, USB is trouble, particularly if you want to run torrents and kazaa on the peecee. If your single-mum budget could stretch to a decent switch box (£20-£25) it would be money well spent, and could save lots of potential future troubles and headaches (for me too! heh)

Ensure you have given the XBox a static IP before you attempt to put it into the DMZ..

1) go into the XBox dashboard and give it a static (manual) IP address, say 192.168.1.4 (make a note of the current settings before you do this, probably "automatic", or something like that) For the default gateway, use 192.168.1.1, Subnet Mask will be 255.255.255.0

2. Still in the XBox dashboard, go to DNS server and enter..

Config: Manual
Primary DNS: 192.168.1.1
Alternate DNS: 212.159.11.150

THEN enter that IP (192.168.1.4) into the DMZ. We'll likely need some firewall rules on top of that, too, I'll try and put something together over the weekend, but it won't be pretty, and will be 100% guesswork!

If you strike gold in the meantime, take notes and let us know!

Paul, are you by any chance using BT Communicator VoIP software? It can cause your router to do this, as I have myself discovered. BT are aware of the issue, but haven't released a fix yet.

;o) Cor



cor - 27.01.05 8:35 pm

actually, it might prefer you to create the DMZ first, and THEN add the XBox, erm. try both!

/me wonders if I can put some sort of XBox emulator on a peecee..

;o) Cor


seamus - 28.01.05 12:09 pm

how easy is it to delete a nat rule once you've entered it? problem is; i copied yr nat rule for bit torrent into my tel, but then realised my ip is 192.168.1.4 not 192.168.1.3. oh dear i'm a plank!!!! tried to re-write rule, but it jus says entry already exists.dohh!!! any help greatly appreciated.


cor - 28.01.05 1:40 pm

seamus, worry not, it's easy to delete rules, in the web interface, just click the dustbin icon next to the rule, or else in a telnet session (copied from this very page, main article *sigh*)..

delete nat rule entry ruleid 6881

;o) Cor


Xander - 28.01.05 3:44 pm

Just wanted to say thanky you for this information, its an absolute gold mine, last night i was looking into sorting out the modom's "built in firewall" and customize it to improve my connections such as eMule etc..

And it was a *long* read (but worthwhile!)

Guess what i'll be doing when i get home tonight smiley for :D

Regards

Xander


Ian - 28.01.05 3:54 pm

Papa do you still have that brick if so when plugged in do you get any lights if you get ether then you should be able to resurrect it to virgin box using weird solutions TFTP client 2.0 i can provide virgin flash with correct mac address if you need it i just need mac address of unit to edit TEImage.bin


anonymous - 28.01.05 5:35 pm

How do I get my webserver working!? My public IP address keeps going to my default gateway (router config page) instead of my private IP address (webserver)

Any suggestions???


seamus - 28.01.05 5:50 pm

ta very much cor. i'll give it another go


cor - 28.01.05 6:03 pm

anonymous, your webserver is working fine, it says..

"Welcome to Abyss Web Server X1"

etc, etc. what's happening is that your local machines resolve that IP (correctly) to the router, and when the router is accessed (on port 80) from the LAN side, you get the config page. From the WAN (internet) side, it works just fine. I was your first visitor! smiley for :D

Borrow someone else's desktop and test it out for yourself! (the wonders of terminal services!) There are a few websites that will do it for you, too. google for online seo test or something like that, to have a distant webserver scan your site. just thinking out loud. corzoogle this site for personal density analyser

Thanks for the clarification Ian, I'll probably edit the old post, but currently my site quota thing is still causing problems, and frankly, I'm concerned the whole thing (comments file) will vanish on me if I try. I have a back-up, of course, but uploading it, at this time, may be impossible.

By the way, I wouldn't mind a copy of that virgin .bin file for myself, en cas de besoin...

;o) Cor



cor - 28.01.05 6:04 pm

oh, and Xander, you might want to get a bottle in, just in case. *wink*

;o) Cor


cor - 28.01.05 6:23 pm

anonymous, if you use a real nickname to post here, I'll give you a seriously cool way to test out your own site, in your own browser!

;o) Cor


paulwade25 - 28.01.05 6:34 pm

Cool! How did you find out my IP address?



P.S: Locally, my virtual paths work but via my domain it's coming up "The page cannot be found".


cor - 28.01.05 6:57 pm

The IP was easy, every request to a website has got to be from somewhere. For my added convenience, poster's IP's and email addies are available from my admin page. smiley for :ken:

The only way I could have been fooled is if you had used a proxy server, and THAT, dear paul, is how you access your own private website from inside your LAN!

TADA!

Google for free proxy servers, find a fast one (the non-anonymous servers are faster, less peeps use them), configure your browser to use it (many browsers can be configured from their preferences, or else your internet connexion settings will do it), and test test test!

Damn! Where's a PayPal button when ye need one! smiley for :D

;o) Cor


paulwade25 - 28.01.05 7:24 pm

So how will configuring a proxy server enable access to virtual paths via my public domain/IP address?

Also, what is the seriously cool way to test out your own site, in your own browser?


paulwade25 - 28.01.05 7:31 pm

Add me to MSN using that email address if you prefer...


cor - 28.01.05 7:57 pm

dude, that *is* the cool answer! Use a proxy server! TADA! That's it! smiley for :D

Using a proxy, you access your webserver as if you were outside, because that is exactly what you are doing, surfing via the proxy.

As for virtual servers and stuff, you'll maybe want to leave a comment elsewhere onsite about that, like here.

I don't do MSN, but if you want to hop into my site chat, I'll be around for a wee while yet.

;o) Cor


paulwade25 - 28.01.05 8:01 pm

What is the URL for your chat site?


paulwade25 - 28.01.05 8:09 pm

Via proxy, the page cannot be found. Everything else works fine.


cor - 28.01.05 8:17 pm

maybe the proxy was duff. always hit google first to check if it's working before you start to use it (also a handy loction indicator for proxies of unknown origin!).

Mind you, I can't get anything at you IP any more, either. Is the server still running?

;o) Cor

ps.. click the link under my (almost invisible) smiley in the toolbar.


paulwade25 - 28.01.05 8:36 pm

Yeah the server is up and running. In chat now...


Ian - 28.01.05 8:43 pm

Cor i have zipped up the virgin image file with a plain text file on the preset mac address and usb address that will need to be changed to the mac address on the sticker under voyager 205 once flashed, i have also included the pictures of the insides of the 205. where can i send it size 2.17mb

cheers ian


cor - 28.01.05 9:07 pm

Hey! Thanks Ian, good work! You can either upload it here, or mail it to me at the usual address (click any of the smileys under all my articles, except these router ones for some reason, or hit my contact page - the almost invisible smiley).

paulwade25 no sign of you dude, nada, in chat, or your web server. Are you still in this subnet of the universe? Maybe that proxy's interfering. I've had a couple of peeps drop in today, so the chat's definitely still working, though I'm keeping the log file trimmed! smiley for :erm:

okay, back to deleting files! This effin quota's crazy, feels like me boat's leaking and I'm bailing..

note to self: don't piss off hosting company admins, even if they have it coming.

;o) Cor


Paul - 28.01.05 9:12 pm

Cor,
Yes...spot on. I was using BTYahoo Communicator...I've found the page on the BT site, and they have recognised the problem. I gather a fix is in beta....I'll just stop using the Communicator until I can upgrade the firmware.
Thanks again.
Paul


Ian - 28.01.05 9:31 pm

cor all uploaded as per link


xander - 28.01.05 9:46 pm

Hmm

Stealthed the router successfully, tested it on that gcn.com link you provided and all ports were stealthed fine.

Wanted to open up (unstealth) two ports for eMule,

Tested the ports via your's and the gcn port tester, only one port was listed as closed 4662, the other 4672 is stealthed...

And in eMule, i can connect to the eD2k, but Kad is showing up as connecting (which i assume is using the 4672 port)

Any tips?

Thanks

Xander

p.s. no software firewall enabled, winXP firewall disabled, etc etc etc

tried removing the firewall command, and nat command for both ports and re-insert them to no avail...



claire - 28.01.05 10:01 pm

Xander.....
hey i had soooo much trouble at first with your kinda problem but thanx to the wonderful person that calls himself COR my probs are sorted!! i had a similar problem to yours and i changed the port from 4662 to 6883...the thing is alot of the isp's use 4662 so i'm guessing it kinda gets jammed...i seriously get speeds of 100kb/s plus now. as a side issue you seriously don't need kad running as far as i can tell it doesn't do alot for ya and doesn't cause any probs closing it! hope this helps you...if not you will have to wait for the expert to help ya!


Ian - 28.01.05 10:02 pm

i did a reboot minimum in telnet (not recommended) to see what default software was and surprise surprise not v1.1 as reported by get system but infact:

VIK-2.1.040426d1 create user name admin passwd admin root size maxvc 8 max1483vc 8 maxppe 8 modify ppp global keepalive enable modify system contact "GlobespanVirata Inc.,100 Schulz Drive, Red Bank,NJ 07701,U.S.A" model "Viking" location "GlobespanVirata Inc.,100 Schulz Drive, Red Bank,NJ 07701,U.S.A" vendor "GlobespanVirata Inc.,100 Schulz Drive, Red Bank,NJ 07701,U.S.A" logthresh 1 systime "Jan 26 12:39:37 2005" timezone "GMT" name "voyager" dname "home" magicnum 79 modify bridge mode

Starting POST - V2.2
SDRAM ... Loader Checksum ... Passed
Failed
Address: Expected == , Actual == 00 Boot Error
IMG1 MANU 123456789abcdx Unused VIKING-SPARC Eth0,USB 5776,2305

it seems bt want to hide what the real version running on these boxes are. ?????


anonymous - 28.01.05 10:03 pm

ok thanks will try that... it wasnt 4662 that was the problem its 4672... going to change it now smiley for :D

Will let u know how i get on smiley for :D

Cheers

Xander


Xander - 28.01.05 10:12 pm

Nope didnt work.... going to leave it for a few mins to see if things improve (as i did mention it takes a short while for things to kick in)

Xander


claire - 28.01.05 10:13 pm

hey xander in the kad network it also has a "RECHECK FIREWALL" button click that to retest it...sometimes it kickstarts it into opening or you could try bootstrapping???


anonymous - 28.01.05 10:17 pm

Just tried clicking on Recheck firewall and bootstrap buttons... nothing seems to be happening other than the "Kad:connecting" in the bottom left

If you think kad is useless how do u disable it from trying to connect? Disable UDP in preferences?

Xander

p.s. Thanks 4 ur help :o)


Xander - 28.01.05 10:20 pm

Yaay its connected (both are now) cheers :o)

Now gotta figure out how eMule works smiley for :D

Xander


Xander - 28.01.05 10:25 pm

Uh oh, Kad Network says Status "Firewalled"
my ip at port 6883

hmmm wierd as i have opened that port....

Xander


anonymous - 28.01.05 10:48 pm

hey xander if you wanna disable kad just disable it in the kad network....it will then say dis-connected in your servers page...i really don't have it running. if you havn't used emule before it's best to download at least 6 files at the same time...between 6 and 20 is good but in your preferences make sure you click the tab which suits how many files you are downloading.


Xander - 28.01.05 10:54 pm

hmmm *now* kad choses to work!

got eD2K on High ID and Kad status as Open now smiley for :D

Thanks for the help was starting to pull my hair out, after putting it in (the settings) in the router for the umpteen time (i swear if i typed commit *one* more time.....)

Guess it was slow to update for some reason... never mind its working now :o)

Cheers

Xander


cor - 28.01.05 10:54 pm

Interesting stuff Ian, very.

More interesting because, if my memory serves me correctly, the latest version of available firmware from Dynalink and others is 2.1.something. hmm. I wish BT had a clue, and then a real technical manual for this thing.

I'm not surprised they want to keep us in the dark. They'd deny it was a Globespan router altogether if it didn't say so in the telnet session, probably even then. Their "technical staff" are often quoted as saying "Use the web interface, it's more configurable that way". Hello? One thing's certain, if you annoy them enough, they eventually come round. I mean, you can even pay your internet on your phone bill, you don't think that was their idea, do you? smiley for :ken:

Got yer file too, thanks. Will investigate soon.

And you tell 'em claire! 120Kb/s downloads ARE possible! So you might suffer a couple of nervous breakdowns on the way, but hey, that's life! I'm just gonna sit back and watch the Xander situation for a while, methinks. smiley for :lol:

for now..

;o) Cor


cor - 28.01.05 10:57 pm

see! sometimes you just gotta wait a minute!

;o) Cor


boff - 29.01.05 12:18 am

now then m8y just to let you know i wonna forward a range o ports 4 online gamin cos all ov em use ranges of about 100 ports
ill chack the recipe section tho dood nd see if i can get it sorted that way
l8r


Ian - 29.01.05 4:00 am

cor over the next few days i will put a guide together on backing up the flash image and restoring using tftp client 2 form weird solutions its quite handy for uploading/downloading the committedcfg.cfg file as well. does anyone know what other files are stored on the router? hope the pics and virgin flash with guide were ok


Jerry - 29.01.05 10:02 am

Good day to all,
I configured my router, stealth, static 1.3, port fwd for emule. It works fine (high id) but only for 30 minutes.After this period everything stops, no or limited connection.
Any idea guys?
Thank you


paulwade25 - 29.01.05 4:13 pm

I'm in chat now (1:40pm)


paulwade25 - 29.01.05 4:32 pm

Please email me because I need to get this sorted asap!

Everything (bar my website) works fine via the proxy server - numerous tried and tested.


boff - 29.01.05 5:17 pm

any1 got any idea how to get a ps2 online with this thing. it worked a few times before i started messing around with the settings on the 205 (but as if i were leavin it like that) and now nothing! even when ive reset it and all settings are returned to default it still dont work. strange i think but wot dyall think any idea any1


claire - 29.01.05 5:22 pm

Jerry
try this from the rule entry above ^^^modify ppp global pppsesstimer nevertimeout. hope it works for ya.




Jerry - 29.01.05 6:51 pm

Snif, snif,
I will start crying.Claire I tried it and now the 30 minutes became 2.Everything stops in 2 minutes.Please guys if someone uses emule with high id my e-mail is jerry_thm@yahoo.com .
I'm begging for the solution of the pazzle.
Best regards,
Jerry


paulwade25 - 29.01.05 11:27 pm

Please someone try http://81.152.**.** and tell me what happens.

Thanks


^Coke - 29.01.05 11:30 pm

Jerry..
just out of interest are you using USB? if so i had the same problem and the issue was resolved by using etherlink as opposed to USB.
i haven't dropped connection since.. (thanks Cor/Barney/Clarke for the solution :)
hope this helps


claire - 29.01.05 11:58 pm

paul
sorry tried 3 times and all i got was " web site not found" :{


paulwade25 - 30.01.05 12:03 am

thanks claire - any ideas? read earlier posts.


cor - 30.01.05 12:38 am

Ahh, the server is back!

Where was I? Right, first Ian, thanks, that'll be superb. As to the other files on the unit, well, funnily enough, I was raking about in there the other night, and downloaded them all to my puter, there's a rar of what I got in the public folder. I should mention that I'm fairly certain I haven't got all the files, for a start, there's no access to the /hag/ folder, where the BT interface lives, but there's some other interesting stuff, default configs, shell scripts and things. grab it!

jerry, like ^coke said, this definitely smells of USB.

paulwade25, use a proxy server and test it yourself! I been having lots of fun with my backup dev mirror at corz.ath.cx, browsing via a proxy at, erm, 162.38.132.8:80 (shh! I didn't give you that IP!) enter that as your proxy address and you need us no more! At least not for testing.

If you use an app like InvisibleBrowsing, you can switch the proxy effect on and off at will, Fastbrowser will allow you to do a similar thing. Most browsers will. I doin't think the concept has quite sunk in yet, please do try this!

I'll be in my site for an hour or two if anyone needs urgent assistance!

;o) Cor



paulwade25 - 30.01.05 12:54 am

Yeah I know, I was just clutching at straws! Proxies are fine, but it's still not working...


digitaldazz - 30.01.05 12:59 am

Hi cor,

shame about the blacklisting.
try this might not make a significant difference but i have turned my clock update off as it may use some valuble bandwidth.

$modify sntp cfg disable

is there any harm in doing this other than timed port blocking may not be as accurate?

PS Thanks for this great page.


cor - 30.01.05 5:05 am

yeah, digitaldazz, if we could plug-in safepeer or something, that would be most useful. maybe one day.

As for the clock, I don't think you'll notice the difference. It only checks the time every 64-1024 seconds (depending on how askew it is), and it's no more than a couple of small packets each way, so probably not worth disabling.

paulwade25 your server was working, I visited it. And mine works just fine (if a little slow), so running a webserver with this router is possible, even easy. Something must be broken or blocking yours.

When I troubleshoot network connexions, I start at source, that is, where the request is coming from. In your case, this is "outside". That'll be you via your proxy for now, so simply insert a proxy and hit google. If google loads, we can move on. If not, get another proxy and hit google again. I always hit google whenever I load a new proxy.

Next the router. Is it stealthed? No other firewall rules are present? If you reboot the unit, it (annoyingly) inserts some rules automatically. At least one of these will mess up your ability to run a webserver, so revove them.

Next, ensure you have a rule for port 80 allowing incoming traffic.

create ipf rule entry ruleid 80 ifname public dir in act accept transprot eq num 6 destport eq num 80 seclevel high medium low

Then check your NAT rules, is the port 80 rule redirecting traffic to the correct machine? is it TCP?

create nat rule entry ruleid 80 rdr prot num 6 lcladdrfrom 192.168.0.100 lcladdrto 192.168.0.100 destportfrom num 80 destportto num 80

Check every aspect, make sure something obvious isn't wonky. Often it's the obvious things we overlook. For instance, ensure you have disabled WAN-side web access to the administration interface..

modify mctl access httpwanaccess disable

Next the webserver itself. Can you access it from localhost? (the same machine) From your LAN? Does it work normally? If not, fix it, if it's okay, move on..

Is there a firewall running on the server box? It may be allowing LAN traffic, but denying outside traffic. If you are using a virtual host (wise), does it match your dyndns address? like corz.ath.cx does..

From my virtual hosts file.. (maybe you keep yours in your httpd.conf *tsss* ;o)
%lt;VirtualHost *>
ServerName corz.ath.cx
ServerAlias  corzorg corzorg.org
etc.. 
Check everything and test Test TEST! every step of the way!

If it still doesn't work, you may want to consider hiring in an expert, so email me!

Running a webserver isn't for amateurs; unless you are prepared to delve into it, you're probably not suited to the task. Seriously, that's not a judgement, that's just the way it is. Nothing's for nothing.

;o) Cor


digitaldazz - 30.01.05 2:54 pm

Hi cor,
just wondering if you could help me again. I want to connect a serial port to the router is there any way you can do this. i want to try rewriting the image code and reflash it but want to be able to recover from a bad flash just in case. i heard that the 205 is similar to the sar 110.
any comments would be appreciated.

thanks


Ian - 30.01.05 5:20 pm

cor updated specs:-

BT Voyager 205 (aka RTA500-D51)

chipset:

GS8120-174-008D (CPU+DMT)
GS3780-174-001Z (AFE)
ESMT M12L64164A 7T (64M SDRAM memory)
ATmel AT45DB161B TC GSV-VIKING (16Mb Flash memory, 2.7-Volt Only Serial-Interface Flash with Two 528-Byte SRAM Buffers)
Realtek RTL8201BL 10/100MB Single-port PHYceiver

i`m going to open her up to see if i can trace the tracks for the 6pin header next to the flash chip and see if they can be used in the same way as the solwise 110 com port, i let you know how i get on, cheers got part home dir see if i can get any more

cheers ian



digital dazz - 30.01.05 6:27 pm

Ian / Cor

the pins next to the flash chip are as follows

1 . cs chip sselect
2 . sck serial clock
3 . si serial input
4 . so serial output
5 . wp hardware page write protect pin
6 . reset chip reset
7 . rdy/busy ready busy

i have looked inside the 205 and there seems to be a chip missing for the serial extension to the back of the unit, but the device should be flashable directly to the chip.

any good at serial interface's ?


digitaldazz - 30.01.05 6:28 pm

ps . flash chip info


http://www.atmel.com/dyn/resources/prod_documents/doc2224.pdf


jet - 30.01.05 8:45 pm

Hi Cor,

I tried your suggestion of opening up port 6901 to overcome the problems with MSN Messenger audio, but it did not work. This may be because port 6901 is no longer used for the audio (I read this on http://www.mcse.ms/message1311495.html). Anyway, I think what needs to be done is to open up ports 5004 to 65535. I tried to do this myself, but failed (I opened up the all the UDP ports in the range of interest and then set up a NATs rule as per your example for the bittorrent NATS rule under your ports forwarding section, but making the necessary changes in respect of UDP ports and port numbers).

Could you please write down exactly both the IP filter rule(s) and the accompanying NAT rule(s) that will succeed in allowing me to do this.

A couple of things that are confusing me:

Is it possible to write one single NATs rule to forward a whole rage of ports or is it the case that a single NATs rule can only be used to forward a single port (e.g. to open up 20 contiguous ports do 20 distinct NAT rules need to be used)? Does your example of the NATs rule for the bittorent ports forward a whole range of ports or is it in effect assigning port 6881 to poert 6889.

When I go to the servers eb based GUI why does the URL appear as http://192.168.1.2/hag/pages/home.htm? Should it not be http://192.168.1.1/hag/pages/home.htm given that the ip address of the router is 192.168.1.1.

Sorry if these are really stupid questions, but I thought I would ask anyway.

Thanks again in advance for provideing the correct correct IP filter and NATs rule.



paulwade25 - 30.01.05 8:45 pm

I'm up and running now - 81.152.**.** but the DNS from my domain isn't working!!!


paulwade25 - 30.01.05 8:54 pm

Doesn't matter - I will just forward my domain to my IP address instead of using FTP.

Thanks for all your help!


Kaveh - 30.01.05 9:32 pm

Hi, i see you know alot about the voyager 205, could you be able to help me please.

Erm what it is, i want to host an Football Manager 2005 game, but my router wont let anyone connect to my computer, i'm just woudering how i would do that.

I've put my email address onto this message, i would be greatful if you could help me.

thanks


Paul - 30.01.05 11:28 pm

PLEASE PLEASE PLEASE someone help me out on this one as far as i am concerned i am for cancelling my 1MB package with BT - the technical service are useless!!!!!!!

Anyway - i have managed thanks to this great site to get my ports open to use Azerus for my file sharing program. Only 1 MAJOR issue to sort it and that is i leave my computer running for a bit and when i come back to it it seems to have disconnected from internet. i cannnot access webpages, nothing is downloading.

I have to connect through my USB port which this site talks about connecting through ethernet port - my reason being i connect to my x box too. My x box connection has NO problems only my PC.

Also i find i can be browsing internet and my MSN messenger will sign itself out - although i can still browse the internet - i know its not messenger as i have an old ADSL modem which works with no problems in the least!!!!!! Not compatable with X box though.

I have check my USB power option not to switch off and also my Router card options not to power off. What else can i try?? Anyone got any ideas? I hear people talking about looking at the routers log to see whats going on but were do i find this??

Please someone help me - honestly i am getting depressed (i know thats sad but the amount of time i have wasted on this router is unbelievable!!!!) Why can't things just be simple - i used to like my PC now i think i HATE it!!!!!


Ian - 31.01.05 12:38 am

Hi Paul

Have you used these commands in a telnet session yet to keep the ppp link live and to stop them timing out yet:

modify ppp global keepalive enable
modify ppp global pppsesstimer nevertimeout





digitaldazz - 31.01.05 12:51 am

Paul,

I used to have the same problem with the voyager 100 on a USB
They dont like to hit the upload and download limits , the caps. I used a program called net limiter to restrict the programs that were using download and upload - torrents - emule etc..
you can select each program and allocate a certain level for use eg 20k upload. I would keep the total to about 22K upload.
and set a total of download to whatever your bandwidth cap is.

Doing this solved the problem and it never went off again.


Ace - 31.01.05 4:47 am

Hello all,

Great site Cor.

Can anyone help with a prob I have pls ? If I set my connection to obtain IP and dns dynamically I get nothing nada even thou the dsl status says connected. But if I set to static for ip & dns it works but not very well. Can someone tell me how I can force the router (205) to obtain settings dunamically pls ?
The settings I have to change are the tcpip properties in xp.

Thx for any help.


cor - 31.01.05 7:51 am

Hi folks. Don't you guys ever take a day off? smiley for :blank: Just as welll I got up extra early today!

Right, flashing, I've not looked into this, but my first thought is "isn't the USB port a serial interface?" I could do with a second unit to test all this stuff out; my only other BB modem is an old Intel Anypoint, and USB broadband modems are a waste of time, at least for my needs. Maybe I should ask BT for one, seeing as how we're doing their job for them. hmmm.

Paul , you don't need to use USB. Get a switch box (very cheap - a NIC and switch will cost around £25 all-in) and use ethernet. We can't help you with a USB connexion, it's simply too problematic. You're right about BT's "technical help", though. In the meantime, listen to what digitaldazz says about upload speeds. Ensure you never go above 80% of your maximum. In practice, this means, don't go higher than 25Kb/s. Get ethernet, and try again!

Kaveh, we need more information. What ports it uses, etc, etc. You may want to just create a DMZ and put your puter in it (with a good firewall running, of course).

Ace, I don't think I understand your problem. Do you mean you want your computer to get it's IP dynamically? (why oh why????) or something else? It's the phrase "force the router (205) to obtain settings dunamically" what throws me. The 205 ALWAYS get's it's settings dynamically (from the ISP), it's how your computer gets it's settings that matters. Get back to us with more info, or better yet; what you are trying to achieve.

PaulWade, your domain works fine, but loading the frame (frames! *tssss*) fails. This isn't a long-term solution anyway, as soon as your IP changes, you'd need to edit that page. Why not setup a dynamic DNS for now, for testing? Later, you can redirect the domain. What I'm saying is; one step at a time. If you can't access with a raw IP, it's pointless to move on to web redirections and framesets and shit.

Bad news about the MSN audio, jet, like I said, I don't use it. If you really must open up all those ports, first, ensure you have a decent firewall running on the local machine, and then issue these commands to the router..

create ipf rule entry ruleid 5004 ifname public dir in act accept transprot eq num 17 destport range 5004 65535 seclevel high medium low

create nat rule entry ruleid 5004 rdr lcladdrfrom 192.168.1.4 lcladdrto 192.168.1.4 destportfrom num 5004 destportto num 65535


That will allow incoming UDP connexions on ALL ports between 5004 and 65535, and redirect them to a machine at 192.168.1.4. Simply alter the IP to match your own.

As for the web interface address, weird! Have you altered the IP of the router to this? Normally, that's the address of the USB connexion. Does 192.168.1.1 still work? And there's nothing plugged in the USB port, no? strange. Anyway, remember, there's no such thing as a stupid question, only stupid answers. So feel free to fire away.

Okay, I'm still half asleep, and this answer feels a bit stupid.
more coffee required!

;o) Cor


barney - 31.01.05 12:08 pm

Cor

I have ethernet connection as you know
and I can get to the interface on both
IPs 192.168.1.1 and 192.168.1.2
with the sticker still over the usb port.

barney


Paul - 31.01.05 12:42 pm

Thanks for getting back to me. Think the download and upload speed might be the route of the problem (that was not suppost to be a joke). Think i will go with the idea of this switch box so i can use my ethernet connection. I take it i won't have to worry about being timed out because of upload and download speeds when connected through ethernet? Will i still set my computer the way described about with this box? I have never heard of them but going to ask at PC world today - is it like a hub? I added those lines about nevertime out ect - was sure they were already in place but telnet accepted the commands again - so its on now - going to work - will check it out when i get back again. Can i just say thanks again for the advice - don't known what i would do without this site - put it this way my router would be well on its way back to BT!

Thanks again

Paul


cor - 31.01.05 1:30 pm

That's interesting barney, mine isn't available from .2 at all. och well, so long as it works, I suppose smiley for :erm: thanks for the info.

Good news Paul, ethernet is definitely the way to go. But even with ethernet, you have to keep an eye on upload speeds. If you max out your upload bandwidth, it won't kill your connexion any more, but it will kill your downloads.

You see, the reason TCP/IP is so reliable is that for every packet you send (or rather, a server sends), an "ACK", or "Acknowledgement Packet" gets sent in response, sort of a "yup, got that, NEXT!". If the server (or any application acting as a server, which includes other bittorrent clients, etc) doesn't receive the ACK, it assumes you never got the packet and re-transmits it. It will also slow the rate of transfer, assuming it is sending them to quickly for you to handle.

Ergo, if you upload capacity is saturated, there's no bandwidth left to send back the ACKs, and your downloads will slow to a crawl, even stop altogether. So now you know!

;o) Cor



cor - 31.01.05 5:22 pm

You've probably noticed that the comments section was getting a bit, erm, LONG! Incredibly, there are 233 comments so far! Yikes! It was starting to make my browser ache.

Anyways, I hacked in this cute page facility, now we get twenty (configurable) comments at a time, though the option to view them all in one big lump remains.

If anyone experiences any weirdness with this new functionalty, please email me, rather than leave a comment about it!

;o) Cor


digitaldazz - 31.01.05 6:08 pm

hi cor,

might be able to get my hands on a 205 for you to test out a flash.

dont suppose you live in the Northeast ?.

please email if interested.


cor - 31.01.05 7:14 pm

Aye, I do! The Northeast of Scotland!

you got mail!

;o) Cor


Ian - 31.01.05 11:51 pm

cor digitaldazz

after downloading the firmware for the bt voyager 240 4 port router (i was curious) it seems bt link dynalink designs as when i opened it up in ultra edit 32 it seems the voyager 240 = RTA 230 ?

the proof:
first few lines of 240 Firmware V2.14.02.17 file.

6 RTA230 1 1635116 3217031168 64152 3217096960 991232 3218088192 579732


Paul - 01.02.05 12:31 am

Went to PC world and they never knew about this switch thing - they advised me to get a router. I went for this, set it up, plugged my Voyager 205 adsl router into my new LINKSYS router but when doing this the new router shows it has an internet connection - however not able to connect to internet and it comes up an error during setup about no being able to connect. Take i should not have followed the PC world advice and got another router (not a modem just a router) I don't think i am suppost be go online - maybe this is a sign!!! lol Going back to PC world tommorow - think i might just go for a new router/adsl modem built in that supports more than 1 ethernet device? Agree?


Ian - 01.02.05 1:22 am

Paul

what you need is a switch or hub

current pcworld stocked switches

Canyon 5 Port Fast Ethernet Switch £ 8.11 (exc VAT)£ 9.53 (inc VAT)
Q-TEC 780SH 5 Port Switch Hub UK £ 7.67 (exc VAT)£ 9.01 (inc VAT)
Dynamode 5 Port 10/100 Switch N-Way Desktop £ 7.31 (exc VAT)£ 8.59 (inc VAT)

i listed them in order of preference, basicaly a switch is like a hub except it has controling software that when it gets asked for information by a port it returns information back to that port where a hub sends it to all ports.

hope this helps


cor - 01.02.05 1:23 am

So Ian, it's official, BT are in cahoots with Dynalink. That's both eyes watching dynalink now. What is interesting is how BT felt the need to add a 10 to the model number. Probably 5 for the cute new BT web interface, and another 5 for removing some chips. Or more likely 10, for the number of hours you'll waste trying to fix the bloody thing because they screwed up the firmware. smiley for :lol:

I was going to say 10, because that's how much the unit (saving you £59.99!) actually costs, but then I realised its probably a lot less.

Paul, of course, if you move onto another router, we in the 205 squad will be real sorry to see you go, but if you have your own network path to tread... smiley for :lol: Yup, PC World are mostly staffed by Type2 StoreFront Series Droids these days, not a good model, buggy firmware, volatile memory, low computational power. You can cause one to crash by asking "computer" questions like, how many ports does it have?, and is the keyboard touch-type?, or is it self-aware yet? (to which the response is invariably, "erm, no, I think you have to install that yourself". Maybe not.

I made one crash once with a single question; buying, or rather, pretending to buy, a hard drive.. "..so can I upgrade the platters at a later date?". watch the eyes (some of Chew's early work!). When they crash, an automatic mechanism sends them shuffling off in the direction of the nearest staff member with a beard; Who Has Actually Used A Computer. (just wait for the hate-mail!)

The answer is "Yes, but you'd have to send it back to the factory". That's okay, I do that with maxtor drives every six months anyway. smiley for :lol: (now legal letters, oh boy!)

Dear Paul, if you'd read all the comments (and before I added this paginating thing today, there really was no excuse! time is a factor, okay, anyway..) you would have spotted the link to the Maplin device for £24 that is exactly what you need. It's like a hub, yes, only smarter. My fault for not incorporating this stuff into the main articles quick enough, devising new ones, again, time is a factor..

http://www.maplin.co.uk/Module.aspx?ModuleNo=34826&TabID=1&source=15&WorldID=4&doy=9m1

But of course, you've now spent money at PC world. hmmm.

In truth, I'm a bit stoned (yes, the visitor was most welcome, I needed a break) and the idea of hooking this router to yet another router just makes my head spin.

If you have a few bob, spend it at maplin (who more deserve your valued custom - remember, all their items are covered by a 30-day your-cash-back-if-not-happy guarantee, which I've tested) and get ink cartridges or something for your PC World bucks, gift voucher maybe.

It probly woodwork, but I never misses an opportunity to have a stab at PC World. And BT, of course. Oh, and maxtor. *ahem*

What model of LINKSYS?

;o) Cor

ps.. I agree, it's a sign. Question is, what of?



cor - 01.02.05 1:26 am

hey! good prices!

;o) Cor


cor - 01.02.05 1:32 am

And while I'm in the area, paulwade, http://81.152.**.**/ is working great! 22:58 (ignore this site's timestamps *sigh*) Whatever settings you are using now, KEEP EM!

;o) Cor


Ian - 01.02.05 2:04 am

cor

i`m trying to get hold of the rta100+ from aussie at mo, the only difference on the ports is that it has a console port and i want to see if the internal board is identical to our beloved btv205 if i is then the next step is to try and revive a 205 that has died or is free.

i thought you might find this interesting i found it yesterday a solwise hard reset hack (uploaded file voyager solwise 110 reset.txt)


thesimon2000 - 01.02.05 4:22 am

Hey, i'm using a BT Voyager 205 router at the mo. Have the same old problems of overheating and reseting, no biggy. I'm on the 1meg BT broadband at the mo, but only able to download a max of 100kb/s. XP firewall settings are off, and followed all instructions here. Many concerned cos i use DC++ and wud like faster download speeds considering i am paying for 1meg. Anyone got any suggestions? Cheers


Ace - 01.02.05 2:10 pm

Thx for the reply Cor.

I seem to have fixed the problem of getting the router to work ok with dynamically assigned settings - it was windows XP - damn thing had DNS & DHCP set to manual - I changed them to automatic and now I can browse etc with settings assigned dynamically :)

One thing if anyone can help is at times web pages seem to grind to a halt for a short while then come in fine again - are there any settings I should change to stop this happening ?

Thx for any help ;)


Chris - 01.02.05 3:11 pm

Hi cor, remember me, the one that bought the wireless adsl router,,, wheeyyy. After a couple of days rushing back home at lunch time to configure and test i have now sucessfully configured the wireless router behind the star ship.COMFIRM, ANY WIRELESS ROUTER BEHIND THE VOYAGER HAS TO BE ON DIFFERENT SUBNET, i.e 192.167.1.1. Setting the IP address manually on the router will enable it to DHCP from the Voyager 192.168.1.1. After i got the router working i then had to manually reconfigure the static IP of the pc to be in same subnet of router. To get my web server running and ptop proggys working, i then changed the routing on the voyager to push through all data on specific ports to my new static ip and working a dream. And the biggest bonus of it all is that im effectively running 2 layers of security through NAT on each one. They are now a happy couple :geek. as i have new Asus K8 Mobo with 2 net cards in, im thinking about adding another layer but i think i might leave that till a rainy day. just though id let you know how i got on cor, keep up the good work man smiley for :D


Reggie Kray - 01.02.05 4:26 pm

I have a 205 ADSL router, Im trying to run xbox live but came across some problems with the IP settings. Xbox live support said I need to configure the router to recognise xboxs lives IP address. Does anyone know what this means and how to help me?
Im quite new to this and get a bit lost on the wordings..


anonymous - 01.02.05 6:52 pm

Hi Cor
on the 27 1 05 you were replying to a plea for xob you wrote..

2. Still in the XBox dashboard, go to DNS server and enter..

Config: Manual
Primary DNS: 192.168.1.1
Alternate DNS: 212.159.11.150

THEN enter that IP (192.168.1.4) into the DMZ. We'll likely need some firewall rules on top of that, too, I'll try and put something together over the weekend, but it won't be pretty, and will be 100% guesswork!


did you ever do those fire wall rules?
thanks


Paul - 01.02.05 8:25 pm

for jet,

Check your subnet mask is 255.255.255.255 if in the UK
I had the same problem trying to speak with someone in the UK, I am in the states.
He is on BT, my connection worked with everyone else but him.
Bt had assigned a very dodgy subnet mask, he corrected it to the above and guess what..........perfect audio and video.
Prior to this the webcam would work but no sound and the same for audio.
Now we have perfect video conferencing.



mike - 01.02.05 10:30 pm

hi
ok, got broadband about 2 months ago to play cod and other fps games and had so much trouble with it. Didn't get any help from the tech support at bt because they seem clueless zombies readin instructions from screens.All problems seem to point to the router settings because i have trouble on p2p file sharing sites, cod didn't work at all at first and i only get a few servers to join to and some links on the net don't work at all. Just wanna know if doin if it sounds as though this could be cured with port forwarding and the other stuff i've read about on this site and a few others. i'd be very grateful for any response , cheers


cor - 03.02.05 6:05 pm

Ian! thanks for the upload! gonna throw that in the public archive laterz, once I've digested it better. looks like fun. it almost makes me wish my router was screwed so I could try it out!

thesimon2000 100Kb/s is pretty good. Are you sure that's not just how fast the other clients are sending? Check your actual top speed (with no other net apps running) at one of the many many broadband speedtest sites. If you can't get over 100Kb/s with any of them, maybe something's wrong, but probably not, probably you just have more folk on your exchange than I do! That's 50:1 contention for ya!

Ace, you might want to play around with the TCP/UDP time-outs (grab the Mackila's configurateur gui from my public folder if you have a windows box handy), and perhaps apply the max-tcp-connexions hack to XP (See same folder; I'm presuming you have XP SP2). Also make sure you're not using the USB connexion!

Chris, this is smashing! Can you mail me the details of all your settings/what you did? That would be very useful. I find the IP stuff confusing. But that could be just me, just now.

Same goes for you Paul, exactly where are you changing the subnet mask? Do you mean the private machines? This intrigues me. Subnet masks can cause all sorts of weird problems, I had an octet out on my mac for a while, shares would connect, but not automatically, shortcuts sometimes worked, sometimes not; was a silly error in the network config dialog, took me days to spot it! So, more details please!

xbox, Reggie Kray, anonymous (and to a lesser extent peecee gamers, mike), nah, I've not put together anything special for this yet, still no xbox/ps2 to play with. I created a DMZ here at home and put an old windows 98 laptop on it, just for fun. It's been running for a week like that! Now, in the real world, a windows 98 machine (with no security updates, ever) accepting public connexions on all ports wouldn't run a half hour without crashing, so simply "entering the IP into a DMZ" doesn't seem to have the effect that umpteen sites say it does.

What I planned to do was simply advise that you remove the second stealth rule and replace it with a rule to allow ALL inbound connexions, and then a simple NAT rule to route them to the IP of the games machine. In essence, anything that wasn't specifically covered by another rule (say, an eMule rule) would be sent to the games machine. I reckon that would fix things. If you have a good firewall running on your games peecee, you could do a similar thing with that. I'm sure you could figure out the syntax of the rules until I get around to writing that up! something like..

create ipf rule entry ruleid 500000 ifname public dir in act accept seclevel high medium low
create nat rule entry ruleid 50000 basic lcladdrfrom 192.168.0.254 lcladdrto 192.168.0.254


I have tried this, and it doesn't seem to interfere with any other communications, and certainly opens up the particular machine, follow that example at your own risk. maybe the regular "rdr" instead of "basic" would do the job. I can't really get my mind to settle enough to think about this stuff...

Between human and hardware deaths and other traumatic stuff, I've not really had a lot of time and peace to devote to router hacking this last couple of weeks, hopefully I'll get some soon and distil all the best feedback into the articles proper, maybe do a "troubleshooting" page, for all those common quibbles. etc. Patience isn't a virtue for nothing.

In the meantime, if anyone has some details of working XBox/PS2 setups using this router, I'd very much appreciate seeing those, it would be good to put down something definitive.

love and peace..

;o) Cor


yo - 03.02.05 6:09 pm

Nice stuff! I did the firewall scan and it says port 80 and 1024 are open. how can i close them?
PLease thanks!!!
Fae a fella highlander! :P


Yo - 03.02.05 7:57 pm

Hello again.
Another dumb question.... Should allmy ports be stealthed?
Thanks and keep up the good work!!
peeeeace


Ian - 03.02.05 8:47 pm

cor,

i was brave flashed my 205 with the rta100+ firmware (holds breath, sweating like mad) upload complete, all lights except power go out, diag light comes on (holding breath again), usb light comes on dsl light comes on ethernet light flickers, by now i`ve lost 2 stone by sweating, open browser 192.168.1.1, user login:admin password: admin (hey thats not my 205 inferface it says its a rta100+ (sigh of relief, my god look at all the options) no dsl connection argh vpi 5 vci 38 right change them to vpi 0 vci 38 put in user name/password connect, yes we have the net. the thing with the lights on th rta100+ they are:

power diag ethernet act dsl usb

voyager 205 are:

power diag dsl ethernet usb

so voyager lights now become:

Power Diag Dsl Ethernet Usb No light :old voyager 205
| | | | | |
Power Diag Ethernet Act Dsl USB :New voyager205

i am going to see if i can connect led for sixth light it will mean drilling small hole in case or getting hold of a voyager200/240 case as these are same size just have six light holes.

uploaded the firmware i used.
filename: rta100+ firmware plus manual.zip

regards ian

BTW i flashed back with no problems, i used tftp client 2.0 from weird solutions both times didn`t want to try http update in voyager interface.




Ian - 03.02.05 9:49 pm

to all,

if you attempt firmware switch as above make sure you have the rta100+ firmware not the rta100 (haven`t tryed rta100)also no usb support enabled in rta100 firmware apparently they are different i`m checking on this at mo.

so REMEMBER it must be the rta100+ firmware:

file name: rtaplus_2.1.040827a1.zip on dynalink.com.au web site

hopefully cor will add the firmware to the file archive.
it seems the usb light is optional according to the manual.


Cindy - 04.02.05 1:23 am

This was great...I'm just trying to teach myself all about my P.C & related stuff like using Limewire etc & this was so easy to understand, so Thanks :-) I am now going to go & find out about configuring my router so that I get faster downloads.....bye


Ian - 04.02.05 1:38 am

i have now looked at the differences between the rta100 and the rta100+ firmware and there is a big difference in the firmware hag implimentation and supportting code, after looking on the solwise forum it seems that the rta100 firmware works on the 110 but the rta100+ does not,as the solwise firmware has already killed one 205, i would advise that you avoid the rta100 firmware and stick only to the rta100+ firmware. i am looking at the rta100+ firmware with a mind to change default vpi 8 and vci 35 to the bt used figures and also the user name. i`ll let you know how i get on.


grim001 - 04.02.05 4:30 am

Very useful information. I am having problems opening the ports can you help please


Ian - 04.02.05 11:17 am

cor some very interesting info for you, i contacted dynalink for the sorce code or firmware editing tools for the rta100+ and this was there reply:

We cannot supply this code as we don’t have it. This code is not even held by the modem manufacturer it will only be held by globespan who make the chipset. You will need to contact them regarding this. The chipset is a Viking 2.

Ryan Jewell
Senior Technician
Dynalink Support
1800-653-962

Askey Australia
Unit 1
329 High Street
Chatswood
NSW 2067

so it seems that our little voyager isn`t quite the same as the solwise 110 but is infact the same as the solwise 130 she has the all grown up viking 2 chipset so this now clarifies things as such:

solwise 110,dynalink RTA100 = viking chipset
solwise 130,dynalink RTA100+,BT Voyager 205 = viking 2 chipset

so it seems that they dont always mark the chipset viking/viking 2 but just mark it viking ?

you learn something new every day.


DIGITALDAZZ - 04.02.05 12:00 pm

Hi Ian,
just been reading your research and it sounds really promising.
I am thinking of flashing with 100+, can you see any advantages in this firmware over the bt modified firmware?

I have also got my hands on a non working 205. When powered up the USB light flashes and there are no other responses from it. Do you know of anyway to connect a serial (console port) to the motherboard without the missing chip ?

Thanks



Ian - 04.02.05 1:01 pm

Digitaldazz, the rta100+ firmware has so many options its hard to know where to start, to give an example the is a section where you can exclude protocals going through the router ie, appletalk tcpip etc ect it is some configurable it amazing just how much bt crippled it, you even have a firewall configuration screen that lets you choose indevidual options for dos attack etc, do you know what happened to the no working 205 was it flashed with wrong firmware etc, even though the ether light doesn`t come on when cable pluged in can you reach it on 192.168.1.1 it it was flashed incorrectly with solwise software you might be able to reach it on 192.168.7.1 ???, else if all else fails there is a hardware hack where by you short 2 pins on the internal connector 2nd and 3rd from front that should boot default basic config with ether enabled. if you can reach the 205 by 192.168.1.1/192.168.7.1 then you should beable to use tfpt client 2.0 to upload via ether.failing all else there is a little program that scans all ip address from 0.0.0.0 to 255.255.255.255 that might be able to see 205 if the default address has changed. hope this helps. if you need more advice just shout i`ll be around all day today.


cor - 04.02.05 1:07 pm

Thanks for all your hard work, Ian, now what I'd really like to know is; what are the benefits? I presume there are no automatically inserted rules, is there anything else? What's the web interface like? Is it as limited as the BT one? Can we set more options in it, etc? It might be worth having a look at the hex of the update, see how hackable it is, perhaps there's some utility exists that allows it to be editied in a meaningful way, too. Interesting stuff.

Yo! yo Have you followed all the instructions above and in the stealth and recipes pages? Have you deleted the extra firewall rules, etc? Tell us what you're trying to do and how far you've got.. As for grim001, well, I just know you haven't read those pages at all. Go do that. I actually put some effort into them. Cindy says it was "easy to understand", and I agree! Try it! smiley for :lol: (thanks Cindy!)

ahh! just noticed your recent post in my admin page Ian (was composing this post in stages, multitasking) keep up the good work! You pre-empted me with the editing tools, gr8 idea! A hex editor, even, might be useful, could perhaps alter the vpi settings, make a 205 version.

k, I'll be back.

;o) Cor


cor - 04.02.05 1:08 pm

feck! and digitaldazz pre-emted me with the benefits! I gotta get up earlir! smiley for :lol:

(having hardware troubles (more!) my mac runs for ten minutes, dies. I see a linux desktop calling me...)

;o) Cor


Ian - 04.02.05 1:18 pm

angey ip scanner cand be used to ping all address in a range it can be found here: http://ipscan.sourceforge.net/ipscan.zip

digitaldazz i`d recommend using above prog and setting a range of from 192.168.0.0 to 192.168.255.255 at first to see if it can find 205 only problem is it scans in 63 address at a time then you have to scroll window for it to continue.

hope this helps


Ian - 04.02.05 1:39 pm

cor i`ve contacted conextant techsupport uk with regards to firmware editing tools not allowed to call it globespan anymore since they where brought out,just waiting for a call back. fingers crossed, whats getting up earlier i have a two year old nght and day are just a blur smiley for :lol:


cor - 04.02.05 2:40 pm

Toddlers! That explains why you never sleep!

Here's hoping for a firmware editing tool, that could prove to be most useful. I've added a wee "useful links" section (above the comments) with most of these links in it.

keep em coming!

;o) Cor

ps.. who's "Globespan"? smiley for :lol:


ian - 04.02.05 2:58 pm

cor links for tftp client 2.0 weird solutions

http://www.weird-solutions.com/bin/desktop/tftpc_free.exe - win98/2k/xp
http://www.weird-solutions.com/bin/desktop/tftpc-3.0-1257.suse.i386.rpm - linux suse rpm
http://www.weird-solutions.com/bin/desktop/tftpc-3.0-1257.rh.i386.rpm - linux red hat rpm
http://www.weird-solutions.com/bin/desktop/tftpc-3.0-1257.mdk.i586.rpm - linux mandrake rpm

a link to their download page with lots of other useful stuff http://www.weird-solutions.com/download/index.html

i put these links up as easier than putty not a lot can go wrong with these


Ian - 04.02.05 3:00 pm

digitaldazz any luck with that non working 205



ian - 04.02.05 3:49 pm

cor uploaded rat100+ manual and guides zip covers zipb ps2configuring etc also included two files voyager205 and rta100+ defaults that i pulled from firmware just for comparison, forgot to include rdr pic on configuring will up load it now, hope these are interesting and help full

cheers ian


anonymous - 04.02.05 7:10 pm

Hey folks just to keep you all updated, I have been talking to BT for the past few days about this router, the upshot of tests and upgrading the firmware to 1.6 we have found it still has problems with steam and lockups. So they are gonna replace mine for a 250 hopefully this is gonna be better than the 205.

http://www.voyager.bt.com/205/btbroadband/firmware_update.htm


digitaldazz - 04.02.05 10:05 pm

Hi Ian/Cor,

HURRAY! JUST FLASHED THAT NON WORKING 205 WITH 100+ AND IT WORKS FINE. HAD A LITTLE TROUBLE GETTING IT TO RESET USING THE 2ND AND 3RD PINS - HAD TO RESET IT A FEW TIMES AND SWITCH IT OFF AND ON. EVENTUALLY ALL THE LIGHT START TO FLASH (EXCEPT THE DSL) AND IT ALLOWED ME TO FLASH ON 192.168.1.1 USING TFTP.
THANKS IAN GOOD ADVICE MATE.


Ian - 04.02.05 10:26 pm

digitaldazz

glad to hear that, i thught it might take a couple of tries as its a timing thing but hey it works..... how are you finding the 100+ firmware just a few more options opens up all sorts of possibilities at least when you change an advanced option you can see it rather than it being hidden behind the idiot proof web interface. any probs just ask i`ll try to help.

anonymous

thanks for firmware link, i downloaded it and compared it to v1.1 it seems that they have changed boot block and a bit of the firmware code but without gs`s firmware editing tools no way to tell what they`ve changed but knowing bt part fixed one problem and created more in the process. smiley for :lol:


digitaldazz - 04.02.05 10:51 pm

Hi Ian/Cor,

Once again thanks mate.

The 100+ frimware looks great, put in all of Cors default rules using hyper terminal but actually the web interface looks easier than BT's. Need to read the userguide but glad to see this modem finally getting cracked. At least its nice to know you can recover from a dead router.( think this one was due to a sol 110 flash!)

GlobespanVirata Inc., Software Release VIK-2.1.040827a1

PS thanks for this cool site Cor!

Cheers


james - 05.02.05 2:03 am

Can anyone help me in the most simple terms - I am trying to connect to a site I have used via a normal BT connection and now broadband will not let me communicate, its a video chat site called icuii.com. I dont want to change too much as I have no idea what I am doing,can anyone help me to make and receive calls on this site,
Thanks in advance


Phil UK - 05.02.05 9:55 pm

thanks alot you've been alot more help than the other web site's cheers


prv.joker - 06.02.05 4:36 am

Hi.can anyone tell me if there is a config,that will improve game play when playing multyplayer online games ie.MOHAA,CoD.ect,

Ta!


Anton - 06.02.05 11:20 am

Xbox Help!!!

I'm trying to solve a problem with my friends Xbox. Picture the scene, Two brothers, each with there own Xbox's and BT Broadband service (512K), and the wonderful BT 205 router. One brother lives in Scotland, and one London. I have ensured that both of there NAT setting are identical and Port Forwarding is configured as per the requirements of Xbox Live (UDP 88, UDP 3074, TCP 3074), and when checked on the Xbox Network setting's both have an NT (NAT) setting of 1 (which means they can in essence, play all users of Xbox Live. However, they still cannot play against each other?

I'm scratching my brain trying to troubleshoot this....any thoughts?

Best regards
Anton


Martin - 06.02.05 11:05 pm

Hey Ian.

Is there a telnet command for forwarding a range of ports at a time?
i'm quite happy with a software firewall, at the mo, so i'm not bothered too much about security. I just have to open up all the ports needed for MSN Audio conversations.

Cheers

Martin


Martin - 07.02.05 12:33 am

Hey Ian.

Is there a telnet command for forwarding a range of ports at a time?
i'm quite happy with a software firewall, at the mo, so i'm not bothered too much about security. I just have to open up all the ports needed for MSN Audio conversations.

Cheers

Martin


Ian - 07.02.05 4:32 am

Martin, i haven`t really play with port forwarding so can`t really say, but i do know msn audio uses dynamic port allocation which makes it hard to map rules to it even ms themselves say ideally you should set the modem/router to upnp and it does all the hard work for you, cor any thoughts on this for martin

cor/digitaldazz

i have just aquired an updated version of the solwise 130 viking2 firmware VIK-2.1.041108a1tbc dsl ver Y.1.42.2 it is a gobespanvirata web interface with nothing missing or edited out i just need to create a usb inferface setting make sure upnp and a few others are set and then you will be able to have a play with it. as usual lights all screwed up but hey i`m working on getting that sorted well sort of, the rta100+ firmware i have been playing with and have set all default options for bt in to it and have created a new teimage.bin so all you have to do is flash and your up and running, only down side i have found with this firmware is no access control for management control(web interface) at mo you can access it via wan which should be disabled by default,but i`m looking atgetting that sorted to.

right off to bed gotta sleep smiley for :roll: 1, 205 connected 2, 205 connected 3, 205 connected ~~ 99998, 205 connected ZZZZ ZZZZ ZZZZ ZZZZ


Bilgez - 07.02.05 2:08 pm

Cool! was excited about FINALLY getting broadband but was stuck with BT
for various reasons. After a day of strife with it, found this page and all my
troubles were solved! easy to understand and execute! Zero previous knowledge
of BB or routers etc. Good with a Sig in Counterstrike tho! (where I've been since!)

Keep up the great work!


Dan - 07.02.05 7:49 pm

hi
I use Tesco adsl - I've been given a BTVoyager 205 - can i get this to work with Tesco? - are the bt settings in the router ? if so can I get at them and change tham to the tesco settings ? if so how - I'm a total router novice... using a mac osx 10.3.7
thanks
Dan


Dan - 07.02.05 8:39 pm

scrub that - it works.. used the pdf info to change the settings on the router - never used terminal before - nice.
Dan


Jamin - 08.02.05 2:24 am

I have a problem with the BT Voyager 200 router, after a while it disconnects from the ADSL, is there a default command which can be set to enable it to automatically reconnect once the session has died, without physically powering it down.
Jamin


Ian - 08.02.05 5:44 am

Cor

i have got my hands on a utility that can extract and replace a default config in a bin file so i should be able to take the virgin flash and insert a default stealth config with no extra reoccuring rules, which means you can reset the 205 and it will be ready to go.

all thanks to a very nice person called chan (credit where its due)




mad - 08.02.05 1:13 pm

well i've got a server Direct Connect DC in my Laptop and when connect more than 200 people it's close the connection.. anyone knows why is it happening?


sergio - 08.02.05 1:53 pm

ok my connection is "working properly" but when it has more than 150-180 connections on the server, something strange happen server refuse conections to open new ones
DC server and Zpoc Server


Ian - 08.02.05 7:33 pm

mad / serigo

with emule/edonkey Direct connect etc the solution is three fold.

1. lower connections in software to max 150

Using Telnet.

2. increase max number of ip sessions 205 can handle : modify nbsize maxipsess 512
3. decrease udp timeout setting from 300 so dead connections get dropped quicker allowing new connections : modify nat global udp timeout 120

dont forget to commit.

hope this helps


cor - 09.02.05 2:30 am

Ahh, had to go away for a few days, as I often do, thanks for holding the fort Ian.

First, great news about all the firmware stuff. Thanks to everyone mucking in, we'll get a firmware page together and get all this stuff on it. And fantastic news about the custom firmware Ian! The idea of a default all-in stealth-ready firmware rocks! keep at it dude! (and pass on my thanks to chan)

Okay, james, the icuii.comm setup is fairly straightforward. Ensure that icuii itself is set to use manual ports, remember the "obscure" tab, to ensure UDP traffic is also manual, then just add a few rules to the router..

firewall:
create ipf rule entry ruleid 2000 ifname public dir in act accept transprot eq num 6 destport range 2000 2001 seclevel high medium low

create ipf rule entry ruleid 2002 ifname public dir in act accept transprot eq num 17 destport eq num 2002 seclevel high medium low


nat:
create nat rule entry ruleid 2000 rdr prot num 6 lcladdrfrom 192.168.1.3 lcladdrto 192.168.1.3 destportfrom num 2000 destportto num 2001

create nat rule entry ruleid 2002 rdr prot num 17 lcladdrfrom 192.168.1.3 lcladdrto 192.168.1.3 destportfrom num 2002 destportto num 2002


Alter the IP address (192.168.1.3) to match the IP of your own computer, of course.


Martin, check the recipes page for ranges of ports, particularly the first BitTorrent and Direct Connect rules, there's a few good examples scattered throughout the comments, too. In fact, your exact scario is covered.

Dan, Welcome to your terminal! enjoy your stay!

Jamin see the main article (above)

Anton, I wish I could be more help, gamers never seem to get back and tell us what works and what doesn't. See the previous page of comments for my "catch-all" strategy for games machines, and fingers crossed for a more robust solution in the hopefully not too distant future!

I'll be back..

;o) Cor

ps.. congratulations digitaldazz! our first resuscitated router!


Jamin - 09.02.05 2:44 pm

Sorry i should have been more clear in my problem.
Basically I have many routers connected remotely via the ADSL on public IP addresses on a 30 bit mask, the routers loose there connections sometimes and need to be rebooted however this means calling the user up at the remote site and getting them to reboot, this is time consuming, i was wondering whether a script could run on the router every 30 mins or so do see whether the WAN connection is still up, if it is not up, the router could do a reboot.
Thanks for your first response.


John - 09.02.05 3:00 pm

Hi, I cannot get access to the 205 Advanced Menu options (I can see them after logging on admin,admin but nothing happens if I click 'em) via my XP PC, I have tried via an old laptop running Win98 and it's fine. Both connected via Ethernet.

I'm running latest IE and Norton Security on the XP machine. I've tried switching of the Norton stuff, no joy. I'm guessing that something in IE is causing problems, can anyone point me in the right direction?


barney - 09.02.05 3:25 pm

John you have got a firewall on somewhere
thats normally the reason

best

barney


Mark - 09.02.05 3:59 pm

i hope anyone can help me, i have recently got the 512KB connection on BT Yahoo Broadband i have the BT Voyager 205 router and every 3 - 4 minutes, my connection keeps going off and reconnecting but then disconnects again! - can some one please help me?

Thank You


Barney - 09.02.05 4:18 pm

Mark

If your'e connected by usb it
will happen get connected via
ethernet always on

best

barney


John - 09.02.05 5:36 pm

Hi, I cannot get access to the 205 Advanced Menu options (I can see them after logging on admin,admin but nothing happens if I click 'em) via my XP PC, I have tried via an old laptop running Win98 and it's fine. Both connected via Ethernet.

I'm running latest IE and Norton Security on the XP machine. I've tried switching of the Norton stuff, no joy. I'm guessing that something in IE is causing problems, can anyone point me in the right direction?


digitaldazz - 09.02.05 9:27 pm

John as posted previously - try this.

Internet Explorer 6
Tools menu \ Internet Options \ General Tab \ In the Temporary Internet files select the settings button \ In the "Check for newer versions of stored pages" select "Every visit to the page" click ok and you are done.


Ian - 10.02.05 12:34 pm

cor/digitaldazz

nice to see you back cor, it gets lonely in cyberspace smiley for :D

i am working on getting a way with direct cable to programme 205 flash memory on 6 pin header inside all depends if i can get translation from chinese to english (fingers crossed).

can confirm that the bt firmware 1.6 is based on the vik. 2.1.041108a1tbc firmware that i have at the moment only crippled again, also i have a viking test utility that lets you upload and execute scripts so thought that we might be able to have that on site and a bunch of scripts for different things i.e stealthing common nat recipes etc so that if people don`t want to play with the cli they don`t have to.

Ian smiley for :cool:


claire - 10.02.05 3:08 pm

hi Ian,
your suggestion to use "modify nat global udp timeout 120" doesn't seem to want to be entered in my telnet!! all i get is invalid command....any suggestions? thanx



Ian - 10.02.05 3:19 pm

claire

sorry over zelous typing it should read:

modify nat global udptimeout 120

and to make sure it has done it you can type

get nat global

hope this helps

Ian smiley for :cool:


BoB - 10.02.05 6:51 pm

John's Menu probelem was the same as mine, It turned out to be the USB IP address. I use fixed IP's on the internal Lan and my first machine was 192.168.1.2. When I accessed the router on 192.168.1.1 I recived the Quick Start but had trouble getting any further, changed 1st machine to 192.168.1.9 and all is well!


BoB - 10.02.05 7:51 pm

John's Menu probelem was the same as mine, It turned out to be the USB IP address. I use fixed IP's on the internal Lan and my first machine was 192.168.1.2. When I accessed the router on 192.168.1.1 I recived the Quick Start but had trouble getting any further, changed 1st machine to 192.168.1.9 and all is well!


TMF - 10.02.05 9:58 pm

Hi, i need a command to open up prts etc all the other stuff needed for counter strike source and steam.....Any help?



trevor - 10.02.05 10:00 pm

how do i connect two computers to the voyager 205?
do i need to have two network cards in my pc?
I have just changed from ntl cable broadband to bt and need to connect both mine and my sons pc's together which i did through a router previously, but i don't seem to be able to connect the router to the 205 and make it work!!
I know it is probably basic stuff for most people but i just can't seem to sort it.
Please help.( preferably in words of one syllable )


anonymous - 11.02.05 11:21 am

Trevor, what you need to do is buy a Switching Hub (look earlier in the comments and there was a few reccommended from pc world)

Plug switch into the ADSL router, and plug both pc's into the switch.

and away you go :o)

Xander


Xander - 11.02.05 11:22 am

The switching hubs are only about 8-10 pound

Xander


cor - 11.02.05 1:20 pm


Jamin, I still don't fully understand your issue. via the ADSL? do you mean the internet? I can't conceptualise what's happening, are you some kind of sysadmin over a group of remote workers or something??

The router can't run cron jobs itself, as far as I know, but it would be a piece of cake to have a decent computer initiate an automated telnet session and do such things. The router has WAN side access, you know. You could access them from wherever you are. phoning folk asking them to reboot isn't just time-consuming, it's insanity!

anyways, my approach is STOP THEM FROM DISCONNECTING IN THE FIRST PLACE! The tweaks to do that (assuming they are all on ethernet, of course) is above, in the main article. If you mean something else, get back to me.

Custom scripts, right with you Ian! We could have "eMule user script" and "basic stealth", etc. good shit! yup.

TMF no comment!

trevor he's right! get yourself a switch. one NIC (network card) per machine, and two CAT-5 cables (three, including the one that came with your router), and plug them all in! That's it! See the static IP/recipes pages for more details of what to do once you have everything plugged in (it should work okay with just plugging them all in, but you'll likely want to do more.

for now..

;o) Cor



countzero - 11.02.05 4:18 pm

TMF get a new router, if you are with BT phone the technical support people and explain that you use steam on your connection and that you would like them to replace your router with a model compatible with steam, they know about the issue with the 205 router not working with steam, and as they no longer sell the 205 either they should send you another router. I have just reicieved a speedtouch 500 series 4 port router that works with steam after I complained.

Good luck


baker - 11.02.05 5:12 pm

please can you tell me how to forward the ports so i can use steam the ports that gotta be opened are
UDP 1200 (used for friends service)
UDP 27000 to 27015 inclusive
TCP 27020 to 27050 inclusive

???? thankyou


Drifterman - 11.02.05 5:21 pm

I need some help!
I know nothing about portforwarding bar what I've read on your pages, and I cant manage to forward anything. My connection is good but I cant get anything on any of the P2P porgrams since getting my voyager 205. I prefer winmx and although I've tried to copy and paste your rules in using telnet, I still get no joy; I get a connection to it but no search results at all. If I opt for secondary connection and 'no ports available', I'll get stacks of search results, but when I try to download my connection is always refused.
Any help would be greatly appreciated, it's driving me mad!




Ian - 11.02.05 7:23 pm

Cor

thought i would see if the shorting pin trick would work on a voyager with corrupt firmware so i uploaded a doctored firmware with random characters inserted with a hex editor ( not recommended) it booted but with diag ethernet and usb lights flashing it was screwed no response for ether port, time to open her up, took three attempts and got all leds to flash, used angry ip scanner there it was usual position with ping of 0ms one quick flash later all restored and working, moral of this story short of a component failure its hard to keep the 205 down.

Ian smiley for :cool:


cor - 11.02.05 7:49 pm

thanks for the heads-up countzero. question: did you get to keep your old 205? so steam is a game, huh? And it doesn't work with this router? hmm. Unlikely.

Anyways, baker, perhaps it won't work, but you could try the generic rules on the recipes page. Let us know how you get on with that. I'm toying with the idea of a php "rule calculator" where you could enter the ports you need and have rules created as if by magic. We'll see.

Drifterman, have you followed the recipes page to the letter? I mean stealthed the router, etc, etc. Did the rules enter without error? give us more info, and you'll get a better response.

for now..

;o) Cor

ps.. Nice one Ian! yeah, I like this router, regardless of what some folk say. It's a hardy wee beast! I'm thinking of pulling the steam trick so I can take this one offline to play with it!


John - 11.02.05 8:53 pm

I'm still stuck at first base, unable to access the advanced options. I have tried everyone's helpful suggestions, switched off firewalls, tried different IP address for the PC, I have even tried using Firefox rather than IE......Aaaaarrrrgghhhh!


cor - 11.02.05 9:08 pm

don't let it get you down, you don't need the web interface. at all.
use telnet.

;o) Cor


Digitaldazz - 11.02.05 10:14 pm

John ,

Just one more thing after you change the settings in IE try clearing the temporary internet files folder. And if you have a popup blocker disable it as well as any internet security or virus software.


Digitaldazz - 11.02.05 10:16 pm

John

PS keep clicking on the advance option link a few times


Ian - 11.02.05 10:22 pm

Cor
i believe steam =

http://www.steampowered.com/ :downloadable multigame site

Which ports must be open in order to use Steam?

Answer

The following ports must be open in your firewall and router for Steam and Steam Games to work:

UDP 1200 (used for friends service)
UDP 27000 to 27015 inclusive
TCP 27020 to 27050 inclusive

Computers running Dedicated Servers need these ports open:

UDP: 27015 and 27020 (default HLDS, SRCDS and HLTV port)
TCP: 27015 (SRCDS Rcon port)

If your server uses a different hostport then you will need to adjust the above accordingly.

For assistance with your Firewall you will need to go to the support site for your particular Firewall.

NOTE: Windows XP SP1 firewall does not require any specific configuration changes for Steam Clients to work, but for Source Dedicated Servers you must open TCP Port 27015 (or whichever port your server is using) for RCON to work!

hope this helps


Ian - 12.02.05 12:37 am

Cor trying to upload files but keeps timing out, the file is 9.44mb contains files as per my posts its caalled
posts files.zip


drifterman - 12.02.05 12:42 am

Cor:
thanks for the reply. I followed the recipe pages exactly, then tried it again to make sure after re-setting the router. I stealthed it, them put the rules in for winmx, they were accepted on the telnet page, saved them, then checked them on the 205 webpage using IE. When i open winmx it connect straight away and I get a green light. The windows firewall is switched off, my norton firewall is set to allow winmx a free reign.
If I disconnect my broadband connection and just go back to a dial-up, it works perfectly (only at 56k!), it always has.
I'm at the point of giving up now and resigning myself to just not file sharing. NB I've also tried with no succcess to do the same with i-mesh, shareeza, e-mule and soulseek, none of them will work. It seems it's just 'a bridge too far' for this lttle noobie!


cor - 12.02.05 4:58 am

Thanks Ian, uploading to the server is always a bit shakey, even using FTP! I've got three files between 1.5MB and 3.5MB in the upload folder. *sigh* Feel free to bang them in my inbox, my email account can take it, I think.

drifterman, very curious! I'd definitely try with Norton disabled altogether. If you've stealthed the router, it's not really needed anyhow. But it does seem to be outside your puter, hmmm, how are you connected to the router? By a direct CAT-5 link, or via a HUB or a switch maybe? Is there only one computer connected? Open a telnet session and leave it open for a day, do you get any strange error messages? (apart from usual "ATM VC Congested" stuff)

Run the port probe and note the exact result. If it's not "success!!!", tell us! Maybe fire up a torrent for this. BitTorrent is an excellent application for testing incoming connexions and bandwidth capabilities. When BT goes, it really goes.

Have you applied the max tcp connexions tweak? ..

modify nbsize maxipsess 512

If not, slam that in too, and keep us posted!

for now..

;o) Cor


cor - 12.02.05 5:05 am

Another thing, you may have spotted I threw up a troubleshooting page this afternoon. After some editing this evening, it's looking pretty good.

All comments and suggestions for additions welcomed!

;o) Cor


Scorpion2 - 12.02.05 2:29 pm

Hi there,

Please help - when I go to the address for reconfiguring the Voyager 205 (http://Voyager.home) ie this page..

I cant do ANYTHing - teh page seems to be constantly refreshing itself!!!! So you cant do anything!

Help.



John - 12.02.05 2:38 pm

Cleaned out the temp internet files, now working. Thanks for everyone's help.

Now to have a play....


barney - 12.02.05 5:01 pm

Great troubleshooting page only one
suggestion BIG LETTERS AT THE TOP
saying ETHERNET CONNECTIONS ONLY
for all the newbies like I was till
I came here.

best

barney




cor - 12.02.05 6:52 pm

Scorpion2, it's supposed to do that. just click one of the links!

smiley for :lol: Barney, yer right! But then, it would spoil the punchline when folks click the "My router keeps disconnecting all the time!" link. (hey, did you hover yer mouse over that link?) ..maybe if it gets critical!

;o) Cor


TFLnemesis - 12.02.05 10:47 pm

Hi,

Hoping you can help, i am running winxp SP2 and trying to forward ports for several games i play, the games are:

Star wars galactic battlegrounds, port(s) 6073, 2300-2400

Unreal tounrament 2004, port(s) 28900-28902, 7777-7788

I have used the generic rules from from your recipes page and altered them accordingly, the firewall rules have been added twice for each port/port range 1x tcp 1x udp for each.

All accepted with no errors, but no matter what i do grc or your own port probe show the ports as closed.

This is driving me nuts!!!

The windows xp firewall is OFF (cos its damned annoying apart from anything else) but no way no how can i get these ports open or can anyone connect to my game.

examples of the rules i have created :

create ipf rule entry ruleid 107 ifname public dir in act accept transprot eq udp destport range 2300 2400 seclevel high medium low

create ipf rule entry ruleid 107 ifname public dir in act accept transprot eq tcp destport range 2300 2400 seclevel high medium low

create nat rule entry ruleid 111 rdr lcladdrfrom 192.168.1.3 lcladdrto 192.168.1.3 destportfrom num 2300 destportto num 2400


please help me, i am fairly new to networking and understand its probably something i am doing wrong but a have checked this against the info you have provided, big thanks for that!!!, but am still getting nowhere.



TFLnemesis - 12.02.05 10:56 pm

oops sorry forgot to add that this system is connected via a switch to the router. I haven't tried usuing static ip addresses as this machine defaults to the primary address after the 2 used by the router (192.168.1.3)



TazNomad - 13.02.05 12:07 am

what is this telnet u all talk about how do I get it to open. Sorry for being a noob but only got my 205 today and trying to get edonkey working


cor - 13.02.05 3:20 am

TazNomad, I've added a nice big blue title to the Telnet section (above), so hopefully it's more noticible now. smiley for :ken:

I recommend clicking the link in that section (just above the image) which should automagically begin a telnet session with your router for you, assuming it's at its default address, and you're using a decent browser.

TFLnemesis, first I don't believe your rules entered without error. For a start, your second firewall rule has the same ID as the first, and wouldn't be accepted by the router.

Question, why not use a static address anyway (okay, that was more of a suggestion) Another suggestion; number the rules according to the port they are covering, makes life easier. Add 1 for the UDP variants.

Did you delete the default set of firewall rules and stealth the router as described above and on the stealth page? Without at least the first stealth rule, many net things won't work.

I wouldn't attempt to setup games and shit until you've had an AOK result from something more certain. Either fire up a torrent, or start a copy of the&plusmn;wire and set it to listen. The less unknown variables you have for testing, the better. Test that one port and keep testing it until it works.

Do you have any other firewall or firewall-like software on-board? You can even get the buggers in your BIOS, check everywhere! Also try removing the switch and testing again. Switches are good, but maybe yours is performing some firewalling. Try a direct physical link to the router. By the way, I've never come across a switch that does firewalling, but you never know. If it does, learn how to disable it!

Lastly, importantly, when you figure it out, LET US KNOW!

If you have more data, and want more text back, shoot! more detail is better, thanks for taking the time to include it.

for now..

;o) Cor


TMF - 13.02.05 3:51 am

Does anyone know a command to open up ports for coiunter strike and steam etc... i asked bt and the said they cant help


Ian - 13.02.05 5:22 am

Cor did you have a look through those files the ones on the sar130 cli manual 130 update give most of commands for cli and i noticed some of them have slightly different params to the sol 110 commands ?, the flash cable one is a cracker and the utilities should be fun to play with. working on the vik 2.1 041008a1tbc firmware at mo for uk settings so you`ll just be able to flash and go also i will produce different versions for the offical bt v1.6 and the viking pre stealthed with all extra rules removed, the reappeering rules i believe are controled by ssh scripts in the home directory i will look further in to this if so it should be just a matter of deleting script file content in these files then just producing a teimage download. will the telnet test utility be any good for using with script files for common port setup ie edonkey, bt, unreal tournament etc if so i`ll try and start producing some

Iansmiley for :cool:


barney - 13.02.05 11:48 am

Just hovered that'll do!!
best
barney


Drifterman - 13.02.05 12:36 pm

Cor:

The story continues...
So i've tried yet again making sure I Follow the recipes to the letter, still no joy. I'm connected via usb(dont have an ethernet port on my laptop), running ME, tried the max txp tweak and when I go to your port probe tool; I get results: "connection refused" or "connexion timed out (probably stealthed)" All the rules appear ok in the 205 page when I look for them(using telnet to copy them in from your pages)
The only thing that seems strange to me, and I haven't got a clue why it says it, the port probe tool identifies my address as something completely different to what I thought I was. Am I not correct in thinking that when I set up a static IP right at the start, that's what it should identify me as? (Currently 192.168.1.*) It show me as 81.155.134.*** is this the problem?


This whole problem started off when I was trying to set up my desktop PC. Because its got norton/XP/SP2 I thought they might be the issue (incidentally I couldn't get to the advanced options of the 205 page at all on that, even after trying all the tips on the comments pages), so i decided to try on my laptop.

It has no firewall at all so that's definately ruled out, having complained/asked for help from BT, they said it must be my router, so they sent me a new one. The new one does exactly the same as the old one, so I've now got one for each PC.(i always switch one off before using the other one - just incase that's relevant)

Anyway, enough! Thats the score at the mo, hope you point me in a direction that will sort me out. Many thanks for the help so far




Ian - 13.02.05 1:21 pm

drifterman

open a dos window in xp and type the command ipconfig and post the results here this will tell us the default gateway and the ip address of the laptop

Ian


Ian - 13.02.05 1:52 pm

Cor
i`m going to look in to the usb driver issus and see if i can get same functionality as ether port out of it there must be a way

Iansmiley for :cool:


Drifterman - 13.02.05 3:53 pm

Ian:

I'm on the laptop, using ME.
ipconfig reports:

0 ethernet adapter:
IP address......:192.168.1.3
subnet mask.....:255.255.255.0
def gateway.....:192.168.1.1

and

1 ethernet adapter:
ip address......:0.0.0.0
subnetmask......:0.0.0.0
def gateway.....:(empty-nothing at all)

Hope this means something to you, I'm completely lost now!
Thanks


Inspector Gadget - 13.02.05 3:55 pm

Hi Corz, I have been strugling to get things moving since BT dropped a 205 through my door with no software but with the help from these tomes have managed to get things going with emule blindingly fast downloading music, presently looking for OTS dj stuff, but I have a problem with the 205 command page , it wont let me open the security page anumore, i have reset the config today and re installed the rules but something is stopping that part opening up, i am using firefox, opera and IE in that order also all firewalls off PS go easy on me i'm over 50ish and have done serious pc damage in my time, gadget


ian - 13.02.05 7:39 pm

drifterman

in device manager under me what network adapters does it state you have as the first entry from ipconfig is the btv205 the second entry ???, have you set Intrusion Protection to disabled and ip filter to off?.

ian


ian - 13.02.05 7:45 pm

drifterman

if you want i can look at your current config go into web interface and backup config then send it via email to me @
ian_wallace_2000@yahoo.co.uk and i will load it on to my spare router to see if any thing is a miss, also which version of the firmware are you running 1.1 or 1.6 ?

Ian


drifterman - 13.02.05 9:08 pm

Ian:

Theres an e-mail for you

Thanks


Ian - 13.02.05 9:53 pm

drifterman

just setting up winmx and router now get back asap

Ian



cor - 13.02.05 10:40 pm

Ian, your hard work is much appreciated. I uploaded those utilities you sent me, now available from the public archives. I held off on the telnet test utility for now, it probably needs some documentation to be effective (and not frustrating), but the others are good to go as-is, superb stuff.

One thing, when you create the default configs, could you DISABLE DHCP. I think that's the cause of a few of the problems here. Good luck with the USB investigation, by the way, you'll need it!

I moved my own LAN from 192.168.0 addressing to 192.168.1 addressing today, which was way easier than I had anticipated. Mostly I use names as opposed to addresses, so my Putty shortcuts, for instance, still work, pointing to "router". Anyways, it means my own rules are more likely to match other folks, and vica-versa.

Drifterman, first your IP is fine. The 192.168.. IP is your internal IP, or "private", if you prefer. There are probably millions of computers all over the world, that share your IP, but they are all behind private gateways. The gateway (our router) is the one with the real IP, or "public" IP, and that's what the outside world, including my port probe, sees. That's the one you want to test, too. So far so good.

I recommend you backup your config (in the system pages) and mail it to me, I may spot something. Definitely consider getting a NIC for the computers, laptop included. And then a switch! (I should get a pile o cheap switches in and sell them here, could make a fortune!)

Howdy Inspector Gadget, this is unusual. Can you open the regular Advanced pages? Or is the whole advanced section off-limits? Check out the new troubleshooting page, and follow the steps in there, perhaps you missed one.

Lastly, I came across a nifty utility called NetSpeedo which keeps tabs on your router's activity, live! Current upload/download speeds, uptime, that sort of thing. It's not specifically for the Voyager 205, but any of the sar100/sar130/dm602 settings work just fine. Sadly windows only, but still cool nonetheless. Grab it from the Public archives, or from James' site.

Have fun!

;o) Cor


cor - 13.02.05 10:41 pm

ha! great minds think alike Ian! smiley for :lol:

I knew I should have refreshed the page before posting! Was it really that long? :/
Spot anything strange in the config, then?

;o) Cor



Inspector - 13.02.05 11:48 pm

Thanks for that, yes all the advance tabs work fine it just wont let me onto that page for the custom section to see the results...!! am still looking for any info, i thought it may be because I had USB and ethernet connected at the same time but appears to be working fine just wont let me in... bu**er!!


cor - 14.02.05 12:06 am

hmm.. that section opens in a pop-up.
you don't have a pop-up blocker running, do you?

;o) Cor


cor - 14.02.05 12:11 am

by the way, you can "get" the results in a telnet session. There's a wee note about this in the main article, the "get stats on stuff". Also, you might want to try the dm602 configger from the public archive, which provides useful info, too.

You might also want to try these direct links to the NAT rules and Firewall rules.
It's worth a shot.

;o) Cor


Ian - 14.02.05 4:25 am

cor/drifterman

after looking at driftermans config file and getting no where fast i decided to try and do it with my router in virgin state but connected by usb entered all rules no errors, tested ports response was stealthed or timed out. right time to start deleting rules and allowing all traffic through still the same response, i think that the usb driver is stepping in somewhere and blocking the ports as i notice after using sheilds up port probethe ipf filter rules where magically changed from off to high and the intrusion protection kicked in for about 10 minutes ??? a lot more investigating to do here.

Ian


Drifterman - 14.02.05 10:34 am

Cor/Ian

Thanks very much for your help so far fellas. You mentioned a NIC cor? What on earth is one of those? Although I'm trying to keep up, it's all a bit beyond my very limited knowledge!
In the meantime, thanks again




Drifterman - 14.02.05 10:39 am

Cor

Wasn't sure of your e-mail so couldn't send the config file. Let me know if you still want it.

Cheers


claire - 14.02.05 1:10 pm

Cor
Hey cor i need your help again!!! got probs with winmx....ie it wont stay connected. have opened up the relevant ports etc but it just keeps disconnecting! damn thing. Also not sure if it's normal or not but in emule it keeps disconnecting from thr servers like every 5 mins...i dont think i stay connected to any server for longer than that time. why did i ever let you talk me into believing i could do this!!! ha ha ha



TFLnemesis - 14.02.05 2:16 pm

Hi,

Me again :P , just to let you know that i have finally sorted out the port forwarding for my games.

I was right it was something i was doing wrong or should i say i wasn't opening ports that should be opened.

Unfortunately it seems that most game manufacturers sites do not show ALL the ports that need opening. I managed to find most of the ports i needed through this site: http://www.portforward.com/cports.htm

some very useful info especially for gamers. Although it doesn't show star wars galactic battlegrounds which is one of the games i was trying to sort out. the ports shown on lucasarts site are 2300-2400, 6073 tcp/udp but there is another port that needs opening which is 47624 tcp/udp not given by lucasarts.

Needless to say i am now a happy gamer!!!!!

on a side note, the rules i posted before were what i dragged from notepad and before using i would have amended the rule numbers..... also i used the wire to test things out as you suggested, it all worked but your port scan caused a stack overflow on it and it crashed every time i probed for it.

Thanks you so much cor for all this info it has saved me probably months of headaches and being a noob i probably would have given up before i got it sorted if not for all the info you provide!!!



Stephen - 14.02.05 9:13 pm

Hi how can i run a game server with the 205 router modem pls help thanks


PaulB - 14.02.05 9:39 pm

Hi Cor,
Well thanks to you I know why my 205 locks up with all leds on. BT know as well, and advised me to upgrade the firmware, which is now available on their site. I did that and now have a 205 with power, USB and ethernet leds on, and that is all it is now capable of. I tried flashing the pins as mentioned earlier, but no change, it's still a dodo. BT are going to send me a replacement, so I'll keep this next to my chair...it should keep me warm until spring!!
Thanks for an excellent web site with so many contributers..

PaulB


Ian - 14.02.05 10:28 pm

Paulb

how did you try flashing the 205 ethernet or usb? the trick with the two pins is timing you need to get it just right when u do the leds will flash you can try just leaving a motherboard jumper over pins2 and 3 and switching on and off a couple of times and holding reset button for fifteen secounds before trying again leave ether cable plugged in, flashing via usb is not recommended i did it and guess what one screwed router, if you cant get it to flash email me at my address further up postings and i will send you my address pop it in post and i will give it my all to bring her back from the dead.

regards ian


Ian - 14.02.05 10:41 pm

drifterman / cor

tryed today via usb connection to get winmx working properly get green connection search results dreadfully slow, downloading (forget it), so uninstalled usb driver connected via ethernet blinding searches 90-100k downloading? moral of this story you need a network card (Nic) for the laptop usually a pcmcia (creditcard) adapter.

PCWorld stock one

StarTech.com - UE1205CB - Network adapter - CardBus - EN, Fast EN - 10Base-T, 100Base-TX £ 11.86 (exc VAT) £ 13.94 (inc VAT)

http://www.pcwcomponentcentre.co.uk/invt/ue1205cb&bklist=page,1


Adrian - 15.02.05 1:51 am

Great stuff! i've got the green light on for torrents but i can only get port 6881 open 8( Thanks for your hard work m8.


Chris - 15.02.05 3:02 am

Hi,

I am a noob to routers but Ive been reading this website and posts and I think Im doing ok.

My internet connection keeps dropping and from what everyone says I should be using the ethernet cable, but as I use the 205 as a router my friend uses it Im stuck with the USB cable.

Is there anyway I can split the ethernet cable into two feeds, or even be able to run all internet traffic through my computer without having to leave it switched on.

I sent BT an email today asking them for a solution otherwise Im going with someone else, I doubt they'll have a decent answer though.

Cheers


Stephen - 15.02.05 3:50 am

ok i tryed that port probe and would like some hlpe on this as i get whats does that mean thanks

p2p port probed: 7000

result: connexion timed out. (probably stealthed)


cor - 15.02.05 5:03 am

Chris, Get a Switch! Damn, I love saying that! There's a note about switches in the troubleshooting guide, in the "Uplug the USB!" section, and a useful link above, amongst other places. Switches are good, they save headaches.

That'll be your next purchase drifterman, right after you get the ethernet adaptor. With the switch, you can share your net between both yer puters. I have made it my mission to have every british household equpiied with a switch, or two. My email address, by the way, you can get by clicking any of the smiles on most corz.org pages. mail-mashing courtesy of my cute mail-mashing script, available in the usual place.

Thanks for getting back to us TFLnemesis, so few gamers do, I'm curious, did Steam work? Anyways, I've added that port list to the useful links (above), it's probably the most comprehensive list I've seen. the&plusmn;wire regularly crashes on receiving foreign incoming connexions, one of its less interesting bugs, but a really good success indicator for router testing!

Adrian, glad it's working! did you use the standard recipe? The one with the range of ports? Also I recommend moving away from the 6881 range altogether. BitTorrent will happily use any port from 1024 - 65535. 49,000+ is good.

Talking of ports, Stephen, do you have a server running on that port? 7000, I mean. Check out the troubleshooting page (see menu at the top) and work through some stuff. Feel free to give more details of your setup, what you have done so far, and what you are trying to do, which game server, etc.

claire!!!, oh gal, what's happened? Is KAD still switched off? And the maxtcp sessions hack still enabled? erm, what else? rebooted lately? do that, if you haven't. Router and  Puter. My own connexion's been *unusual* of late, even since I upgraded with the new official BT firmware, in fact, but I suspect it may also be at BT's end. I know they're in the middle of some network upgrades (I'm about to get a free speedbump to 2MB) and those congestion errors are a continual presence in a telnet session. Having said that, I'm in a swarm right now doing 120kbs+ so torrents are definitely working!

I've started using my Linux box for all the p2p stuff, it seems to suffer a lot less from the sort of non-specific choking I used to experience when using the likes of WinMX and eDonkey together with the usual half-dozen torrents, on XP. That XP SP2 max TCP connexions hack (in the archives) doesn't seem to make much difference, either. You might want to look in your system logs (run "eventvwr.exe") for any unusual network error messages.

One more thing springs to mind claire. When you switched to ethernet, did you uninstall the USB drivers? With ethernet, you need NO BT SOFTWARE WHATSOEVER. At All! Uninstall!

PaulB, that upgrade is a downgrade! I used to get the odd lock-up when using (or rather just after using) communicator, but minutes after upgraded, it locked-up with no net activity at all! yikes! fingers-crossed, since I removed all the default BT rules and set it up stealth-style it's been fine, but I've given up on VoIP for a bit, the quality was crap, will re-install communicator after I get the 2MB upgrade, which might help, though upload bandwidth is really what I could be doing with more of. 2MB SDSL would be nice.

You know, I'm glad I set these comment pages to twenty comments, or else folks would slide right off the page before I even see 'em! It sure is getting to be a busy area, and mighty useful, too, not just for owners of voyager routers, but all rouers. The pages are evolving beautifully, and it's mostly thanks to all the excellent input and feedback you guys are dropping right here, thanks all. I'll try and keep up!

for now..

;o) Cor

ps.. Ian, watch out dude, before you know it you're gonna have routers in jiffy bags streaming in from all over the Isles! smiley for :lol: But I'll happily put an ad up for your "resuscitate my router" service, for a commission, of course...

Thanks for the USB info, yet another reason to avoid USB at all reasonalble costs.


claire - 15.02.05 1:58 pm

cor,
okay so...Kad not running. maxtcp session hack still on...in the event log i got all sorts going on! max tcp/ip has reached the security limit blah blah blah....got loads of that. also got loads of application hang errors?? means nothing to me!!!! As for the drivers..hmmmm i seem to recall you "telling" me to do it and me saying duh alot! also remember telling ya i'd get around to doing it in feb!!!!!! lmao. so whats the verdict doc???
xx


omer - 15.02.05 2:52 pm

I've experienced problems connecting to some websites, one of them is http://www.borland.com/ and it gives me page not found, but I successfully connect to the website at work... After some digging it turned out that BT has upgraded their DNS server and it's causing the problem, more info at
http://www.theregister.co.uk/2002/07/25/bind_9_upgrade_behind_bt
to solve the problem add acouple of good DNS servers to your router, the new IP address for b.root-servers.net. (192.228.79.201) worked fine for me:
create dns servaddr 192.228.79.201
commit


connor - 15.02.05 5:34 pm

damn usb connection. I am trying to diagnose the problem with the router connected via the usb cable. it loses its connection even though all leds remain green. when entering commands into the putty.exe telnet type program I can watch as the loss of connectivity flashes up as an error:
WARNING : PPP authorization failed : Interface - ppp-0
WARNING : PPP Interface down : Interface - ppp-0
MAJOR ALARM : PPP Failed to get IP address : Interface - ppp-0

Any ideas how to fix this save buying a network card?



barney - 15.02.05 5:44 pm

Connor your wasting your time if you read thru all
the info here you will see why??
Get a card for a tenner no more problems

best

barney


Stephen - 15.02.05 6:50 pm

well the ports i need open need tobe on tcp and udp which are

7000
7100
7200



ian - 15.02.05 10:07 pm

cor i think the resuscitate my router service should be customer pays postage both ways and has to make donation via paypal or something on here to help with bandwidth or extra space as at this rate you`ll be installing forum software and the like ;)


Ian - 15.02.05 10:30 pm

conner
when you use the usb connection the modem no longer takes its power via psu and can cause problems when plug in with other devices on the same contoller, i take it you have already input the ppp global timeout and ppp session keep live settings via telnet also in windows device manager untick the allow windows power down device to conserve power in windows. if you have to share the usb buswith other devices you should use a powered hub but if your going to pay out for one of them you might as well get a ether card

Iansmiley for :cool:


Chris - 15.02.05 10:47 pm

Thanks for that Cor.

Heard about switches but never knew what they did. Just ordered one so Ill let you know how I get on.

If BT get back to my email and they say anything interesting Ill post that on here too.

Cheers


Drifterman - 16.02.05 1:14 am

Ian/Cor

Thanks for all the info fellas, I'll get my switch along with an ethernet card (and my coat!) Your help over the last few days is much appreciated.
Take it easy


barney - 16.02.05 3:17 am

Hello All
Well the following weirdo things are happening to my set up and I know you will be able to help.
I suddenly have TWO internet connections my normal high speed ethernet connection and another that declares itself as an internet sharing connection?? or a gateway connection both on at the same time. I cannot delete or this connection (greyed out) all tests on the bt config manager pass.
I originally declared itself with the name of my router Globespan Vit etc then changed its name to aforementioned help would be appreciated as it would appear to be causing me boot problems as it is taking forever for my desktop to arrive and not all of my sys tray icons are loading.

best

barney


Jerry - 16.02.05 4:02 am

Good Morning to all,
I would like to ask you if there is a possibility to create a lan between 2 computers. The first one is connected via ethernet and has the 192.168.1.4 and the second one is connected to the USB port with IP 192.168.1.3. Can I create any kind of connection between them for internal file sharing?
Any help most appreciated.
Thank you,
Jerry


Ian - 16.02.05 5:27 am

Cor

uploaded the gs viking 2.1 maufactures release all i have done is export bt default config from v1.6 and imported it straight in to the vik image you should load it up and have a look at it it lists all the sub rules etc, need to work out a default config for vik 2.1 before general public release as not built in rules at all.


cor - 16.02.05 5:44 am

ow feck! I just lost my entire reply hitting ctrl-up in firefox thanks to the usually-amazingly-cute NextImage plug-in, somehow, your "back" history vanishes into thin air when you use it, I hadn't noticed before, using it for mostly for image browsing.

DAMN! I was at it an over an hour! I did an effin COMPLETE how-to on windows file sharing too F***********CK! okay, I'll try and recap, in a text editor, maybe.

l8rz..

;o) Cor


cor - 16.02.05 7:42 am

(some espresso later...)

okay, working backwards..

Jerry, Yes! You are both on the same subnet, so it should just work. Here's how..

Simply type the full UNC path of the remote share into the address bar of any explorer window. To connect to a share called "Documents" on a puter called "Laptop", you would type "\\Laptop\Documents" (no quotes) and hit enter. Tada! You can find the "computers name" in a tab of the System Properties, which I get to by hitting Win-Break.

For a more permanent arrangement, click the "Map Drive" button in your explorer toolbars (you may have to enable that first in Tools >> Folder Options) and enter the same UNC path as above. Then the share will mount automatically for you at login. Either way, you can access it from L:\, or whatever, and it acts just like a local volume, albeit a tad slower. I often forget where the real drives are on my network, so long as I can always get to work from G:\.

To share a folder, right-click it and chose "Sharing and Security", create the share. ensure the user(name) on the other machine has permission to access the share (and disable caching, always). It helps to keep your username consistent across the machines on your LAN. In other words, if you login to your laptop as "Jerry", you should also login to your desktop as "Jerry", same password. This saves you having to enter your password every time you access a remote resource. Let us know how you get on.

Barney, weirdness! My first thought was "Did you uninstall the old USB drivers?", but I'm guessing you did. Then I thought that maybe there's been some UPnP interaction between your peecee and the router, and for some reason (known only to the gnomes at Micro$oft) the peecee has decided to become the internet gateway.

Run "services.msc" and disable the Internet Connection Sharing/Internet Firewall whateveritscalled service, and everything else you don't need. For guidance, this is a good page. Whenever I load the services console I click Startup Type, then Status, it's completely unconscious, but the reordering makes it make more sense, try it, you'll see what I mean.

If, after the service stripping and a reboot, it's still not budging, go into your device manager "devmgmt.msc" and remove the ethernet interface alltogether. reboot and allow it to reinstall itself. Keep us posted!

Drifterman, Chris, I've said it before, and I never miss an opportunity to say it again.. Buying a switch CHANGED MY LIFE!. I'm serious. Cost me £20 back in the days when switches cost £40, and made so many "issues" just vanish! Have fun!

Stephen, that's just a wee list, you'll find it real easy to convert the generic rules on the recipes page, just alter the ports and IP's to suit your needs. All you need is a text editor, Notepad is fine.

conner, listen to Ian, he knows what he's talking about. omer, useful link dude, outsourcing their DNS server, huh. what next? fortunately, I keep those two plusnet servers (above) in my router at all times, I've never trusted the BT DNS servers, and usually attempt to bypass them whenever possible.

And claire oh claire!, I'll tell ye something, I've got a torrent queue going at all times on me linux box. If I fire up eDonkey, or Ares, or any of those on my peecee, I can use them fine, the speed dips a little on Azureus (Torrent client) but all is generally well.

But, if I startup WinMX and start searching or whatever, the whole lot dies. Torrents just cease, I'm scared to touch it! smiley for :lol: What I think is happening, is that WinMX opens a HUGE amount of simultaneous connexions, floods the router (protection is only enabled on the WAN side, heheh), and the only way I've been able to get it to behave with other apps is to pretty much turn everything to the minimum setting. I rarely use it anyway, just as well!.

Here's something you can try.. use the EvID Patch to set your peecee's max simultaneous connexions to 200, or even less. Reboot and try again. Consider discovering BitTorrent.

Well, that's pretty close to the original version, give or take. If I missed anything/one just drop more text here. I've forgiven the oh-it-is-wonderful NextImage plug-in, who's history retention behaviour is "undefined", but when you're zipping through whole directories (read, backdoors) of images with just ctrl-up/down, you don't care much for history. Just need a modifier for directories and it's browser nirvana!

While I'm here, I gotta say Firefox has really set my web browsing alight. The framework to basically build whatever browser you need, almost everything I've ever wanted a browser to do, Firefox does it, with the help of a gaggle of plug-ins, of course. I could literally go on all day about it, and it will no doubt, along with the excellent Thunderbird, become the subject of a long and enthusiastic blog.

Internet Explorer has officially lost the browser wars. w00h00! Moz has come home, at last. If you haven't tried Firefox yet, give it a go, in fact, give it a week. adios!


an image


for now..

;o) Cor

ps.. Ian, Shhhh! Don't mention "forum software". I'm already having nightmares about this! smiley for :lol:

Hey, I checked out the TEImage.bin (coverted it to a cfg with the "viking-011 default config extractor_inserter"). My first thought was, "how do you get the meat in there?", I mean the other 2MB. Is that all there is to the firmware? Simply run a cfg through the converter and bingo! ??? Would make creating custom firmwares a dooddle, if so. i.e.. backup cfg with Viking_Upgrade.exe then convert to TEImage.bin and voila! I'm missing something, right?



barney - 16.02.05 11:31 am

Hello Cor

Well its gone! for the moment I suspect it is some kind of
UPnP interaction as you pointed out why? I cleared the pre fetch folder manually and I now have normal service.
Hopefully it was something I uninstalled some time ago although I
do clear out the folder regularly I am watching it like a hawk from now.
Thanks for the prompt response.

best

barney

nb I cannot understand the message timings I know you have your own parliment now but a different time zone!!
barney


ICEMAN - 16.02.05 12:23 pm

hi, i got a voyager with my broadband package from bt.
i mainly use it to play xbox games online.
but when playing halo2 online i cannot play custom games with my friends who have voyager routers.
i have tried opening ports 88, 3074 and 58.
i have also tried turning off the firewall on windows.
whith this done i checked the nat setting on the xbox
this read as 1 - open so i should be able to play custom games with anyone, but still cant with anyone who has a voyager router.
i have tried searching and searching and cannot fix this.
xbox live and bt help have been unable to help
can you....


Adrian - 17.02.05 1:23 am

Green light 2 gig through the night :p


barney - 17.02.05 1:42 am

back again do not no what to do!!!
best
barney



Ian - 17.02.05 2:22 am

barney

run the network set up on xp and tell it you use a residential gateway windows should then correct the abnormal setting for you.

Cor

i thought you might find the following intersting it allows you to get to hidden pages in 205:

http://192.168.1.1/MainPage?id=##

## = page number as follows

1- Device Info
2- IP Address Configuration
3- Administration Password Configuration
4- Reset
5- IP Address Table
6- System View
7- IP Route Table
8- Dynamic Host Configuration Protocol (DHCP) Configuration
9- Network Address Translation (NAT) Configuration
10- Routing Information Protocol (RIP) Configuration
11- Alarm
12- Dynamic Host Configuration Protocol (DHCP) Server Configuration
13- Dynamic Host Configuration Protocol (DHCP) Relay Configuration
14- Network Address Translation (NAT) Rule Configuration
15- Network Address Translations (NAT)
16- Point to Point Protocol (PPP) Configuration
17- ATM VC Configuration
18- DSL Status
19- IP Filter Configuration
20- Intrusion Protection Configuration
21- RFC1483/Ethernet over ATM(EoA) Config
22- Bridge Configuration
23- IP over ATM (IPoA) Configuration
24- Domain Name Service (DNS) Configuration
25- Quick Configuration
26- Local Image Upgrade
27- Blocked Protocols - i like this one
28- Diagnostics
29- Port Settings - edit port settings for web server etc
30- Remote Image Upgrade
31- System Mode
32- Ethernet Config - set ethernet speed and duplex
33- (User Not Authorized)
34- System Log
35- Backup/Restore Config
36- Remote Image Upgrade (client side)
37- Remote Image Upgrade Progress Status
38- Management Control
39- Autodetect
40- Bridge Filter Configuration
41- WLAN Interface Configuration - not supported
42- WLAN Key Configuration - not supported
43- RADIUS Configuration - not supported
44- SNMP Configuration
45- 802.1X Configuration - not supported
46- Secure Shell Configuration - not supported
47- Dynamic Domain Name Service (DDNS) Configuration
48- Access Control
49- WLAN Filter List - its there but why ????
50- DSL View
51- System Time & Date

have fun..

p.s the viking-011.exe will allow you to import a commited.cfg into an image as the default.

i.e

1. web interface / backupconfig
2. take v1.6 teimage.bin use viking011 to import commited.cfg in to image
3. upload to 205

you know have a custom firmware with your default settings...

Iansmiley for :cool:


cor - 17.02.05 4:20 am

Good work Ian! That's the data we wanted! How the hell did you find that? no matter, superb! blocked protocols page is particularly interesting.

I'm still not certain about where teimage.bin comes into this neo-default creation. Is it merged some way with the new config, or does it only exist at the end, when we create it from the cfg file? I thought the latter.

take v1.6 teimage.bin use viking011 to import commited.cfg in to image" confuses me. How is the bin file used in the creation process? I thought that was the end result. Maybe if I just did it, it would all make more sense, but there's the torrent queue to consider...

I guess what I'm saying is, does a firmware upgrade consist of no more than a change in the command set, or is there some difference to the binary (non command) section of the firmware, too? And if so, where would viking-011.exe get that part when it creates the new bin file? I mean, is it hard-coded with a certain version of firmware that it appends to the given command set?

Anyways, your lovely list above makes my remarks about this man-it's-handy NextImage plug-in all the more pertinant; I can skim through all those pages using only ctrl-up/down. real neat! smiley for :D

Barney, definitely try the Network Setup Wizard, I'd forgotten all about that after a series of unfortunate incidents with the thing, but it's good for a one-off fix. If you find yourself using it repeatedly, though, consider a fresh XP install!

Sounds good Adrian, better get those gigs in before the 30GB/month limits take effect! GO! smiley for :lol:

ICEMAN, I think we need to approach this laterally.

It sounds to me like you have followed and understood the principles perfectly, and your setup is good. The trouble lies with the other gamers, and the first thing I suggest is that you email them the link to this page and let's get them sorted out!

I'm working on a couple of theories for gamers at the moment, would be good to get more feedback of positive results. If all goes to plan, we'll have "XBox ready" firmware available for download. Any info you can supply about what changes they may make, and whether they work, would be most appreciated.

for now..

;o) Cor


Ian - 17.02.05 5:01 am

Cor

the TEImage.bin as far as i understand it from chan is that it is made up of serveral different parts as follows:

boot1
boot2
boot3
boot4
boot5
boot6
boot7-zero-zone
boot8-boot-end
file structure pointer
MAC & Serilize
Zero-zone
FACT(528*32) ------ default config
Committed config(528*32) ------ current config
last config
config
backuip config
loader
filesystem.bin
tedsl.gsz
teappl.gsz

now what viking-011 does is take your config file and insert it into the teimage.bin file at the FACT (default config) position over writing the original default config ie you need the original bin file on your desktop etc so that it can be patched with config file of your choosing hope this makes sense.

Just for info.

the bits in teimage that get upgraded with new firmware version are loader,filesystem.bin(virtual filesystem, hag pages etc encrypted)
,tedsl.gsz,teappl.gsz and these are done throught tepatch.bin for patched upgrade or teimage.bin for firmware replacement.

chan is working on analysing the filesystem at the moment and then will be anaylsing the hag pages and led control routines so the future is looking rosey


cor - 17.02.05 5:07 am

hey! I just realised that MainPage?id=## link is the same as the two I posted a couple of days ago for, erm, someone! I have a few of them in my bookmarks. I hadn't considered running through all the possible numbers! Well done man!

I'll maybe construct a drop-down menu with a pop-up, or something, slam it on this very page, I'll do some grep-type string-replacing on your list, above, as a base. good shit! I'm grinning as I type!

okay, I'll pop in and out, no doubt, got a heap on...

;o) Cor


cowardly imposter - 17.02.05 5:12 am

aha, right, looking rosey indeed.

here's my query: you said, "ie you need the original bin file on your desktop", well I DON'T have it there! That's the point. You don't need to supply a bin file, only a wee script, and BANG! 2MB firmware image out of thin air!

So where is it getting it's bin data from? It doesn't query the router for it, and I never gave it a location, and the app itself is only 44k! So how does it do it?

;o) Cor


Ian - 17.02.05 5:12 am

Tell me about it over the next 4 days i`ve got to wire up an entire ethernet back bone in new office for a company moving in next week



cor - 17.02.05 5:13 am

oops! smiley for :lol:


Ian - 17.02.05 5:17 am

ms i.e 6 dosn`t like this comment system, if you leave a comment and then refresh to see whats new it reposts ????



Ian - 17.02.05 5:23 am

right off to bed got to figure out how to stop the 100mb pc network from slowing down the 1gb mac network when accessing the adsl connection, keep up the good work and i`ll catch you 2morow


Ian - 17.02.05 5:30 am

just tryed it with only specifing a text file and it threw a wobbler import error so how you did it ?????????


Stephen - 17.02.05 8:46 am

cor i tryed doing that but for some reason it wont allow them ports even when i put them in also on the probe on here always refuses all the ports till its sorted i gone on top the voyager 100 :( i never had these probs with dlink router


barney - 17.02.05 10:38 am

Hello All
It just got worse so heres the tale have run spyware app and anti-virus negative results. I have two connections to the internet as I said normal ethernet connection and what appears to be a piggyback of the normal connection calling itself the internet gateway showing the path as (my computer) thru a (computer and a globe) to a (globe) ie the internet when I disable the ethernet connection the other dies also.
Now for the rub I have installed a software firewall that automatically detects networks on my single user machine and it has detected 2! networks(1)169.254.0.0 with a subnet of 255.255.0.0 (2) 192.168.1.0 with a subnet of 255.255.255.0 it calls these networks local and allows NetBios on both. My ip is a static 192.168.1.4 and my system is stealthed as per all your hard work.
I have followed all help that both yourself and Ian have reccomended still the same hope the xtra info can help me find a solution.
Best

barney



Ian - 17.02.05 11:24 am

barney

what is your exact set up ie. computer motherboard 1/2 built in network cards,usb ports, firewire ports, bt voyager, extra switch, hub if so what make and model any software for pda extra(these set up their own network via usb)the more information the better

regards
Ian


barney - 17.02.05 11:47 am

Cheers Ian
Motherboard Name Soltek SL-85ERV(-L)/ERV2(-L)
Network Adapter Realtek RTL8139 Family PCI Fast Ethernet NIC
4usb ports two on the back two on the front nml usb
Firewire 1394 comes with Creative Audigy box and soundcard (I have disabled this as it was showing as connected)
Voyager 205 no PDA no switch Win xp pro
Need anymore just ask your help is appreciated

best

barney




Ian - 17.02.05 12:00 pm

barney

can you take a shapshot of the network connections screen and send it to me (print scrn button on keyboard,open paint paste then save), also under device manager what network devices are listed, send screenshot to Ian_wallace_2000@yahoo.co.uk

Ian


Ian - 17.02.05 7:38 pm

barney

i think this is the route of all your problems is the microsoft tv/video connection in network adapters details are as follows:

Adding a USB camera to Windows XP creates Local Area Connection 2
Article ID : 303302
Last Review : June 23, 2004
Revision : 1.0
This article was previously published under Q303302
On this page
SYMPTOMS
WORKAROUND
STATUS

SYMPTOMS
After you add a universal serial bus (USB) camera or a TV tuner card to a Microsoft Windows XP-based computer, a Local Area Connection 2 icon may be created in the View Network Connections section in My Network Places. The information that is displayed below this icon describes the connection as:
Microsoft TV/Video Connection
WORKAROUND
To work around this behavior, restart the computer. After you restart your computer, the Local Area Connection 2 icon does not appear.
STATUS
This behavior is by design.

-----------------------------------------------------------------

from what i have read else where it will do no harm just appears and disapears at will and annoys the pants off you, the reason it appears as av network address is for the streaming capability by any chance do you have usb camera, capture card, etc that has created this.

Ian



Ian - 17.02.05 8:34 pm

Cor

more page links coming soon, chan has given me the path i just need to enter different id`s to see whats there, hopefully later tonight

Iansmiley for :cool:



Ian - 17.02.05 11:28 pm

cor

finally got the wire set up btv205@no-ip.org


Ian - 18.02.05 12:58 am

Cor list as promised

http://192.168.1.1/PopOutPage?id=##


## = page number as follows

1- Error
2- The requested page is not found
3- System - Modify
4- IP Global Statistics
5- IP Route - Add
6- DHCP Server Pool - Add
7- DHCP Server Pool - Modify - ERROR
8- DHCP Server Pool - Detail - ERROR
9- DHCP Server Host - Modify - ERROR
10- DHCP Server Host - Detail - ERROR
11- DHCP Server Address Table
12- NAT Rule - Add
13- NAT Rule - Detail - ERROR
14- NAT Rule Statistics - ERROR
15- NAT Rule Global Statistics
16- RIP Global Statistics
17- Alarm Monitor
18- NAT TRANSLATION - Details - ERROR
19- PPP Interface - Add
20- PPP Interface - Modify - ERROR
21- PPP Interface - Detail - ERROR
22- ATM VC - Add
23- DSL Statistics
24- DSL Parameter
25- DSL Interval Statistics - ERROR
26- IP Filter Rule - Add
27- IP Filter Rule - Modify - ERROR
28- IP Filter Rule - Statistics - ERROR
29- IP Filter Rule - Detail - ERROR
30- IP Filter Session
31- Firewall Blacklisted Hosts
32- EOA Interface - Add
33- EOA Interface - Modify - ERROR
34- IPoA Interface - Add
35- IPoA Interface - Modify - ERROR
36- IPoA Interface - Map - ERROR
37- IPoA Interface - Global Map
38- ATM VC Interface - Modify - ERROR
39- User Config - Add
40- User Config - Modify - ERROR
41- Diagnostics - Ping - I really like this one
42- Diagnostics - Traceroute - AND this one
43- Firewall - Log
44- Management Control - IP Address
45- Bridge Filter Rule - Add
46- Bridge Filter Subrule - Add - ERROR
47- Bridge Filter Rule - Modify - ERROR
48- Bridge Filter Subrule - Modify - ERROR
49- Bridge Filter - Stats
50- Bridge Filter Rule - Stats - ERROR
51- WLAN Configuration - Add
52- WLAN Configuration - Detail - ERROR
53- WLAN Configuration - Modify - ERROR
54- WLAN Configuration - Statistics - ERROR
55- WLAN Keys - Add - ERROR
56- WLAN Keys - Modify - ERROR
57- Authentication Server Config - Add
58- Authentication Server Config - Modify
59- Authentication Server Statistics
60- Accounting Server Config - Add
61- Accounting Server Config - Modify
62- Accounting Server Statistics
63- RADIUS Global Statistics
64- SNMP Host - Add - ERROR
65- SNMP View Hosts
66- SNMP Global Statistics
67- 802.1X Intf - Add
68- 802.1X Intf - Modify
69- 802.1X Intf - Detail
70- 802.1X Supplicant - Add
71- 802.1X Supplicant - Modify
72- 802.1X Supplicant - Detail
73- 802.1X Supplicant Auth - Stats
74- 802.1X Supplicant Session - Stats
75- SSH Key File - Upload
76- Bridge Filter Rule - Detail - ERROR
77- Dynamic DNS Service - Add -direct access to this great
78- Dynamic DNS View Services
79- EoA Intf - Detail - ERROR
80- IPoA Intf - Detail - ERROR
81- IPF Filter Rules - Modify - Delete - Add


http://192.168.1.1/GenMainPage?id=##
-is used for Usage Control which can be enabled in CLI only.

## = page number as follows

1- Data User Login Page
2- Data User Session Management Page
3- Data User Connection-In-Use Page
4- Data User Maximum Connections Exceeded Page
5- Data User Diagnostics Page
6- Data User Maximum Users Exceeded Page
7- User Not Authorized Page
8- PPP Authentication Page
9- PPP Authentication in Progress Page

10- Quick Start
11- Advanced Diagnostics
12- Diagnostics


The command to do this is i believe is :-

modify usagectrl maxusers (number 1-8/nolimit) (enable/disable)

further details of this are in the 130cli.pdf and the 130extra2.1notes.pdf apparently in 2.1 they intraduced no limit where as before it was 8




Ian - 18.02.05 1:23 am

Cor

chan has sent me voyager v1.6 firmware which has had the reoccuring rules removed they are created via scripts but removing them disables the ability to limit wan lan access to the web interface ie the management control page is not available. so its better they are there


barney - 18.02.05 10:20 am

Hello Ian

Yes thats exactly the picture I get and I appreciate the
explanation Not worried now!! Strange thing is I do not
have a usb camera or capture card.
Is this connection indicative of the two networks I showed
or is that a different problem?
Thanks for all your help

best

barney


cor - 18.02.05 10:41 am

good stuff man, I have a few of these already bookmarked. Did you notice the wee tool I made for accessing the advanced pages (right above these comments)? I may add the most useful ones to it, too.

I don't think the max user stuff will be much use, with even two or three users running through it, the router's TCP connexions are maxed out! Some of the other screens are real handy, though.

As for the auto-rules, yes, it would do that, we'd would need to add at least the first stealth rule for it to be of any use.

My peecee is offline just now, but when it's running again, I'll try out the 110.exe again, removing all image files from the computer and attempting another magical cfg >> bin conversion!

for now..

;o) Cor


ian - 18.02.05 11:27 am

barney

problem 1:- the two networks

the network 169.254.0.0 with a subnet of 255.255.0.0 would have been greated by the firewire of the Creative Audigy box and soundcard its a sub network self contained to ease transfers between the box and the card - nothing to worry about it should be there.

problem 2:- Internet gateway

This annoyed the hell out of my until i realised that it is quite normal for windows to display this but only when there is no firewall running, it indicates that windows has found via upnp the voyager router (aka internet gateway), if you turn off all firewalls including windows own and restart the pc it will come back and stay where as if you have a firewall running and restart the pc it seems to appear for a short time before the firewall hides it. if you get the two little computers by the clock to show internet gateway connected you can stop this from happening by going into network connections and right click the internet gateway icon select properties a new window will appear at the bottom of this window is a tick box - show icon in notification area when connected - untick it.

don`t worry about it being in network connections its meant to be there

hope this helps

ian

p.s thanks for the invite for a gmail account, i`ve been after one for ages


Ian - 18.02.05 11:37 am

barney

your pc ----------voyager 205 (pc with globe)-------globe
ethernet--------------default gateway---------------internet
192.168.1.4-------------192.168.1.1------------ip assigned by bt


Ian - 18.02.05 12:15 pm

Cor

i have been looking at the vik 2.1 firmware as on mainpage id=20 it has max tcp connections (75),half open max tcp connections(25), and icmp max connections (25) that can be set. This option is missing from voyager but would be very useful to stop all those maxed out 205s i will investigate to see if the defaults can be altered from the cli

Iansmiley for :cool:


barney - 18.02.05 12:27 pm

Hello Ian
I changed software firewalls and had a period
where I had no software firewall and my (none!!)
troubles began. I now feel very comfortable
with your explanation thanks for taking the time
to help increase my knowledge
best
barney


Ian - 18.02.05 1:37 pm

Hi barney

Your very welcome, we try to help if we can

Ian :)


Ian - 18.02.05 8:43 pm

cor

i was on bt`s site last week http://www.voyager.bt.com/205/btbroadband/downloads/

and there was the following files

TEImage.bin dated 201204 version 1.4
TEImagev15.bin dated 120105 version 1.5
TEImagev16.bin dated 030205 version 1.6

but today when it went on only the following files were found

TEImage.bin dated 201204 version ??.??
TEImagev15.bin dated 180505 version 1.5

strangly enough the 1.5 version dated today is different from previous version but this is also the version that the bt communicator patch now points to.


Ian - 18.02.05 8:59 pm

cor sorry above should read

but today when i went on only the following files were found

TEImage.bin dated 180505 version ??.??
TEImagev15.bin dated 180505 version 1.5



cor - 18.02.05 10:06 pm

Interesting. I'm running the v1.6 firmware, and it's good, I've made a heap of (VoIP to landline/cellphone) calls with my puter today and it (the router) hasn't locked up once. I wonder why BT removed it? The upgrade page points to the v1.5 file. The two files available at BT are identical, both v1.5, so I guess there must have been some kind of issue with 1.6.

Dunno what it is though, like I say, Communicator works great now, and those torrents are flying down! So whatever it is, it's not effecting me. By the way v1.6 is still available in the corz.org public archive!

I'm glad the dual-network and gateway thing is cracked, barney, that was a strange one. None of my cams or scanners create network connexions for themselves, I knew there had to be some UPnP going on, I disable that on peecees, as a rule. I notice that with UPnP enabled on the router, Azureus on my Linux box creates router rules for itself, or rather, gets the router to do it. nifty. I wouldn't want my computer to be so obliging to outside instruction, however.

By the way, you really don't need a software firewall running on yer puter, not if the router is setup right. It's a hardware firewall (hardware firewalls are software as well, of course, you can't block ports with diodes! afaik.) For some, I guess it's useful for watching outgoing connexion attempts. What can I say? pay the software license fees folks! smiley for :lol:

Ian, I tried the 110 app and got your import error! I must have been under the influence of something when I tried it first. Looking inside the firmware itself I can see how easy it would be to merge new cfg files into it, there's a HUGE space for this, I reckon it should be a doddle, with these tools, to create custom firmwares, the question now is, which one to use?

While I'm here, I have a theory, about gamers. See, they come here, cuz their shit's not working, then they get it working, and then you never see them again because.. they're playing their game, whatever it is, and they are consumed!

Actually, more and more I see that now, this page has been real busy, and only a tiny fraction of the folks actually post here, most come and go in under an hour! The port probe, as well as being a cool wee tool, has allowed me to watch folk making their shit work, it's great! They start off stealth-stealth-stealth, and then after a wee read, some messing about, it's SUCCESS!! And off they go.

me too..

;o) Cor


Ian - 19.02.05 1:02 am

Cor

this is interesting

get fwl global

mostly the max single host conn, max half open tcp conn and the max icmp conn

and to change the values the command is

modify fwl global (attackprotect enable-disable)(dosprotect
enable-disable)(blistprotect enable-disable)(blistperiod
decvalue)(maxtcpconn decvalue)(maxicmpconn
decvalue)(maxsinglehostconn decvalue)(logdest
email-trace-both-none) (email1 emailid)(email2 emailid)(
email3 emailid) (minlogtime decvalue)

page 70 in the 130extra2.pdf i sent you

wondered if this would help with connects

Iansmiley for :cool:


cor - 19.02.05 3:22 am

I forgot to mention, deep within the firmware binary is a reference to IRVINE LAB, which I think is involved with virus research, bioterrorism, biothreats and stuff, so maybe that's like a built-in anti-virus, or something smiley for :lol:

Does Makila's configurateur shows these fwl stats I wonder? Would be handy. I haven't been able to get that app to work for ages, won't login, even before I upgraded the firmware, even running under Wine on Linux. I originally thought it was a font issue. weird. Anyway, here's those command instructions from the router itself, run through tag tools, and thrown inside some pre bbcode tags ..
modify fwl global ?
Parameter                         Description
---------                         -----------
[ blistprotect enable|disable ]    Blacklist protection status
[ attackprotect enable|disable ]   Attack protection status
[ dosprotect enable|disable ]      DOS protection status
[ blistperiod <decvalue> ]         Duration to blacklist an attacking host
[ maxtcpconn <decvalue> ]          % of max half open TCP connection
[ maxicmpconn <decvalue> ]         % of ICMP connection
[ maxsinglehostconn <decvalue> ]   % of connections from a single host
[ logdest email|trace|both|none ]  Destination type for firewall logs
[ emailid1 <emailid> ]             Email addr of firewall administrator1
[ emailid2 <emailid> ]             Email addr of firewall administrator2
[ emailid3 <emailid> ]             Email addr of firewall administrator3
[ minlogtime <decvalue> ]          Minimum time(min) after which log starts
The manual doesn't say much, but mine are currently set at 25/25/75, which is probably the default, and seems reasonable, I'm presuming the half-open and icmp are global settings. Perhaps the maxsinglehostconn could come down a wee, might help with WinMX, would need some longer testing, though, maybe one of our USB users..

I'll be back.

;o) Cor


Ian - 19.02.05 3:35 am

Cor you`ll be charging me rent soon for cybersitting smiley for :lol:


Ian - 19.02.05 4:56 am

cor

the 130cli.pdf i sent you has a little more info page 386 seems that they can have value between 0-100

Ian


barney - 19.02.05 11:02 am

Cor

Hate the Idea of anything leaving my comp without my knowledge and as I am learning about security from you guys nothing gets out alive!! and it also gets rid of pop ups and animation sh## makes my
surfing better.
Now heres a noob question or two what is ICMP, Raw Sockets, why do I need Netbios open for a start?

best
barney

nb need a gmail invite?



br1ndy - 19.02.05 6:39 pm

Cant Set Up A LAN with router! Works with net on my pc via usb. Cant connect to other pc. Wen i go to repaid connex on the other pc it says: Repair failed: Unable to renew ip address. Help Plz desperate lol.


cor - 19.02.05 8:53 pm

I follow ya Barney, gotta watch for those pesky phone-homers. gmail, sure! does it have decent pop acccess? smtp? I got all my accounts running from one mailbox set in thunderbird, so yeah, it's easy to add more of the buggers! They're always handy. I wonder if my favourite name@ is still available? hmm..

Ian, rather than a peppercorn rental, I'm offering you a ppp rental, every time you figure out someone's ppproblem, you can stay for another month! smiley for :lol:

br1ndy , you gotta run through the articles, setup a static IP address on your computer, stealth the router, etc. Be methodical, and if you are still having troubles, hit the troubleshooter page! And if you're still having troubles, tell us exactly what troubles you are having, with as much information as you can muster, and I promise we'll do all we can to sort it out for ya!

for now..

;o) Cor



TFLnemesis - 19.02.05 10:19 pm

tut tut, not ALL gamers sort their stuff out and are never heard from again!!!! I still come on here and lurk at least once a day just in case i can pick up any info that might be useful to me in the future. If i can provide you guys with any gaming info please feel free to shout up and i will see what i can find out.



barney - 19.02.05 10:58 pm

cor

what email addy for gmail?
Send to my addy and I,ll invite

best
barney



anonymous - 20.02.05 12:51 pm

I am providing support for my sister-in-law in the UK (I'm in Japan), and would like to be able to remotely manage the Voyager.

All information I have found so far says that I have to be on the same subnet. Anyway to get around this?

- eh


Wayne - 20.02.05 4:42 pm

I have Zonealarm installed seperate from my Bt voyayger 205 ADSL Router, But do i need firewall Software


cor - 20.02.05 5:07 pm

briefly..

TFLnemesis, you are the exception dude! But really it's more PS2-ers and XBox users I'd like to hear back from, i.e, did the suggestions for games consoles work? or not? But if you want to send me setups for any games you play, they will be used!

Anonymous/eh, yeah, it's easy to configure the unit from afar, the "same subnet" stuff is just for LAN-side access. On the WAN side (internet), you can connect from anywhere.

Remember to set a good user/password combo, then simply load her IP in your browser or telnet client. I've configured a couple of 205's this way, and lots of people unwittingly have their router's set to allow *anyone* to configure them from over the web, default user/pass and all! crazy people.

Wayne, it doesn't hurt to run a firewall on your computer, but like I said above, really it's just for watching outgoing connexion attempts (some firewalls provide other security features too, like javascript protection, pop-up blocking, etc, which you may use). Once setup correctly (see the stealth page) the router will protect you from incoming connexion attempts.

l8rz..

;o) Cor

ps.. thanks barney, will do that.


sc0jack - 20.02.05 7:35 pm

Hi guys!

Read the whole thread - superb work! Especially looking forward to the outcome of this pre-prepared uncrippled firmware cor and ian are working on. Nice one guys!

Speaking as a firewall/router engineer and a SLIGHTED gamer (lol), I figured it was time to contribute to this in some small way. If you're having problems with STEAM or any other game or console that has a server browser, try reducing your UDP NAT timeout to something really small like 3-6 seconds. The reason the router throws a wobbly when you try to ping 10,000 servers is exactly that - there aren't 10,000 spaces in the routers NAT table. If you set the timeout to something quite low, the table will empty as fast as it fills up and you won't overload the table.

Might be a similar thing happening with the stateful inspection in the firewall code too, but I haven't investigated that.

modify nat global udptimeout 6
commit

Hope this helps!

sc0.



Digitaldazz - 20.02.05 10:58 pm


Hi Cor,

Been running with the 100+ firmware for a few weeks now,
but have noticed that when Zonealarm is running it picks up the following and blocks it.

Any ideas why?

Description Packet sent from 192.168.1.1 (NetBIOS Name) to 192.168.1.4 (NetBIOS Name) was blocked
Rating High
Date / Time 2005/02/20 18:20:38-0:00 GMT
Type Firewall
Protocol UDP
Program
Source IP 192.168.1.1:137
Destination IP 192.168.1.4:137
Direction Incoming
Action Taken Blocked
Count 4
Source DNS
Destination DNS ######

got your standard rules in for bit/t and emule.
and all the security is enabled.

Cheers!



Ian - 21.02.05 12:18 am

Digitaldazz

this might be why zone alarm is picking up on this

UDP Port 137
Common Use
Netbios Name Service is typically how Windows computers find out information concerning the networking features offered by a computer, such as System Name, File Shares, etc.

Inbound Scan
Inbound scans can be the result of everything from a harmless Reverse DNS lookup to a malicious scan for the availability of open shares to exploit. Currently most inbound scans are the result of a number of worms such as BugBear and Opaserv which exploit open file shares to propagate.



i now have a copy of 2.1 viking manufac release firmware that i can set up for bt settings, Its like rta100+ but with no crippled options at all, you get management control (disable web interface access from wan) back etc, only lights are screwed you get power=power usb=Dsl
ethernet=dsl act. All you would have to do is back up your current config upload firmware and upload config and you`ll be back up and running.

Iansmiley for :cool:


Cor

sorry haven`t been about last few days, bloody ethernet backbone and then they want the phone system wired for digital with cat5e so hopfully finish tomorrow and catch up on whats been going on here

l8tr

Iansmiley for :cool:




psycho - 21.02.05 1:32 am

Ive been aving probs trying to set up an ftp using bullitftp, the thing is no 1 can connect to me from the out side it works perfectly on a network but not over the net. Ive gone through this and unfortunaly i still dont have a clue so could sum1 please please help me thank you!!



Stephen - 21.02.05 11:33 pm

i been trying to run a game server with this router but still had no look i forwarded the ports which are 3000, 7000, 7100. 7200 but still even on the port probe on this site they seem blocked i even added the ports in the firewall still dont work anyone :( anyone have any idea on how to fix this.


Ian - 22.02.05 1:08 am

barney

ICMP

Short for Internet Control Message Protocol, an extension to the Internet Protocol (IP) defined by RFC 792. ICMP supports packets containing error, control, and informational messages. The PING command, for example, uses ICMP to test an Internet connection.

RAW SOCKETS

A very small number of Windows applications make use of raw IP sockets, which provide an industry-standard way for applications to create TCP/IP packets with fewer integrity and security checks by the TCP/IP stack. The Windows implementation of TCP/IP still supports receiving traffic on raw IP sockets. However, the ability to send traffic over raw sockets has been restricted in two ways:

1. TCP data cannot be sent over raw sockets.
2. UDP datagrams with invalid source addresses cannot be sent over raw sockets. The IP source address for any outgoing UDP datagram must exist on a network interface or the datagram is dropped.

Netbios

Short for Network Basic Input Output System, a application program interface that augments the DOS BIOS by adding special functions for local-area networks (LANs). Almost all Windows-based LANs for PCs are based on the NetBIOS. Some LAN manufacturers have even extended it, adding additional network capabilities. (basically it controls low level network functions)

hope this explains it a little

Iansmiley for :cool:



anonymous - 22.02.05 2:19 am

lmikm


cor - 22.02.05 5:06 pm

Hey, no worries Ian, I've been away myself. thanks for filling in Barney on the port stuff, I'm working on a "really really basic networking guide" that will cover these sorts of things, but in the meantime my answer was going to be jfgi!, but then I realised that a) he's such a nice guy that it wouldn't have been fair, and b) I was probably just in a mood, which is why I just left it, for now.

By the way, grc has an application that can disable raw sockets altogether, if anyone is interested. SocketLock, I think it's called.

Thanks for the comments and tips sc0jack, I'm glad my brilliant plan to draw gamers out of the woodwork is coming to fruition!

Digitaldazz, isn't the router inside your "trusted zone"? All data should pass freely inside the trusted zone, so why is it blocking communications from the router?

psycho, remember you need port 20 and 21 for regular FTP communications, and if you are using "passive" connexions, you'll need to define a range of ports for that, too, and then open them.

Stephen, most likely, there's another firewall running somewhere. Run through the troubleshooting page, especially the webserver troubleshooter. Also, it's probable that this isn't the complete range of ports, apparently many games makers don't list all the ports that their games actually use, which seems crazy, to say the least. Check the link in the useful links section to see if there's any you've missed. Sounds more like a firewalling issue, though. You've stealthed the router, disabled the XP firewall, etc, yeah?

And what does lmikm mean? Is that some coded message? A compliment? A question? smiley for :blank:

for now..

;o) Cor


barney - 22.02.05 7:29 pm

jfgi what does that mean!! got the picture thanks for the heads up keep up the good work

best

barney


Ian - 22.02.05 9:07 pm

barney

click on jfgi! (its a hyperlink) and all will become clear


digitaldazz - 22.02.05 9:26 pm

cor,

no its not in my trusted zone, and its not going in till i can find out why its picking up these alerts?

any ideas, is it just a flaw with zone alarm or is something getting through?


m0rt - 22.02.05 9:32 pm

Hi

Thanks for your email back...already stealthed and so on the router. Of course im using Ethernet.....would an OSX/linux user use anything else?? :o)

Anyhow - this is the symptom - verrrrrrrryyyyy slow web browsing.

Downlaod speed is fine, as several tests, including BT's own speedtest, indicate.

However, if i reboot my cube, then run traceroute on google it is fine for 1, 2, 3..uh oh...by the 3rd time i start getting lost packets, and the ping time is around 2 - 3 seconds on each hop. If i ping google, 2 - 3 seconds, but this is only after several attempts after a reboot.
This is annoying in a very major way...

Any ideas?

Ben

PS - if I run the advanced (!sic) diadnostics on the router, it ALWAYS fails on the primary DNS server ping. Also I have to use an IP address if i want to ping from the router to google, it will NEVER resolve.....


Drifterman - 23.02.05 1:17 am

I've just downloaded your 'wire' program, but i haven't a clue how to get it up and running. I was kinda hoping it would have a setup file within, it hasn't. I got ver 0.9b, now also got 'stuff it' to unpack it, and I'm stuck.
Any clues fellas?

Cheers


Ian - 23.02.05 2:18 am

digitaldazz

i don`t know if this will help extract from zonealarm 5.5 manual
and also reading their web site it seems zone alarm has problems with network traffic unless set just right.

Firewall alerts/Protected

Firewall alerts are the most common type of informational alert. Firewall alerts inform you that the Zone Labs security software firewall has blocked traffic based on port and protocol restrictions or other firewall rules.

Why these alerts occur

Firewall alerts with a red band at the top indicate high-rated alerts. High-rated alerts often occur as a result of hacker activity. Firewall alerts with an orange band at the top indicate medium-rated alerts. Medium rated alerts are likely the result of harmless network traffic, for example, if your ISP is
using ping to verify that you’re still connected. However, they also can be caused by a hacker trying to find unprotected ports on your computer.
What you should do
If you’re on a home or business network, and your Trusted Zone security is set to High, normal LAN traffic such as NetBIOS broadcasts may generate firewall alerts. Try lowering Trusted Zone security to Med.
By default, Zone Labs security software only displays high-rated firewall alerts. If your defaults have been changed, you may see a lot of medium-rated alerts. Try setting your alert display settings to medium.
If you a receiving a large number of firewall alerts, and you are working on a home network or business LAN, it is possible that normal network communications are being
blocked. If this is happening, you can eliminate the alerts by placing your network in the
Trusted Zone.


How to see fewer of these alerts
Repeated alerts may indicate that a resource you want to trust is trying repeatedly to contact you. If you are receiving a lot of firewall alerts, but you don’t suspect you’re under attack, try the following troubleshooting steps:

􀂄 Determine if the source of the alerts should be trusted.

􀂃 Submit repeated alerts to AlertAdvisor to determine the source IP address that caused the alerts.

􀂃 If the alerts were caused by a source you want to trust, add it to the Trusted Zone.

􀂄 Determine if your Internet Service Provider is sending you “heartbeat” messages.

􀂃 Try the procedures suggested for managing ISP heartbeat. See “Allowing ISP Heartbeat messages,” on page 231.


cor - 23.02.05 12:47 pm

So, in conclusion, digitaldazz, the problem is not with the incoming network traffic, but with your firewall settings. This traffic is normal and expected within the safe confines of your LAN, it's what makes the whole thing work as we expect.

A port probe from an "outside" IP (NOT 192.168.1.something) is a different matter altogether, of course, but with the router correctly setup, you won't get those, except on ports you specifically allow, to servers you are purposefully running. 192.168.1.1 is your router! and it wants to be friends with yer puter!

m0rt, it certainly sounds like you are having DNS troubles, most likely the BT nameservers plugged into your 205's brain are wonky. First thing to do is reconnect to BT. This will reset the DNS server entries on the router. There was a period when BT's DNS wonked out not so long ago.

Perhaps the servers you have been assigned are still wonky. To be certain of this, enable DNS polling (in a telnet session) ..

modify dns relay cfg pollstatus enable pollinterval 6

and leave the session open for at least 6 minutes and watch for any errors that might pop up, report them back here, too.

You can set your own DNS servers, too. see above, in the main article for two good ones, and how to insert them. I imagined that the router used these only when its own presets failed, but it seems they do in fact over-ride the in-built servers, so you might just want to try this first and see! It may take a router-reboot (commit first) to take effect. Incidentaly, I recently beefed-up these entries, make sure you have the latest versions! (above)

If that doesn't (didn't) work, check again through all your TCP settings. On OS X they are pretty simple, but wee things, like an incorrect subnet mask, can really mess things up. Of course ensure your Mac's DNS server is set to 192.168.1.1 (!)

Ensure you have a good static IP, at least 192.168.1.3, and outside the DHCP range of the router, better still, disable DHCP altogether. Unless someone knows what they are doing, it's usually best to use one or the other, either static IP's or DHCP-assigned.

k, fer now..

;o) Cor

ps.. Drifterman, feel free to email me about that. it'll get (even more) confused in here if we start takling the±wire! It needs no setup, btw, just run it, and rtfm! I'll get around to a real "how-to" page one day, maybe even add a comments section (which takes about 2.4 seconds to do, but hey!)


lee - 23.02.05 2:40 pm

hi i have just got this bt voyager 205 and i cant play online games(football). my mates said that the ports have to be changed so it lets me play these. i cant host a game or be a client. can you let me no how to sort it please thanks

lee



Stephen - 23.02.05 4:31 pm

Cor the only other firewall i have running is xp firewall which the ports i have added in to that as like what i said atm i have to use the voyager 100 which is fine for the short time but would really like to use the 205 router instead


cor - 23.02.05 4:51 pm

lee, it's real easy, to open a port, simply drill a small hole in the rear of the router, if you need a range of ports, just drill a bigger hole. You can get dozens of ports into a really small space, say 5mm. For more precice instructions, check out the recipes, stealth and troubleshooter pages (links right at the top of this very page, which is also worth a read).

Stephen, switch off the XP firewall and test. If it works, use a different firewall (if your router is stealthed, as per instructions on stealth page, you don't really need a firewall on your computer) If not, try stealthing and unstealthing the router and test again. Delete your rules and check them, and put them in again. run through the troubleshooter.

If you haven't already, read through all the comments here.

Give us some more precise details for better answers, exact errors you are getting, what games, exact network setup, apps that DO work (p2p, for example), etc, etc, put it all in one post, once they scroll off the page they are pretty much outta here!

gotta shoot, ignore typos

;o) Cor


anonymous - 23.02.05 6:59 pm

i have xp home edition .i have recieved my btvoyager 205 router. ihave tried to install the routerand everything goes o.k untill it comes to the launch and it just won't connect.I,v tried contacting bt tech services but they are at a loss saying it's a firewall issue. Iv checked to make sure that the firewall is unchecked which it is so i,m at a loss why i can't get connected . I,v tried rebooting windows xp to give me the best possible chance but ot no avail .need help.


cor - 24.02.05 1:17 am

anonymous (pleeeze use a nickname next time) Firstly you need to connect via ethernet, not USB, as described in almost all the pages here. But first you need to read these fine pages, and work through the advice given; a fair bit of work, not only mine, went into it.

If, after all that, you still have an issue, drop back in here, but remember, phrases like "...it comes to the launch and it just won't connect" are meaningless. Connect what? Your browser to the web interface? Your router to the internet? What?

Be as full and specific as you can, give loads of info, copy-paste exact error messages, etc. Add any details you think might be relevant, letting us know exactly where you're sticking, and we'll definitely be able to help.

Your answer is probably in the main pages, though.

;o) Cor


claire - 24.02.05 3:35 pm

cor,
mail me as i deleted ur address by mistake.....duh!


charles - 24.02.05 4:14 pm

Cor:- Thanks for your advice, you have ot excuse me for not giving accurate information. After connecting the router to a single computer and making sure we follow the exact instructions we cannot launch onto the internet .It is my brother-in-laws computer and for the past week we have tried alsorts to connect to the internet.His computer is only 18mths old and he has windows xp home installed when he purchased it .Last night we tried again using Ethernet instead of usb.We again followed the instructions from the c.d.that he got with his btpack,it again would not launch onto the internet.We have checked the status and it seems to be saying that the ip address is wrong . Also we can not find anywhere where it is saying btvoyager 205 has been installed . lt comes up with some other make.We need help.Tech services havn't a clue they say it is a firewall issue. We checked that and the firewall is unticked so that must be wrong.It's baffeling ,probably abit like this comment . Thanks for trying.


Wayne - 24.02.05 4:39 pm

I'm trying to connect to work using CheckPoint SecureClient VPN.
Does the Voyager support VPN-Passthru, or have I just missed some configuration option

Thx


Wayne - 24.02.05 4:56 pm

Please ignore my posting - after having read through all the other posts, I now know its possible.

Ta


barney - 24.02.05 6:24 pm

Charles

If you are connected via ethernet uninstall any BT Software you have installed like USB drivers etc.
Switch off your router and reset it by pushing a paperclip into the hole on the back of the router hold it there for about 10secs make sure you are making a connection with the reset button then restart your comp then the router immediately you should see power diag dsl and ether lights come on in that order.
If not you have a dodgy router.
Give it a try
barney


CHARLES - 24.02.05 7:12 pm

barney ,does that mean we delete everything, that the c.d.install disk put on , and when the computer has wipe off all the exsisting funtions associated with btvoyager205,do we then reinstall from the disk that they sent us this time using the ethernet connection.To be honest we are as you can imagine pretty fed up.So much for the 20min connection time they set at the beginning ,in our case more like 168hrs and counting . Thanks


barney - 24.02.05 8:23 pm

Charles just take out the usb drivers to start and then do the rest
good luck

barney


ian - 24.02.05 11:55 pm

Cor

i found an easy way to open all ports, i tookthe top case off now my routers wide open smiley for :lol:


charles - 25.02.05 1:52 am

barney.Did what you said and got rid of the drivers.reset the router and reconnected the ethernet.I believe we are a step closer but we still cannot connect to the internet .Do you know what our ip address should be just in case that is causing us a problem.lt must be easier than this . Thanks


cor - 25.02.05 4:52 am

firstly, I got 2MB! w00h00! I noticed in my telnet session (there's always a stack of ssh/telnet/log tails/etc open on my linux box) that my PPP went down for a minute earlier on (I was out) and when I checked the router, TADA! Free upgrade. Damn! It flies! Upload speed still sucks big eggs, though. Anyways...

Good trick Ian! here's another, to forward ALL ports to a specific machine, all your do is draw a thick arrow symbol on the top of the unit (tippex is good, or a marker pen), pointing to the machine you want to route the ports to! If you move the computer in the future, just swing the router round a wee bit smiley for :lol:

*ahem* where was I? r8..

claire, OMFG!! How DARE YOU! smiley for :eek: My address, by the way, can be had by clicking my smiley/name at the bottom of any corz.org article, well, most of them.

barney, yikes! I was going to mail you, but I don't have your email address, do I? I thought you left it in your first comment here, but I can't find it, goan mail me something so I can reply!

charles, barney's right again, remove ALL traces of BT software from your machine, USB drivers, Browser branding (grrr), etc, etc, and restart the (com)puter. I didn't even take the CD out of its envelope (in truth, it was weeks later before I realised there was a CD there) when I got the router I just plugged it and I was off!

Importantly, don't follow any instructions from either BT literature, or BT staff! It just causes headaches and wastes time. A static IP is best for your private computers. Run through the static IP page and ensure the puter is on the same subnet, router DHCP is disabled, etc.

If you still have troubles after all that, feel free to throw in heaps of information, screenshots of network dialog, etc. We will fix it!

okay, I'm off to queue up some super-fast downloads. I just gotta see a file coming down at 240kb/s smiley for :cool:

for now..

;o) Cor


barney - 25.02.05 11:02 am

I cannot find your email address so heres mine again
send and I will invite


barney - 25.02.05 11:10 am

Sent invite found your address!!
best
barney
smiley for :D


Rob Tudor - 25.02.05 11:32 am

I have a voyager 205 router and I need to connect this to a BT Wireless Network 1250 Router. My DSL line is connected to the 205 which is fine but I need to somehow have a line (Ethernet/USB) from the 205 to my 1250 router. Don't ask why I've got it do this setup this was. It is a long story. Is it possible? How is it done?


cor - 25.02.05 12:13 pm

cheers barney, that's a handy service! the smtp, in particular, is excellent, and accepts outgoing mail from all my accounts. SSL POP access is real nice, too. nice one!

Rob, just connect them up! A standard ethernet cable will do the trick (I presume; I know nothing about the 1250, hmm)

(a google later...)

Why don't you use only the 1250? It's a DSL modem and a router, too. Just plug that thing into an ethernet switch, and bob's yer uncle! Then you can send your spare voyager 205 to me! for experiments...

;o) Cor


Rob - 25.02.05 12:30 pm

Hi Cor,

The problem I have is that I have no ADSL line plugged into the 1250 and it doesn't see an ethernet connection when I plug in the 205! I don't know why. The reason why I need to have both is because the 205 is supplied to me with a protected user name a password from my company which I don't have access to. I want to connect my desktop (via the ethernet with protected firewall) and another desktop via a wireless so I need the wireless of the 1250 but I want to use the connection via the 205. Any ideas?

smiley for :D


cor - 25.02.05 2:13 pm

Rob, I'd try..

Internet >> 205 >> ethernet switch >> everything else (including the 1250)

I don't think this will be possible without a switch, do you have one? If not, see the link in the "useful links" section above the comments.

As for the password, OF COURSE you have access to it! Just reset the bugger! "oops! dunno what happened boss!", etc. poke something sharp into that wee hole in the back. TADA! username: admin password: admin.

Anyway, you still don't need the 205, the 1250 and a switch would cover all your needs, won't it? in fact, the 1250 on ot's own should cover your needs, I don't understand, why not just plug the ADSL straight into the 1250?

;o) Cor


ian - 26.02.05 12:32 am

Rob

use tftp client to download the teimage.bin file from the 205 send it to me at ian_wallace_2000@yahoo.co.uk i will load it into a hex editor and retrieve the username and password for you


justin - 26.02.05 1:22 am

following to the letter your cool instructions i seem to have lost the ability to send email do i need to set up a rule for that?


justin - 26.02.05 1:22 am

following to the letter your cool instructions i seem to have lost the ability to send email do i need to set up a rule for that?


Ian - 26.02.05 2:06 am

Barney

i`ll look at those attachments probably on monday as wifes company in middle of move to new offices and its a bloody nightmare, got to set up print servers file servers etc so this weekend has gone, i `ll get back to you asap

Iansmiley for :cool:


barney - 26.02.05 2:45 am

Have a good weekend Ian?

best
barney



CHARLES - 26.02.05 2:54 am

TO COR AND BARNEY. THANKS FOR YOUR HELP.UNFORTUNATLEY FOR SOME REASON WE BELIEVE THAT THERE MUST BE SOMTHING AMISS TO DO WITH WINDOWS XP HOME EDITION AND NOT THE ROUTER.WE HAVE CONNECTED THE ROUTER TO THE COMPUTER USING ETHERNET AND THE ICON OF TWO COMPUTERS BLINKS AWAY MERRILY AT THE BOTTOM OF THE SCROLL BAR.WE HAVE CHECKED THE STATUS AND IT SAYS CONNECTED MEANING TO THE INTERNET.WE HAVE NO FIREWALL RUNNING.WE HAVE DONE A PING TEST IT STATES THAT 4PACKAGES WENT OUT AND 4 PACKAGES RETURNED BUT COULD NOT FIND INTERNET PAGE.SO IT SEEMS THAT ALL THE TIME WE HAVE SPENT INCLUDING REBOOTING XP HAS MADE NO DIFFERENCE.WE CONCLUDE THEREFOR THAT THE ROUTER IS WORKING NORMALLY AND CONNECTS TO THE INTERNET BUT NO PAGE COMES UP.THANKS TO YOUR HELP, WE SEEM TO HAVE DONE EVERYTHING POSSIBLE TO ENABLE US TO SURF THE NET.MY BROTHER-IN-LAW WHO HAD GREAT FAITH IN ME SORTING THIS OUT, HAS KNOW RESIGNED HIMSELF TO TRYING ONCE MORE TO GET TECH ADVICE EVEN THOUGH IT WILL COST PROBABLY QUITE ABIT. ON A MORE LIGHTER NOTE LET ME SAY IT HAS BEEN GOOD FUN GETTING YOUR ADVICE AND TEARING OVER TO HIS HOUSE TO TRY TO SOLVE THE PROBLEM AND I THANK YOU BOTH FOR YOUR TIME AND TROUBLE.DO YOU RUN ANY MORE WEB SITES WHERE ADVICE MIGHT BE GIVEN ON OTHER ISSUES .


anonymous - 26.02.05 2:56 am

How do I block access to specific websites?


charles - 26.02.05 11:13 am

you could try using system restore to return xp home to before everything was installed say the day before, use reset switch on 205 to restore to defaults. now with everything off switch on router first wait util you get the solid dsl light then switch on pc, once xp home has started go into control panel or my network places and run the network setup wizard select the option my computer connects to the internet through another computer or a residental gateway at the end of the wizard just tell it to finish. once it has finished shut down and restart the pc and hopfully touch wood you will have internet

regards

Ian

Cor

i think we should do a quick set up guide like you get with canon or linksys products with screen shots, i think the first shot should be of the cd being out in the bin what do you think??

Iansmiley for :cool:


justin - 26.02.05 2:12 pm

guys some help please you seem to have missed me i have just gone on to broadband and could do with some help i have resolved my mail problem but have an issue with explorer when edonkey is running can you help ????


cor - 26.02.05 3:50 pm

mornin peeps! okay, timestamp won't be morning, but it's still before 12! And by the time I've recovered from last night and multi-tasked to the end of this entry it'll likely be evening, but hey!

First, justin, of course not! ALL outgoing connexions are allowed through the router (stealth rule number one) As to the other issues, YES! of course we can help, all we need is some good information to work with, and perhaps some patience on your part. I presume you've worked through the other pages here, troubleshooting, recipes, etc..

Charles, we've seen this sort of thing umpteen times, and it's always something minor that the user has overlooked, gateway address, whatever, it's fix-able.

Windows XP Home (which should reboot in seconds) with its default settings, and the router with it's default settings is sufficient for most folk. The whole thing should work straight out of the box. That's what Ian is recommending, too, as a reasonable starting point.

Folk don't get to this page unless a) it's NOT working, or b) they want to do something more than just basic surfing/email/whatever. You are catagory A! Or rather your brother-in-law is, and that's probably the biggest hurdle here, a sort of technical chinese-whispers. Of course you printed out all these router pages and took those over with you. Aye?

anonymous, what exactly do you mean? Block incoming connexions from a particular IP address? (yes) or access to a particular website from a computer (yes, also). More info please.

Ian, I have something like this in-progress already, you're suggestion for image one; dynamite! YES! I just hope I haven't already binned mine! (probably not, I file *everything*)

See, I hadn't really intended for this to be a help-all page, the router worked just fine for me out-of-the-box, and I created this mainly for folks who wanted to do a wee bit more, p2p especially, save them a few hours figuring out the weird CLI syntax, etc.

Regardless, the reality is that this has become Worldwide Voyager-Central, and gets thousands of hits a day. I have to presume that most folk get what they need, but probably many don't, and any way I can make things easier for them is good, and as time permits, this area has been restructured and expanded to provide more comprehensive instructions and data. That will continue, as, and this is important, time permits.

Ian, Barney, you guys deserve a medal! really.

l8rz..

;o) Cor


Andy - 26.02.05 4:38 pm

I want to replace my Voyager with a Linksys Wireless G router (WRT54G). I've tried copying the settings from the Voyager but the Linksys refuse to work. Do you have any helpful hints?


cor - 26.02.05 6:18 pm

Andy, the CLI syntax will be all different. See here, and ask about stuff here, but don't be afraid to come back if you don't get what you need.

;o) Cor


Adrian - 27.02.05 3:33 am

Ok. I've scoured the damn sites and my head hurts. Sincerely. Am i being greedy? All i want is to ftp files to/from my xbox and pc.. i've got a usb/fast ethernet adaptor plugged into the back of my pc connected to a cat 5 cross over lead connected to my xbox (phew!) because my pc is using the 205 voyager ethernet connection for internet and downloading etc., and i just cant connect using flash fxp 8(
Any real info or links on this would be much appreciated... God bless and thank you for the green light 8)


Pierre - 27.02.05 8:36 am

Greetings,

I just found your site and within minutes, found most of what I was looking for.

So I thought I'd spend a few minutes to let you know that your site is just FANTASTIC; concise, clear, jampacked with precise information and instructions on how to do exactly what needs to be done and last but not least: well writen (a rarity on the internet nowadays).

One last thing: contrary to most people here, I'm looking for a way to disable P2P on my wireless hotspot; music and movies downloads use too much of my bandwidth. After reading through your pages I understand that Dynamic IP addresses should prevent it (or make it more difficult), but I'm 99% sure one of my users has found a way around.
Following your instructions (cut and paste), I've just created the 2 Stealth Rules.
Should I understand that this should be sufficient to permanently disable P2P if I don't create the server rules you specify right after the Stealht rules ?
What would be the format of to specify Start and End time, if my users convince me to let them do P2P at night ?

Any help would be greatly appreciated.

Again, great site and many thanks for all the usefull infomation I found here.

Pierre

PS: By the way, my router is not a "BT Voyager 205", but I figured since the screens you show are the same is a D-Link DSL-500G, they must be built around the same chipset.


anonymous - 27.02.05 1:26 pm

Re - Blocking access to specific websites.

Thanks for the reply

I want to make it so that when my kids are using the PC they can't access sites that I know aren't suitable for them. They are very young and want to try and protect them. I've tried the parental controls and they're not what I'm after so what to try and block it using the firewall




Brian - 27.02.05 1:44 pm

Hi all, I have just got this router and I am having major difficulties uploading to my site using Dreamweaver MX. I can upload fine with dialup. I am really new (SORRY) to this and the ability to upload really fast was one of the reasons for going the broadband route. I have tried folowing the instructions on your site, but being new to this it all seems like double dutch, (SORRY AGAIN). Is it right to say that I have a problem with port forwarding?
Does any1 know what is going on and can any1 help me.
PLEASE HELP


cor - 27.02.05 2:21 pm

well, Adrian, it sounds like the IP addresses need fixing. Your puter is set to run on a different subnet from your Xbox, you'll likely just need to assign a static IP to the Xbox, 192.168.1.200, or something.

Check out this article, and also this page, in fact, that whole site is good for xbox dabblers.

I'd also recommend getting a switch, so you don't have to keep plugging and unplugging cables all the time, but then, I always do.

Thanks for taking a few minutes Pierre, I keep all these juicy quotes for future business plans! smiley for :D

Dynamic addressing isn't the solution. Although the address may change, it will be good for the whole life of the peecee-to-router connexion, which could be days or weeks. With DHCP, also, you can't create rules specific to particular machines. If you want to take control, you'll need to assign them all static IP's. Then you can decide who gets what, and when.

Correct, having ONLY the two stealth firewall rules won't prevent users running P2P apps, but it will certainly prevent them running effectively, using up all your bandwidth, which is what you need. Without incoming connexions, protocols like BitTorrent will be much less effective.

However, I've often downloaded files at full speed with no incoming connexions whatsoever, you don't need incoming connexions to get fast downloads, though 90% of the time it makes a very real difference.

If a user downloads the XP SP2 update from microsoft, for instance, this regular www download will max out your whole connexion. This won't prevent other users from downloading files, they will just have to share the bandwidth. What you really need to keep an eye on, is upload speeds. There's a section in the troubleshooter page about this, and it's no small matter. The best way to deal with this is simply give each user a share of the upload bandwidth (80% total maximum) and explain that breaking this limit will have them removed from the network.

If you can get them to understand the issue, and be responsible, it can all work out swell. BitTorrent clients, for instance again, will prefer uploading to clients they are also downloading from, which is what makes it so fast if you are uploading, but you don't have to upload a lot, just enough to flick the switch in their software, if you know what I mean.

What you may want to look at, is "Traffic Shaping", something that (sadly) routers don't do (yet). Though if you were to route this traffic through a Linux/Unix/BSD box, you could take full control of the bandwidth parameters of each individual user, and more besides.

In the meantime, you could implement timed rules, yes, this example would allow standard incoming bittorrent connexions between the hours of midnight and 7am..

create ipf rule entry ruleid 6881 ifname public dir in act accept transprot eq num 6 destport range 6881 6889 todfrom 00:00:00 todto 00:07:00 seclevel high medium low

You would then simply create NAT rules to route the traffic. Each user can have a range of ports, or whatever. Feel free to pop back with more questions/opinions on this issue, my "let's get traffic shaping inside effin routers where it belongs" campaign is only just beginning!

have fun!

;o) Cor

ps.. have to dash off for a bit, will answer others when I return!


cor - 27.02.05 4:53 pm

ahhh, r8! anonymous, I'm with ya.

This is a thorny issue. Firstly, I don't know of a fail-safe way to deny access to "all potentially dangerous material", I don't think it's possible, and if it were, it wouldn't be happening at the firewall level, unless, of course, it was an all-singing, all-dancing firewall with "extras", which many are, these days.

If there is one specific site they are trying to access, then sure, you could block traffic with the firewall, but there's a definite limit to the number of rules you can plug into the thing, and no limit whatsoever on the number of sick and depraved sites out there.

I, a red-blooded male, can go for weeks, surfing my favourite places, getting the news and info and resources that interest me, without once seeing some plastic female getting hammered by a troupe of angry men, or whatever. Kids are looking for power-puff girls, and disney, and shit like that, and these sites, and rings of sites, are well separated from the sleezier backwaters of the indernet. Contrary to popular tabloid reports, the really nasty stuff, is actually quite challenging to find!

Sure, kids (boys) in the 6-11 age range DO come across adult content, adverts, pop-ups, mostly while looking for game cheats and stuff like that, but I haven't noticed them taking any real interest, they mostly shake their head and get on with looking for the cheats.

In my experience of children's internet usage, they generally don't come across dodgy stuff unless they are looking for it. And if they are looking for it, nothing you can install will prevent them finding it, better get used to the idea! Censorship sucks, anyway, shows how much we all need to grow up.

okay, okay, there's a few things you can do, content filtering, request blocking, etc, etc, start by reading this page, all the way through! As well as some good, sensible advice, you'll find links to resources which may be of some use. The best quote is.. "Remember: the best way to protect your children is to be involved in their lives, pay attention to what they do, and keep the lines of communication open". nuff said.

Actually no, one other thing. once you've installed all this content filtering and request blocking and all that shit, now you just have to hope, pray maybe, that they don't discover "adult" sites in, say, Korea, or Japan, who's URL's and content will just sail straight through your filter, and, incedentally, be about three "X"'s stronger than anything you'll find in English.

Unless you want to go the way of the Nazi, and install something like this, which gives access to a dozen or so "approved" domains, and restricts ALL others. You can add sites by hand, of course. Sadly, I fear this approach (fear) will become more common. It's easy enough to achieve with Windows XP® built-in controls, by the way.

What I'm saying is; if your seven year old kid starts trolling Japanese upload boards for mutilation and dismembermenent images, you don't need to block websites, you need to sit down and talk with your kid.


Brian, you shouldn't need to do anything very special to get FTP working. It sounds like we have a active/passive issue here. Check your preferences in Dreamweaver (which I am not familiar with) and see if it's using "Active" (also know, confusingly, as "port") or "Passive" connexions. Try the other one! (passive is almost always preferable, if the server supports it)

If the stealth rules are in place (especially the first one), FTP should just work either way. I have no troubles using both types of connexion to various FTP servers. Insert the stealth rules, and try again. Keep us posted.

By the way, broadband upload speeds are nothing to write home about, even the funky new 2MB service only has a 288kb/s upload capacity. Better than dial-up, sure, but not much.

;o) Cor


Brian - 27.02.05 5:09 pm

Yeah there is an option for Passive but still get the same results :-(
If I use another FTP program, should it work OK?
Could you recommend 1.
Is there nothing I need to change in the router ?
Thanks for your time buddy. You are 10 times better than the so called BT support line


cor - 27.02.05 5:25 pm

well, I don't know what the current state of your router is, so I can't say; but if you've entered at least the first stealth rule (add both!), and deleted the in-built firewall rules, you should be good to go.

I guess there's a slim possiblity, too, that FTP (WAN-Side) access has been enabled on your router. Although it's unlikely, you may want to check the Advanced >> Security >> Management Controls, in the router's web interface, just in case.

As for an FTP client for the peecee, there is only one; FlashFXP.
All the others are imitations.

for now..

;o) Cor


Joe - 27.02.05 5:41 pm

You might be able to help, since BT are BT. I have BT Voyager 205, and trying to use communicator, which locks the router. So I called BT, still waiting for call back 2 weeks later and I found your site and upgraded the firmware. However after a couple of calls, BT Communicator stops letting me make calls, it says "internal server error when making call" when I click on the dial button. BT help is no help at all, and they are still waiting to call me about upgrading firmware which I already have. So there you see my problem, I hope. Can you give me some guidance. Cheers.

Joe


cor - 27.02.05 6:17 pm

Joe, have you stealthed the router? If not, do that and try again. Follow the unstructions on the stealth page, remembering to delete all the other rules. Communicator works much better for me after the firmware upgrade (and the 2MB upgrade) but it needs a good 10k spare upload capacity to work well, pause the torrents, etc.

Remember, you can always DOWNgrade the firmware again if it doesn't work out. Also, whatever you do, give it time; the communicator service is still not 100%, and can be more than occasionally weird.

;o) Cor


Rich - 27.02.05 6:37 pm

Thanks for this page mate! I configured most of the basics myself change pw, setup ports etc. But now I have this reference I can feel more confident that I am getting the best out of it.

I love the format also!


Brian - 27.02.05 7:04 pm

Thanks Cor, for the info.
I am so sorry for being a pest but you seem to be my last resort.
I have reset my router back to defaults... Can you give me a brief description of how I can do :---
"well, I don't know what the current state of your router is, so I can't say; but if you've entered at least the first stealth rule (add both!), and deleted the in-built firewall rules, you should be good to go. "
I am also having problem connecting to WinMX, I am not sure what details I should be entering into the TCP options.....
Once again You are the saviour I bow in you presence :-)))


cor - 27.02.05 10:49 pm

No problem Brian, everything you need is in the a) stealth page and b) recipes page. See the very top of this page for the links.

Essentially, you delete all the current firewall rules, add the magic two (stealth rules), and then follow the WinMX recipe for the NAT/port forwarding stuff, you almost can't go wrong.

;o) Cor

ps.. hey, rich! I have a format? smiley for :lol:


Stephen - 28.02.05 1:25 am

Cor: Hi what the game server i running i put my wan ip in aswell as my lan ip but for some reason the computer cannot see the wan ip only lan so wont connect i can get on the game no prob with just lan but it wont see the wan ip at all any ideas thanks


PaulG - 28.02.05 5:17 pm

Hi Cor,

Thanks for some great info, however I am still left in the unknown.

I need to setup the router to allow RDP (TCP/3389) access in to the server, but only from 2 known IP addresses.

I created the NAT rule for this with Rule ID 10 to Server IP using Port 3389

I didnt understand the "create nat rule entry ?" command so I tried to add the entry in the IP Filter page, is this correct?

Thanks.


Ian - 01.03.05 12:17 am

Cor

network finished, came home today and my main system 200gb harddrive died so using emergency backup, one drive rma`d to maxtor just over a year old bummer.


cor - 01.03.05 12:59 am

Stephen, need some more (plain english) information, dude!

PaulG, nah, if you must use the web interface, the NAT rules are inside Advanced >> IP Routing >> Drop-down the NAT options menu and select the middle option: NAT virtual server/DMZ. You can use the advanced page selector tool (right above these comments) to take you straight to the page, too.

Ian, oh man! I'm looking at my FOURTH replacement Maxtor drive in around the same timescale. It's been sitting here for like three weeks, dead, had to wait until I calmed down about it before I could email the f*****s! The most recent replacement didn't even last a week!

To think, I used to recommend Maxtor drives almost exclusively. Used to be good units. Seagate is where it's at these days, methinks. Pity Maxtor won't swap their duff drives for Seagate units!

Well done with the network, by the way, you get all the print servers and shit working too? Print servers usually conspire to make my life challenging!

;o) Cor


Rubber Man - 01.03.05 3:52 am

OK, done all that stuff with the router and still emule tells me the same "port 4662 is not reachable" business so wtf am I doing wrong?

Please someone tell me (prefs in email) maybe its the order in which I did stuff I just don't know.

I have a LAN and all I want to do is use emule and a few other things via my machine and leave the other alone (mines on the USB)

dont want a bloody firewall either.

Cheers in advance

Rubber Man


cor - 01.03.05 5:20 am

Rubber Man, it's definitely not rechable; I tried.

The solution is simple; first, ditch the USB, and connect with ethernet (if you have more than one computer, get a switch). Next, follow the same instructions you did before (I'm presuming you read the stealth and recipes pages) and TADA! This time it will work!

;o) Cor

ps.. you DO want a firewall, really, especially if you run windows.


PaulG - 01.03.05 1:10 pm

Cor I have already addedd the NAT rule in the virtual server, its the restricting it to only allow through on the two IPs i'm stuck on.


cor - 01.03.05 5:46 pm

ahh, I see, PaulG. Well, you need to add that to the firewall rule, like this..

create ipf rule entry ruleid 1000 ifname public dir in srcaddr eq 216.127.86.76 act accept transprot eq tcp destport eq num 1000 seclevel high medium low

Which would allow corz.org, and only corz.org, to connect to your machine on port 1000. Just like the other rules, you can have ranges of addresses, too. do..

create ipf rule entry ?
in a telnet session for all the options.

have fun!

;o) Cor


omer - 01.03.05 6:34 pm

Hi cor,

I've added the dyn dns rules to the router, at first it was updating my IP with dynamic dns ok, but it doesn't do any more, I've to go and do it manually. Do you know what the issue might be or when is the router supposed to update the IP address, is it after every reboot or whenever the IP address changes.

thanks


PaulG - 01.03.05 7:54 pm

Cor, Thanks so the following two entries would allow corz.org to access the RDP on the server with the following:

create ipf rule entry ruleid 3389 ifname public dir in srcaddr eq 216.127.86.76 act accept transprot eq tcp destport eq num 3389 seclevel high medium low

create nat rule entry ruleid 3389 rdr prot num 6 lcladdrfrom 192.168.1.2 lcladdrto 192.168.1.2 destportfrom num 3389 destportto num 3389

If so, thanks for all your help, and a crackin site!!!



andy - 01.03.05 7:59 pm

help me please. cant get win mx to work and i hope you can give me some ideas. got very little knowledge of puters however i share files. obviously illegal oops. winmx sets up i can search but never download?? except jpeg and stuff mp3 never starts lol.

Pleas help me

Andy


cor - 01.03.05 10:56 pm

yay! PalG, you've nailed it!

One concern.. 192.168.1.2 is usually assigned to the router's USB port, and will only be available if you specifically disable the USB interface. Easier to assign 192.168.1.3 or higher to the puter instead. ensure DHCP is disabled (or configured to use a small range elsewhere, like 192.168.1.50 - 192.168.1.99, or something) on the router, and go fot it! Oh! And what does the "P" stand for? I always call it RDC. smiley for :D


If you want me to test the RDC for ya, drop into my site chat this evening, and I'll drop into your desktop in return!

omer, it should renew the ddns entries at every new ppp connexion. So both a reboot and a simple reconnect will trigger the ddns update. afaik, mine's been working just fine. I checked just now and the three hosts I have in the router point correctly back to me. hmmm. do..

get ddns hostname

in a telnet session, and see if your host entries are where they belong. perhaps you rebooted the unit without first committing your ddns entries, and now they're gone! If that's not it, get back here, we can look closer.

andy, what you do with your broadband is you own concern, just remember to support deserving independant artists with hard cash, when you have it.

As to WinMX, it simply sounds like you haven't setup the port forwarding yet, or correctly. Read the stealth page, slowly, and follow the instructions therein. Then do the same on the recipe's page, following the WinMX recipe. When you're done, test again, and if you still have problems, tell us exactly what they are, the errors you are getting, messages from the port-probe, etc, and we can take it from there. All necessary links at the top of this page.

for now..

;o) Cor




omer - 02.03.05 1:44 am

hi cor,
I got the following for the ddns

$get ddns hostname
Interface HostName
---------------------------------------------------------------------------
ppp-0 omer-homelan.dyndns.org
ppp-0 omer.homelinux.net

$get ddns intf

Interface : ppp-0
Service Provider : dyndns
User Name : omerio
Type of system : dynamic WildCard : enable
Mail Exchanger : -
Mail Backup : disable Offline Support : disable

also after saving the router config on disk I got these commands:
create ddns hostname ifname ppp-0 name omer-homelan.dyndns.org
create ddns hostname ifname ppp-0 name omer.homelinux.net

create ddns intf ifname ppp-0 srvcname dyndns username "omerio" passwd ***** wildcard enable

by the way on the user name is enclosed by "" but the password isn't
any clues?

thanks



cor - 02.03.05 2:03 am

aha! omer, try..

create ddns intf ifname ppp-0 srvcname dyndns username "omerio" passwd ***** system dynamic wildcard enable

Assuming you really do own those domains, and they are dynamic, that should fix it.

;o) Cor


George Bridi - 02.03.05 12:39 pm

hi dear freind.
i am having a lot of problems with my 205 voyager adsl router and i need help please in details if possible.
im running the internet on usb and it picks ip 192.168.1.3 and on the ethernet i have a digital sattelite receiver called the dreambox which picks up ip 192.168.1.4,now the problem is that my dream box swometimes works sometimes doesnt,the dreambox needs tcp ports 4000 to 4020,i have followed some of the rules you give out,but still does not work,i might be doing something wrong.can u help please.by email if possible.
thanks


Brian - 02.03.05 1:12 pm

Hi,
I followed your pages on Stealthing and entered all the information as requested. The only thing I havent done is removed all additionl id's for the firewall. I have tested the protection on the grc.com page but it still says that I am vulnerable. I have committed all settings and confirmed that they are all in place. I am connected using ethernet and upgraded firmware to 1.6... any ideas?


PaulG - 02.03.05 5:14 pm

Cor Thanks again, If I was any good a soldering I would have taken the 205 apart and desoldered the USB port from the unit, but some gaffer tape over the hole is just as good.

RDP, I have always called it RDP, Remote Desktop Protocol, hope I wasn't making shit up smiley for :erm: RDC is more obvious I suppose.


cor - 02.03.05 8:39 pm

Just remove the other rules Brian. Now it's fixed!

George Bridi, the most like reason it "sometimes works sometimes doesnt" is that its IP is changing. What to do..
  • ditch USB & get ethernet
  • assign static IP's to the dreambox and computers (see static IP page)
  • create a firewall and a NAT rule for the dreambox.
have fun!

No, PaulG, "Protocol" is good! I just hadn't thought about it, always calling it "Remote Desktop Connexion". And hey, soldering's easy, it just (like networking) takes practice. Gaffer tape is fine, so long as it reminds you to NEVER plug anything into that hole!

;o) Cor


georgebridi - 02.03.05 9:15 pm

cor.
thx for your help,but im confused big time,is there a way you can do this for me and save the file and send it to me so i can upload it to my router,im sorry for being a pain but im not familiar with these kind of stuff like nat and firewalling.
thx again.


anonymous - 02.03.05 9:36 pm

Hi Cor,

Thanks for your brilliant page and throrough instructions. Even I was able to follow it and lock up this 205 tigher than a ..... All security pages visted say "what computer?" every port is 100% stealth.

Some issues:
1) TROUBLESHOOTING:
ADVANCED DIAGNOSTICS - Testing Internet Connectivity
Ping Primary Domain Name Server "FAIL"
Is this a concern or problem?

2. I can no longer use MSN or Windows Messenger with mic or sound. Somewhere between the NATs I guess it gets lost and dropped. Can anything be done to tweak this?
3. I have just odrered a VoIP ditigital Voice converter for SIP telephone calls which will go out to/from via the ethernet link betweem the modem and the PC. WIll there be any problems or reconfiguring to TELNET to the box to help?

4) As it stands My 205 talks to my ASDL Wire 4port/Wireless router (AHATPE) on subnet 192.168.1.4 /255.255.255.0. before the LAN. The LAN subnet pool is setup via the Router control panel 192.168.2.254:8090 for 192.168.2.x. The Router also has SPI firewall rules that can be configured, but so far nothing is added.
*You reckon any considerations or changes?

Any advice is very welcome. Drop me your paypal address and I'll drop you my appreciation.

Cheers M8

JamesO


JamesO - 02.03.05 9:38 pm

Opps not intentional, "anonymous" above is "JamesO"


ken - 02.03.05 11:22 pm

hi cor
I am having trouble opening ports 6881 -6889 for bit torrent. PC is win 98 router BT voyager. I followed your rules for NAT and IPF (only 3 NAT rules). PC has static address 192.168.1.3. No firewall is running. Shields Up reports all ports STEALTH Black list is disabled. Any ideas on what I have done wrong
thanks
ken


omer - 03.03.05 1:18 am

Hi JamesO
I had the same problem for a while now, sometimes, everything is fine, but when I open a page it says page can't be displayed then when I carry the trouble shooting on the router you get this,

ADVANCED DIAGNOSTICS - Testing Internet Connectivity
Ping Primary Domain Name Server "FAIL"

Having that problem I started up a DNS server on my Redhat pc at the sametime and everything worked fine, phone BT took them a couple of days to come up with my line is fine and they don't know where the problem is, although I answered it for them, it's their DNS problem, but they ignored to admit that...

my advise ditch BT DNS and add your own to the router as cor mentioned above and don't forget to set the priority, if you have the time and energy setup a DNS server, I hit two birds with one stone, my DNS is also translating my fancy PC LAN names into IP addresses.

let us admit that BT DNS sucks smiley for :erm:


omer - 03.03.05 1:22 am

hi cor
Any advice is very welcome. Drop me your paypal address and I'll drop you my appreciation.


I think this is a good idea, I'm sure your effort and this page helped alot of people so I will do the same if you give your paypal address



manjit - 03.03.05 1:58 am

Hi

Great page, probably alot more than i needed but great, i'm simply trying to forward port 80 so i can share my web pages to certain people on the web, for some reason i can't access the advanced pages on the router page http://192.168.1.1/hag/pages/home.htm which will allow me to do this , you mention telent, can i use this to acheive the same outcome??


JamesO - 03.03.05 4:18 am

Hi Thats for DNS advice! Mor sure how to even begin setting up my own, but using another make good sense.

BUT: Question 2 above ???

2. I can no longer use MSN or Windows Messenger with mic or sound. Somewhere between the NATs I guess it gets lost and dropped. Can anything be done to tweak this?


Where the Paypal donate button? =:)


anonymous - 03.03.05 6:45 am

4am, and your tech dude stumbles home.. *sigh*

I'll have to tackle these tomorrow, my brain hurts, there would be errors! nite nite!

;o) Cor

ps.. you can click my smiley (above these comments) for my email address. many thanks! even small amounts can radically alter my week!


cor - 04.03.05 12:27 am

You got your DNS answer methinks JamesO, let us know how that goes. As for the MSN messenger, you'll likely need to create a port-forwarding rule for that. Unfortunately messenger seems to use a HUGE range of ports for its communications, essentially all ports from 5004 to 65335, which means you'll probably want to run a firewall on the local machine, too.

But before you do that, check that UPnP is enabled on your windows box AND the router. On Windows XP, you can find UPnP in the Services console (run "services.msc") and you can check the router by issuing..

get upnp cfg

in a telnet session. When both are enabled, messenger should open and close ports as needed. At least in theory. Remember, only enable UPnP on a windows machine BEHIND a router. NEVER enable UPnP on a windows machine directly connected to the internet.

If that fails, you'll have to move to plan B, which used to work, but may not with newer versions of messenger. opening up *a few* ports..

firewall:
create ipf rule entry ruleid 6901 ifname public dir in act accept transprot eq tcp destport eq num 6901 seclevel high medium low

create ipf rule entry ruleid 6902 ifname public dir in act accept transprot eq udp destport eq num 6902 seclevel high medium low

nat:
create nat rule entry ruleid 6901 rdr lcladdrfrom 192.168.1.3 lcladdrto 192.168.1.3 destportfrom num 6901 destportto num 6901


If that doesn't nail it, it's plan C, LOTS of ports, like this..

firewall:
create ipf rule entry ruleid 5004 ifname public dir in act accept transprot eq tcp destport range 5004 65535 seclevel high medium low

create ipf rule entry ruleid 5005 ifname public dir in act accept transprot eq udp destport range 5004 65535 seclevel high medium low


plus a NAT rule like this..

create nat rule entry ruleid 5004 rdr lcladdrfrom 192.168.1.3 lcladdrto 192.168.1.3 destportfrom num 5004 destportto num 65535

Should do it for you, but remember the local firewall; that's a *lot* of ports to be left open. I'd truly appreciate feedback on what works here, I don't use messenger at all, and I'm sure that many do, would be good to add a good recipe to the recipes page. As a last resort, I'll have to sign up and install the bloatware myself!

I'm not sure about the other stuff, I'll need more details to give informed advice. I know that no extra hardware is required to get SIP working, I use BT Communicator daily, and it works great, with no firewall or NAT rules or anything.

As to the wireless/router connexions, I'd probably put the 205 at the WAN side and feed everything esle from a connected LAN switch, but really, it's less easy to figure out the pitfalls until you actually plug all this stuff together. When you do, we'll be here! keep us posted m8.

ken, it could be a number of things. Did all thew rules enter without error? If you go look in the web interface, does everything look like it should, like the examples here? I'd avoid the standard BitTorrent ports, more than one ISP has started to block (stealth) that range of ports, so pick a range somewhere else. I use 49,000+ sort of numbers and it never causes any trouble with trackers. I recommend azureus, too.

You might want to look for other firewalls, too, like in your BIOS. The buggers are everywhere these days! I don't know if you still have the same IP as when you posted, but when I tested port 6881 at that IP just now, I got "connexion refused", so at least it's a step in the right direction!

manjit, see this page.

George Bridi, it's just a mental block! Start by clicking this link and enter "admin" (no quotes) then "admin" again. you're in! Now all you need to do is run methodically through the static IP page, and then add the firewall/NAT rules in your new telnet session. If you make a mistake, worry not, you can easily wipe them and try again. Use a decent text editor as a middle-man while you alter the ports/IP's to suit your needs.

Open the web interface at the same time and check how your rules look there. It's a good place to delete rules, too. All this will empower you! As a last resort, you could click that new button up top generously, and I could arrange to access your machine, or something, but it's better if you do it yourself.

Lastly, the PayPal button is (or will be once I mess about trying to fit a paypal form into my toolbar's image maps, erm..) at the very top of every single page, no excuse now! I rarely buy luxuries, even beer, so you can rest assured all donations go towards keep this place slick and useful.

for now..

;o) Cor

ps.. hey omer! iisn't it cool being able to get to your router typing "router" instead of 192.168.1.1! smiley for :D



anonymous - 04.03.05 1:09 am

This site was exactly what I needed for WINMX.Thanks!
For those having a problem accessing the advanced pages,I used the excellent "Secret Admin Page Selector".
Thx again.



anonymous - 04.03.05 1:22 am

how do i open ports for online gaming,xbox


cor - 04.03.05 6:46 am

ahh, someone noticed the Secret Admin Page Selector! Well done anon1! it's sort of a reward for getting to the end of the article! heh. enjoy your speedy winmx downloads!

anon2, same way you open ports for all servers. check the generic rules on the recipes page.

;o) Cor

ps.. in the short time it took me to create this post, I've had THREE "ATM VC Congested" warnings from the router! oh! Four!, quick, cor, post!


barney - 04.03.05 9:41 am

cor
What are "ATM VC Congested" warnings? What is actually happening?

best

barney



duffy - 04.03.05 5:19 pm

How do you open multiple ports so that the stay open ? if you cant how do you keep triggering them to open over and over?


ken - 04.03.05 8:03 pm

hi cor,

I had entered one of the ip addresses incorrectly. A case of seeing what you expect when I went back thro' them. All is well now. Thanks for all the information and help
ken


cor - 04.03.05 9:53 pm

hey barney, firstly, they're nothing to worry about, what I think is happenning is that the ATM queue is hogging up at the ISP's end.

Probably BT didn't take the time to properly configure and tune the traffic shaping charecteristics of the ATM, or something like that. as ever, they'll be trying to fit too many subscribers into too few physical wires. (do "get atm stats" for the juicy details)

duffy, I've avoided port-triggering altogether here, with the 205's stateful inspection mechanism and many ALG's, most folk will never need it. put the term out of your mind!

Simply create a regular port-forwarding rules, like in the recipes page. The IPF (Firewall) part will ensure the port stays open, and the NAT part will ensure the traffic always points to the correct "private" machine. TADA!

for now..

;o) Cor

ps.. glad it worked out ken, that would definitely account for the "connexion refused" I got. With puter things, nine times out of ten it's a user error! I know, I make them all the time. One day, computers will do all this stuff for us, and we can just get on with our work!

Of course, we turn-of-the-century humans the ones defining all this. Guinnea Pigs!


cor - 04.03.05 10:06 pm

oh yeah, another thing, omer, congratulations! You are officially the first user of my new PayPal button! If I had a Christmas list, you'd be on it! smiley for :D

cheers mate!

So that's the blank DVD's covered, now I need the P&P, come on dudes!

;o) Cor


manjit - 04.03.05 11:39 pm

thanks mate, i'm in the advanced settings, now there is alot of conflicting info out there do i need a static ip address to port forward port 80 , i want certain people to see the web pages on my box, but i can't seem to create the right NAT rule to allow this, ive tried using static and dynamic ip addressing but think i'm getting the NAT rule incorrect!!!!


cor - 05.03.05 7:46 am

manjit, Yes, you need a static IP. I added a webserver recipe to the recipes page, or rather, I uploaded my dev copy, which was newer. check it out.

By the way, when you say "certain people", remember you'll need to specifically configure this, password protection, whatever; there's no such thing as a "secret webserver", http is a world-wide free-for-all!

;o) Cor


duffy - 05.03.05 1:25 pm

do you have to open ports one by one ? if not how do you open like 100 at a time it will not let me type 2300-2400 etc


i dont understand how to open a range of ports :(

on my add ports page all it has is , rule flavor , rule id , protocol, lan ip address , destination port and local port , it only allows five numbers either in destination port or local port it wont let me type 2300-2400 etc can u help plz :)


where is the ipf firewall part?

bt voyager 205 adsl router

Hello.I have 2 local area connections one for ethernet and one usb. Which shud i change the i.p. on to make static, also when i change to static my internet connection doesnt work and i have to reset my modem :(. my msn address is doofay_@hotmail.com if you could add me and help me i would be very grateful thankyou

concanated into one post, by cor
JamesO - 05.03.05 6:12 pm

Hi Cor,
Firstly thanks for taking such time to be so thorough in trying to put answers and solutions to these issues.
My puter never connected to the internet even though the 205 was, until I added the BT DNS 1st and 2nd into the manually fixed IP LAN settings o the puter. (192.168.2.1) The default Gateway is the AHTPE on the LAN,(192.168.2.254) the WAN side is on a different subnet, between it (192.168.1.4 assigned by the DHCP of the 205 on (192.168.1.3) But the pages are still (192.168.1.1) Do I got you confused now?

1) Advance settings, DNS still fails to ping primary. I did change the settings in the Voyager to yours listed above. Made no difference. So am I esentailly behind behind (2) NATS? 1)ADSL/ROUTER/Wireless Router we will call (AHATPE). and (2) 205? I ended up the 205 just because I did not want to buy a new wireless 4 ort rotuer with modem, when BT gave the 205 with th package. Now as for BT service and price, I wish I bought a 205 off ebay and went elsewhere for cheaper and better support. BT know nothing and tech support cannot answr any tech questions. (worthless)!! Back to issues now ....

Both Routers have webased mgt pages with SPI firewall and cofigurable rules. My Voyager 205 box is stealthed as per you instructions 100% no exceptions or rules added,. Security is set to high, and the other tweaks you added)
UPNP in enabled on the Voyager and also now on the puter and now allowed inside windows SP2 firewall as an exception.

I seem to be behind two NATs. My ASDLWireless Router i guess eems to act as a gateway that via the WAN which is connected to the Voyager .The rules for the ADSL Wireless router seem confusing to configure, especially with the forwarding you you gave to open ports. Nothing is set except IMCP blocking is enabled.
So for MGT of this unit there is ICMP blocking, Incoming/Outgoing Policy, PortMapping, Virtual server, Port Triggering. On the LAN interface there is DDNS and (I'm clueless what this is!) Router Services, offers Dynamic Routing, Static Routing.

I see in the AHATPE log there are regular packet erroor warningin between it and the 205. Here's a copy of a consistent error msg: about 10x a day. (greek to me!)
-------------------------------------
Mar 5 16:09:33 wifi daemon.warn klogd:
Invalid packet: IN=eth1 OUT= MAC=00:65:74:68:2d:31:00:11:f5:27:37:a3:08:00 SRC=192.168.1.1 DST=192.168.1.4 LEN=78 TOS=0x00 PREC=0x00 TTL=64 ID=6601 PROTO=UDP SPT=137 DPT=137 LEN=58
------------------------------------
I don't know what it all means or whats next or what suggestions you have.
I just would like Windows msg to work or MSN with voice, so I can sometimes communicate with family in the USA on their puter.

When the SIP box arrives I'll let you know the scoop them.

Lastly I've no idea how to hit the donate button, but I am a strong believer in DA WAT GOS RND theory!(And I hope dat catches up with those F'n nigerians conmen soon!)
(Hey drop me a msg from corz.org)

Cheers M8

Jas




zc - 05.03.05 6:28 pm

Hi

My BT connection entitles me to 2 IP #s (both of which are set dynamically) - I can't afford to the biz-contract! where they give you STATIC IP #s.

The only 1 worth anything, of course (as u point out), is the eth0 IP. My question is, anyone out there know whether its possible to somehow use the 2nd IP ... the 1 assigned to the USB port? ... something on the lines of connecting it to the BT switch (get an IP #) ... and deploying that on another ethernet nix? ... I've been thinking of someway to do this, but can't seem to crack it. Appreciate if anyone has cracked this.

Cheers -zc


anonymous - 06.03.05 10:24 am

do u know how u type 192.168.1.1 how can tat be everyones ip address also can you open ports on this i.p. address or do u need a static i.p.?


cor - 06.03.05 9:49 pm

hi

First, duffy, ditch the web interface. Now go read the recipes page. All your answers are there. If you still don't understand, read it again!

anonymous, go read the static IP page. Then you'll understand.

zc, I think you are confusing private and public IP's (like anonymous is). If BT say you have two IP's, that will be "public" IP's. nothing to do with the USB port, or ethernet port, or 192.168.1.anything.

The only way you could have a second public IP would be to setup two ppp intefaces. ppp0, and ppp1, for instance. You might want to try (in a telnet session, as ever)..

create ppp security ifname ppp-1
create ppp security ifname ppp-1 chap login voyager205.user@btbroadband.com
create ppp intf ifname ppp-1 startondata mru 1500 lowif aal5-0 droute true ppoa outside usedns true

and see what happens! Probably not a lot, though, because that's just a wild off-the-top-of-me-head type thing. There's probably more about this in the PDF's, but personally I think you're wasting your time. A single IP is plenty; if you need multiple pathways to your IP, use DDNS (see the tricks page for more info).

JamesO, you just click it, dude!
I also believe in DA WAT GOS RND, but it sometimes takes sooo long!

for now..

;o) Cor


Neo - 07.03.05 12:53 pm

Cor - firstly I like to say well done on a excellent little site some useful tips.

After trying everything I still had no joy but what I did findout was that the voyager has the global udp and tcp timeout set at 300 I have set both of these to 10 and this seems to have sorted the problems out unfortunately I can't get good download speeds off emule if I use stealth any ideas


JamesO - 07.03.05 1:18 pm

Hey Cor, just checking to see any input for issues raised above. BYW: DNS is working now!-cheers Click what m8? Hoping I'm not that daft, but where? Otherwise I'll use the default email off your reg for corz.org. Back to work.....
Jas



PaulG - 07.03.05 8:21 pm

Hi Cor

Thanks for the help on the following rules
create ipf rule entry ruleid 3389 ifname public dir in srcaddr eq (ip outside lan) act accept transprot eq tcp destport eq num 3389 seclevel high medium low

create nat rule entry ruleid 3389 rdr prot num 6 lcladdrfrom 192.168.1.2 lcladdrto 192.168.1.2 destportfrom num 3389 destportto num 3389


However the create ipf rule just returns "invalid command" or something along thoughs lines.

The create nat entry works fine. I also tryied to add the firewall rules via the web admin, and even though they were successful they refused to let me in on the srcaddr I entered.

Can you test and see if the same error occurs

Thanks.


cor - 07.03.05 8:29 pm

thanks Neo, the UDP/TCP timeouts are something I've yet to devote a lot of time and testing to, gamers have found making UDP timeouts real short can help with finding servers, amongst other things, but I've not seen much difference with the kinds of apps I run, so ymmv.

I'm keen to know; what was the problem than altering the timings fixed? In case it crops up again.

The Emule thing just sounds like you're not accepting inward connexions, did you enter the eMule rule from the recipes page? (all links at the top of this page) If so, did you probe it? If not, do that, you need to get "success!!!" on your chosen port for it all to work. If you don't get "success!!!", run through the troubleshooter, especially looking out for hidden firewalls along the way. keep us posted.

Hey, JamesO, I'm not done with your tech, but I think we need to simplify things a bit, one gateway, one firewall, that kinda thing. It makes my head hurt just reading about your setup! Configuring it will be no mean feat. It's good to at least *start* with simplicity, if possible. Get one thing 100%, then move on.

The error's are nothing to worry about, just the router trying (and failing) to make friends with your puter, I don't have a clue what "AHATPE" is. I'd start with a basic DSL > router > switch > everything approach, adding devices one at a time, utilising only the necessary functionality of each unit, in other words, if you have a NAT (the 205), all other NAT-capable devices must be configured to NOT NAT! etc. It's always doable, eventually.

And look! right at the very very top of all the pages, far right, far out! A PayPal button! There are other, perhaps better, ways that folks can help out, I might do a wish-list type page, sort of like the "pay_for_living" license notice at the bottom of corzoogle, but with pictures.

for now..

;o) Cor


anonymous - 07.03.05 9:36 pm

Hi,

I am trying to run a php socket server for an aviator chat called Cowtoon (Purchased from ww.cowtoon.com).

I have installed everything that it asks like easy php 1.6 and then ran server_start.bat and everything work from my end (e.g. Localhost)

But other people cant get through via my ip as you can see for your self http://81.132.189.22/chat

I think it has something to do with firewall bt have no idea how to take it off so people can access this chat

Please Help
Thanks


Neo - 07.03.05 10:05 pm

p2p port probe always has given a success but for some reason with the stealth on I can't get any decent file sharing speeds??
I actually got Shareaza downloading some files today at 40 - 90 KB/s but then all of a sudden after about 4 hours at that all the connections dropped of and I haven't been able to get the connection speeds back up. Do you know anything about the other time settings in nat global or do you have any other ideas?


Colin - 08.03.05 1:12 am

I'm confused and perflexed with trying to get MAC iChat AV links to work with the 205. Has anyone else had any such problems? I have taken down mac firewall/router firewall and still certain connections fail to link. Those people I am trying to link to, CAN however connect to others. I too CAN connect to someone in the UK with no trouble. I can understand WHY certain links fail. Is it anything as regards the standard 'untouched' settings of the 205? Should I make changes to some settings to allow better port operations? I keep hearing references to SIP, does this come into the situation anywhere?

Comments welcomed!


Harry - 08.03.05 2:22 pm

Hi, first want to say i love the site, loads of useful stuff.

i'm trying to open my 4662 port for emule (lots of probing, no connections) and i've done the following:
got a static ip (192.168.1.4)
(subnet 255.255.255.0)
(gateway 192.168.1.1)
(preferred dns same as gateway)
(no alternate dns)
got xp firewall rules for tcp and udp in place
got the stealth rules 5 and 500000 in security-ip filter-custom in place (from the site, thanks)
got the emule nat recipes in place

and emule tells me my 4662 port is unreachable. is this something really obvious or am i justified in being this confused?

any help would be greatly appreciated.

harry


Liam - 08.03.05 4:06 pm

Hi,

I am trying to run a php socket server for an aviator chat called Cowtoon (Purchased from ww.cowtoon.com).

I have installed everything that it asks like easy php 1.6 and then ran server_start.bat and everything work from my end (e.g. Localhost)

But other people cant get through via my ip as you can see for your self http://81.132.189.22/chat

I think it has something to do with firewall bt have no idea how to take it off so people can access this chat

Please Help
Thanks



aus - 08.03.05 4:48 pm

Hi there, great site.

I currently have ntl broadband (UK) with the cable modem connected to my Linksys WRT54G Broadband Wireless Router, which I have 1 PC connected via cat5e and 2 wireless PCs. My PS2 is also connected via cat5 in a DMZ.

I'm about to change provider to BT and will receive my ADSL Voyager 205 shortly.

My question is: will I still be able to use my Linksys and on which device should I set up my port forwarding etc?

N.B. My linksys router has the option to behave as a router or a gateway.


aus - 08.03.05 6:41 pm

update ...

am I right in thinking I need to change the ip of the WRT54G, top something other than 192.168.1.1 ? if the v205 is also that address?


cor - 08.03.05 6:52 pm

anonymous (man, I gotta remove the ability to post anonymously!), it sounds like you need to disable your Windows® XP built-in firewall, which lives inside the properties for the "Local Area Connection" (advanced tab).

But then I tried to connect myself, and I got "Connection Refused", which indicates more that either the NAT rule is pointing to the wrong machine, or possibly there's a different firewall somewhere. I think the XP firewall would report "stealth", but I've not used it (confirmation appreciated, from anyone) The XP firewall can also be configured to allow inbound connexions, simply create a www service.

Neo, if you remove the second stealth rule, and suddenly everything works, there must be something wrong with the firewall rules. Double-check and triple-check them! Sooo often folk bang their heads for hours only to realise that, for instance, they added a zero to the port number, or something daft like that.

If the p2p port probe reports success, you're good to go! so long as the ports you are testing do indeed match the ports your app is using, then anything else must be p2p network issues of some sort.


I think often folk expect to much from the internet, sure 240kb/s downloads ARE possible with a 2MB link, but not every download, not every day..

Folk over-cap their upload speeds, distant, skinny conduits get congested, interesting sites slashdotted, whatever, if you experience one good download session, just one, then the firewall/NAT rules are good. Save them and forget them! Everything else will be "tweaking", TCP timeouts, whatever. But "success!!!" from the p2p probe means p2p ports are good, move on!

If everything stops, screw it! reset the router, tweak the timeouts, or something, and try again., but leave the IPF/NAT rules alone! Neo, you are the one! Report back whatever you learn!


Colin, Hi. My mac is officially dead, so I'm just gonna wing it here. First, forget about SIP, we don't need to mess with it, and the 205 can do it just fine.

iChatAV uses quite a few ports..

5060 (UDP)
5190 (TCP) file sharing
16384-16403 (UDP) video conferencing

These rules should do it (replace with your own computer's private IP)..

firewall:
create ipf rule entry ruleid 5060 ifname public dir in act accept transprot eq udp destport eq num 5060 seclevel high medium low

create ipf rule entry ruleid 5190 ifname public dir in act accept transprot eq tcp destport eq num 5190 seclevel high medium low

create ipf rule entry ruleid 16384 ifname public dir in act accept transprot eq udp destport range 16384 16403 seclevel high medium low


NAT:
create nat rule entry ruleid 5060 rdr prot udp lcladdrfrom 192.168.1.3 lcladdrto 192.168.1.3 destportfrom num 5060 destportto num 5060

create nat rule entry ruleid 5190 rdr prot tcp lcladdrfrom 192.168.1.3 lcladdrto 192.168.1.3 destportfrom num 5190 destportto num 5190

create nat rule entry ruleid 16384 rdr prot udp lcladdrfrom 192.168.1.3 lcladdrto 192.168.1.3 destportfrom num 16384 destportto num 16403


If you want to run the OS X firewall, you'll need to create similar rules there too, though you don't need it with a properly stealthed 205. Try these rules out, and PLEASE let me know how it goes, either way. If it fails, I have more up my sleeve!

One thing to note, UDP isn't reliable across the ocean, it's just not. If you're iChatting Trans-Atlantic, pick times when the internet is quiet!

Well, Harry, if the probe can't connect, no one can. There has to be a blockage somewhere, probably a firewall. Run through the webserver troubleshooter on the troubleshooter page, it's a good generic fault trace, paying particular attention to hidden firewalling; BIOS, Gateways, WAP's, etc, etc. As well as a firewall proper, XP (and 2000, etc) has a rudimentary IP packet filter, which I've also discovered mysteriously enabled.

Disable KAD network, for now.

for now..

;o) Cor

ps.. yeah aus, start with that!


cor - 08.03.05 6:56 pm

pps.. aus, If I were you (which, as ever, means: if YOU were ME!), I'd leave the 205 in its box, and configure the Linksys to use BT Broadband.

If, and only if that fails, then consider using the 205 as your DSL modem, and config the Linksys to pure router mode if you wish to use it's switch/wireless capabilities.

;o)


aus - 08.03.05 7:37 pm

'configure the Linksys to use BT Broadband'

does this mean get a RJ-11 - RJ-45 connector and see what happens?


brian - 08.03.05 10:05 pm

how can u open say ports 2300 to ports 2400 and keep them open i know how to open a port but not multiple ports ive had a look at how to do it but i dont understand can u help me plz?


brian - 08.03.05 11:03 pm

when i add a nat rule it doesnt let me select local ports from and local ports to what is going wrong here?


Rick - 09.03.05 1:16 am

I really hope you can help me :( i bought my router and got BT BB for gaming on my pc with which i use my ethernet card. The router i think is my problem for my rubbish ping as i have a brand new p4 3.5 coupled with 512 DDR 400mhz RAM. The problem i aslo face is if im using mIRC or msn and trying to find or connect to gaming servers it just pings out... Its reallly poor and annoying what i think i need is a decent configuration for the router to comply with my Ethernet but i just dont know where to start im new to all this and i pray you can help me as i dont think i can take much more of it.... plse help!


Adrian - 09.03.05 2:22 am

Hello again :) Please could somebody tell me why i can't connect to Xlink Kai (Network unreachable!) through a second ethernet NIC. Kai says to port forward 30000 udp. I've tried editing the single custom port forwarding rule, maybe i've done it wrong ? Many thanks jahtruth.co.uk peace


cor - 09.03.05 3:42 am

nah, aus, no adaptors required.

I presumed when they said (on the product page at the Linksys website) "... Finally, the Router function ties it all together and lets your whole network share a high-speed cable or DSL Internet connection." that it could act as a broadband modem, like the 205 can, but on further investigation (the product spec PDF), it seems it can do "everything except that".

In case anyone else has a router/modem that they want to get working with BT Broadband, here are the details anyway..

DNS = auto
VPI = 0 (zero)
VCI = 38
Authentication = CHAP
Modulation = G.DMT
Encapsulation = VC MUX
Encapsulation Protocol = PPPoA

But it looks like you'll need the 205 after all, aus. Plug the phone line into the 205, then the 205 into the router port of the linksys, then everything else into that. The linksys can be 192.168.1.3, or something.

What you'll need to do is decide where you firewall and NAT are going to be. It's probably best to run the firewall on the 205, but the NAT on the linksys, using the Linksys as your default gateway/dns server, etc. I don't know how tricky it is to get the 205 to act only as a router, we'll see!

brian, just run through the recipes page. See the generic recipes section at the end (well, second from the end since I added the cool checklist), it shows you how to open a range of ports that stay open.

Use telnet, it's easier. Localports; if you are using a range of port, it's not possible to remap to different local ports, that's only for, say, a webserver running on port 8080 that needs to be externally connectable on port 80. Forget that part of the command, the ports will map straight across without any extra help.

Rick, you just need to run through the pages here, it doesn't take too long, certainly no where near as writing them! If you've already done that, run through the checklist at the bottom of the troubleshooter page.

If gaming is important to you, you might want to tweak the UDP timeouts right down..

modify nat global udptimeout 15

If you're sticking somewhere, tell us exactly where, and we'll see what we can do. By the way, I just did a UDP scan on your box, ports 29990 - 30010, and they're ALL open!

for now..

;o) Cor

ps.. Adrian, how does it look in the web interface? Is UDP specified in the firewall rule, for instance? (don't bother specifying protocols in the NAT rules)


aus - 09.03.05 10:24 am

Thanks cor for the advice! This web site is a blessing and I'm certain it will come in useful when config'g my 205, esp. the cmds to keep session open etc. Muchas Thanks! I'll let you know how it goes. Cheers.


Mat - 09.03.05 3:35 pm

Hi,

I wish to run a NWN Server on my machine, I have a BT ADSL 205 Voyager Router, I can connect to the server through My LAN, but others on the internet can not direct connect or see the server Listed under Gamespy. Here is a Link to NWN Server help about port forwarding:- http://nwn.bioware.com/forums/viewtopic.html?topic=387975&forum=56

I have tried the Above and to my dismay nothign seems to work, upon trying the Corz p2p Port Probe I get a message:- Connection Refused. If I Stealth the Router the Probe tells me that it timed out(Probably Stealthed)

I am currently using Windows XP with SP2 and all relevant updates. I have Windows Firewall Disabled as I use Zonealarm for this purpose, during this testing Zone Alarm is also Off. Hope someone can help :-(


John - 09.03.05 4:52 pm

Just to say thanks. What a pleasant website. Nice to read, easy on the eye and sufficient detail.

Nigh on perfect. Firefox compliant too.



Cheers


damien - 09.03.05 7:02 pm

Hi; Great site!
I am writting you this because I am so desperate! I have an internet connexion in my flat that belongs to the building. Each flat has a self assigned static IP adress, subnet mask, router adress and dns server address that blocks p2p networking and sending email via email software clients using smtp server. When I try to connect to the internet using dhcp, I gives me a dynamic ip that is not able to connect to the internet. But waht is really strange is that every 24 hours it finaly getq this ip : 192.168.0.1 which enables internet and p2p networking!!! But for 24hours only and then is goes over and over. There must be a trick out there to change this to have a proper p2p friendly and stable connexion. But I don't know how to manage this. Have any idea?
I would be very thakfull if you get even a little idea of workaround, and also send you a bottle of great red wine from France if you achieve this.
Best regards,
Damien


connor - 09.03.05 7:05 pm

Hi Cor,

I am running the Voyager with the installed firmware V1.1. Just wondering if there is a firmware upgrade yet for the Voyager? Today I downloaded a .bin file TEI image firmware update from www.voyager.bt.com that claims itit will update to V1.6. Is this a Beta version or a stable release do you know? I know the risks of flashing firmware and all that jazz, so what do you think? wait a bit for you guys to sort out the best firmware to use?



*Rich* - 09.03.05 11:28 pm

hi

great site, helped me no end to get p2p working. Speaking to the muppets at bt an getting no help wotsoever i finaly found this place.

Having trouble getting ports open for msn messengers file transfer service. ive entered the ports necessary into NAT and IP filter as described in the msn help file

It states open as many ports as u can between 6891 and 6900 so ive entered them as from port 6891 to dest port 6900

im assuming i must have done something wrong somewhere as your port probe reads these ports as: "connection refused" and i still have extremly slow transfer rates.

if anyone had any ideas as to the correct NAT and IP FILTER rules to enter into telnet then i would apreciate the help.

cheers keep up the good work

*Rich*




Phil - 10.03.05 12:08 am

(or

I am real new to all this router stuff having just got mine from BT (Voyager 205). I have it plugged directly into my d-link ethernet switch and immediately started to get problems (or my son did anyway) with listing and refreshing all the internet servers in games lihe MOH Spearhead - found a fix for this which involved typing commands into a CommandPrompt window and it then worked.

Trouble is that i didn't back up the router's standard config (can you send copy to me in case please?).

Anyway, interested in mucking around and experimenting with some of the security stuff on your site and also need to map incoming tcp port and udp port for WinMX.

However, when i type the IP address (URL) into the IE address bar it finds the voyager page ok but cannot access 'troubleshooting' or 'advanced' menus - just starts flashing the IE window as if refreshing every couple of secs and displays the opening 'quick start' page - do i need to plug the usb cable in or something?

Regards

P :-)


cor - 10.03.05 11:24 am

Thanks John, aus, others, I like to make out like I'm indifferent to compliments and shit, but really I luv 'em!

connor, I've been using v1.6 (as available from my archive - see useful links section) and it works beautifully. Even BT Communicator works now. As with all things computerised, ymmv. Try the 1.6 update, if it doesn't work out, you can always go back to the old one. If you've made any csutomisations yet, remember to backup your current settings before you upgrade.

*Rich*, load this page with ALL comments, a quick type-to-find should get you what we know so far. Feel free to add to it, reports of success would be good!

Phil, it just sounds like you haven't created rules for these things yet. First you need to run through the troubleshooter page, where I deal with the problems you are having getting to the "advanced" pages. do get back here if it doesn't work out, though.

Don't worry about "losing" the default config, you can get that back by simply inserting something sharp into the reset at the back of the router. smiley for :D

Mat no way I'm reading that whole topic! it'll be like all the others anyway. Just make the router rules! Check the recipes page and create rules from the generic template, one firewall and one NAT rule for each port, or range of ports.

Create them in a text file and KEEP this file! Enter them into the router and test test test. If it still doesn't work, go slowly through the troubleshooter page, especially the checklist at the foot. Check again for firewalls.

damien, most interesting problem! And a nice incentive, too! Best wine I ever tasted was a French Red! Good call!

okay, there are a number of avenues to explore here. I'd really like more information about the setup of the flats, the exact hardware/software we're dealing with, who has admin access to the "master" router, etc, etc.

The ideal solution is "make friends with the LAN admin". really. explain how you need a fixed IP, and that you need ports opened for (insert whatever). This is the best long-term strategy because if you do somehow manage to circumvent these restrictions, someone may eventually notice, and that would be bad.

The first thing you may want to try is setting a static IP for your machine, 192.168.0.1 sounds like a good choice. Check the static IP page. The DHCP server (whatever it is) may simply refuse to talk to you, but it may also try and accomodate you. Try this first. I have to say, 192.168.0.1 isn't usually available to a DHCP pool, usually that's the router's address!

If this doesn't work (likely), there are other, less legitimate, things you could try. But really, I'd take a bottle of wine to the admin's office first!

for now..

;o) Cor


richard collins - 10.03.05 2:29 pm

help im trying to sort this router for winmx maybe im doing something wrong but its not working for me


Red - 10.03.05 5:25 pm

THANKS! My broadband finally works \o/


brian - 10.03.05 8:37 pm

how do you use telnet just type what youve typed in a telnet session?


brian - 10.03.05 9:09 pm

how do you delete a rule that you created on a telnet session?


digi - 11.03.05 5:43 pm

fantastic writeup!

Far more helpful than the moronic BT "technicians" I've had to speak to for the last couple of days.


Dave Moore - 11.03.05 6:33 pm

Very useful site, thank you. Just one question. I am trying to view my wecam (live feed) but I am not sure how to configure the 205 to let me through to the PC, the webcam is just on a usb connection. Can you help.


cor - 11.03.05 8:16 pm

Friday at last!

richard collins, dunno dude. did you enter the rules correctly? work through the checklist at the foot of the troubleshooter page, let us know how far you get.

Red, w00h00! love to hear that!

brian, correct! you just type, and it goes straight into the router's brain. deleting you can either do in the telnet session, the command is on this page; essentially you replace "modify" or "create" or whatever you did with "delete", and skip any parameters, so

create ipf rule entry ruleid 6881 ifname public dir in act accept transprot eq tcp destport range 6881 6889 seclevel high medium low

can be deleted with..

delete ipf rule entry ruleid 6881

or you can click the wee dustbin next to any of the rules in the web interface (don't forget to check out the page selectors above these comments, very handy, bookmark your favourites!)

digi, you are soooo right man! But how do I bill them for all this, that's the question!

Dave Moore, the router has nothing to do with the webcam, you don't need to go "through" it at all, unless you or the cam is located somewhere on the internet, of course. is it? more details please!

for now..

;o) Cor


Jeremy - 12.03.05 6:42 pm

When I try to create a NAT or IPF rule it says error:invalid command. I'm sure i'm entering it in correctly.


cor - 12.03.05 8:35 pm

I'm sure you're not!

;o) Cor


paul cunningham - 12.03.05 9:38 pm

Hi,

I spent a day stepped through your instructions many times
but can't get it to work.

I have apache and privoxy running on linux and i am using dynamic dns.

All i want to do is have my web server acccesible on the internet.

I turn off dhcp on the server and the modem. i set my server address to 192.168.1.3 the proxy server is working. here are the Nat rules:

808 ALL Virtual Server TCP 192.168.1.3 192.168.1.3
6881 ALL Virtual Server TCP 192.168.1.3 192.168.1.3
100000 ALL NAPT ANY 0.0.0.0 255.255.255.255

when i type the url i have set up with the dynamic dns sevice
in a browser with the proxy enabled i get this bt voyager page

http://192.168.1.1/hag/pages/home.htm

my webserver is working because it brings up my site with
localhost. my iptables are configured to accept requests on port
80.

I am of course using the bt voyager 205.

my setup is identical to an other server that uses an ntl cable
modem and everything works.

i would very much appreciate if you could point out what i am doing wrong. i know very little about networking or modems.

thanks,
paul











cor - 13.03.05 12:21 am

You really are going through a proxy (double-check that with a whatsmyip? tool, like my port probe) and getting your router's admin pages? Sounds like you have WAN access enabled for the management control, check here.

However, when I attempted to connect to the IP that you used to post here, I got stealth, is it still the same IP (9.30pm now) ? Stick with static IP's, by the way, for your internal LAN.

Do you have more machines on your LAN? if so, can you access the server from the other machines? Sounds like the box has a firewall running, perhaps iptables is misconfigured, gawd knows that's easy to do. Maybe a GUI tool like Guardog, or something like that, or if you've been using that, get the conf into a text editor and make sure everything's okay.

If the router is setup per checklist, there's gotta be a firewall somewhere else. What's the proxy server for? You really don't want to go live with a proxy server running! The only proxy you need is an *external* proxy, for testing. Or did I misunderstand something about your setup?

more details is good, feel free to mail me your exported router config, and definitely run through the webserver troubleshooter if you haven't already.

;o) Cor


paul cunningham - 13.03.05 1:21 pm

thanks cor,

i will check the WAN access though i thought it was disabled.

sorry you couldn't connect to the ip. i switched the machine off at about 7pm and went to the pub. i am just trying to setup
the system at the moment. when i get it working i need to buy some cable before i set it up permanently.

the proxy 'privoxy' came with the linux installation and i used it
on my home system (which uses an ntl cable modem) because it helped my windows laptop to access the web through the same modem.

i will have another go without the proxy but i only enabled it
because it said to do so in your trouble shooting check list.

i generated the nat configuration report from the admin selector
function but didn't see how to get the ipf report above.

please post any useful report generating command and tell me how
to export my router config.

sorry for being such a sad amateur. i'll be back on the machine
having another go tommorrow.

cheery oh,
paul





James Otis - 13.03.05 9:14 pm

Hi Cor,
Back in the saddle at the puter after a short break ....just wondering if we can discuss a better solution to getting my Lan/Wan sorted? ISSUE-(again) Currently BT205 used as ethernet modem to feed into the WAN port of a Wireless/4 Port ADSL Router subnet 192.168.1.x which feeds the puters LAN1-LAN4 plus wireless to Laptop and PDAs using subnet 192.168.2.x. So the Router 2 is set up and the default network gateway for the puters and it gets it IP for the Net from BT205. It all works, but perhaps not ideal. UPNP for MSN Messenger does not seem to be able to open up the ports for audio, etc. Going to install a VoIP Digital Voice Converter this week as well in between the modem and puter so for an RJ11 phone connection. I think there will be some port problems to sort. Trying to configure is tricky, and the BT205w pages have me even more confused.

You have all the info, and were working on the tech, but with all your popularity, it might be lost in the fog.

With appreciation....

I know where the button is....





col - 13.03.05 11:37 pm

hi all

great site much help, can you tell me where i can get the software for the modem? when i plug it into my computer via usb it says that it doesnt recognize it???help please! thanks


Rasta - 14.03.05 1:02 am

hey ive read through and through your helpfull tutorial and thans alot it has helped an insane amount i couldnt have sorted anything out without but. well my intial prob was i couldnt start a server on halo. sooo i forward all the ports, and they must be right ive had many gamers confirm this, and people can join my server, but it doesnt show up in the server list, but this is weird because it turns up in some peoples lists but the majority it doesnt turn up. also next to my server there is flag which look like the portugal flag to my server although im from the uk any ideas why? if you have any suggestins please email me. Thanks so much for all the help your tutorial is soo helpfull for these dam bt modems but if you can help further i would apreciate it loads.


cor - 14.03.05 3:23 am

nonononono paul .. there's nothing about proxies on the checklist! the only place I mention them is in the webserver troubleshooter..

You see, if you try and test your own dynamic hostname directly, eg. site.ath.cx, you would naturally get your router admin page (because site.ath.cx resolves to the IP of your gateway, which is also 192.168.1.1, machines inside the LAN will take the direct route, ie. 192.168.1.3 > 192.168.1.1), so we have to test from outside, like maybe from Sweden, or the USA or something. So we use a web browser copnfigured with a proxy server, and the browsing is all going via the proxy.

You don't need a proxy server running on your own machine, but kudos if you actually managed that! they can be a bugger to setup! smiley for :lol:

col, ditch the USB, use ethernet.

James Otis, what we'll probably need to do is configure the 205 to act as a simple pass-through (bridge) for every port, no firewall, nothing, and then let router 2 do all the hard work, NAT, gateway, etc.

Trouble is, there are a number of ways this can be done, and without a router 2 myself, I'm not certain which is the best. It might be an idea if we do this by email, and then when we figure out the best method, I can add it to the recipe's page (it would be useful for others I think).

If you could mail me all the details so far (so I've got them all in one place) along with your exported router config file, I'll reply with "suggestion one", and you can get back to me with a yay or nay, if you know what I mean.

Rasta, without more details it's tricky to diagnose. Of course you've gone through the checklist at the foot of the troubleshooter page, yeah?

If you have, next thing I would suggest is adding rules for both tcp and udp ports, many games say they use one type, but in fact use both. if you have a rule 1024 for tcp, make a 1026 for udp, or something like that.

The Portugal flag is a weirdo, you're surely not going through some sort of proxy server are you? Chewck your firewall log (use page selectors above these comments) on the router just after connecting the server, see if any communications from the server's IP are being blocked, and if they are, make rules for them!

for now..

;o) Cor


Adrian - 14.03.05 3:23 pm

Hello all :) If you press caps shift + back space/arrows in Putty you can move the cursor. Has anybody configured their 205 to play XBox on X-Link Kai yet? I've tried everything and have become an amateur networker in the process! NETWORK UNREACHABLE ! But i can see/chat with other users and X-Link keeps dropping the link to the orbital servers (a timeout problem?) I don't mean to bug but i think if i can sort it it will be sorted here..many thanks chaps.

Here are my rules:

create nat rule entry ruleid 30000 rdr prot num 6 lcladdrfrom 192.168.1.3 lcladdrto 192.168.1.3 destportfrom num 30000 destportto num 30000

create ipf rule entry ruleid 30000 ifname public dir in act accept transprot eq udp destport eq num 30000 seclevel medium

Kai link port: 30000 udp



pretty livid - 14.03.05 3:34 pm

Firstly, thanks for a great site, I have set up everything required with no problems, until SHOUTCAST. I cannot for the life of me work out how I am going wrong, it needs port 8000 to broadcast and port 8001 to listen on. Each time I check the ports it says they're stealthed. I used the exact same rule as the bit torrent rule (which works perfectly) also soulseek which has no problems.
Weirdly enough, in Linux it says the ports are open, in XP however it says they're stealthed. I have no winblowze vile firewall running or any services which could block anything. It appears to be something else.
Must say I had less bother when on NThelL running a floppywall than I am having now with a supposedly easy-to-configure piece of crap.
Anyone who has successfully set up shoutcast with this horrible router please tell me HOW?


cor - 14.03.05 4:30 pm

ahhh... prot num 6 = tcp

Adrian, try instead..

create ipf rule entry ruleid 30000 ifname public dir in act accept transprot eq udp destport eq num 30000 seclevel high medium low

create nat rule entry ruleid 30000 rdr lcladdrfrom 192.168.1.3 lcladdrto 192.168.1.3 destportfrom num 30000 destportto num 30000


and you should be good to go. The ipf rule is identical to yours. The NAT rule is not. note firstly, no tcp, nor udp parameter is specified. You could add them, but there's no need.

I usually omit tcp/udp parameters altogether from NAT rules, instead creating individual ipf rules to cover whichever protocol I need. Often it's both, so that would be two firewall rules (one tcp, one udp) and one NAT rule (covers both). The azureus rule on the recipes page is a perfect example.

I notice you are using only "seclevel medium". is this intended?

pretty livid , show us the exact rules you are using.

;o) Cor


Pod51 - 14.03.05 7:17 pm

New Router, New Problems.

Ok BT sent me this wonderful new router and everything is fine and dandy until I try to bring my FTP online. I use NO-IP DUC to obtain the IP that I use, Flash FXP to connect to the server and Bulletproof to provide the server.

Try as I might I can not for the life of me connect to my server all that I get is a 530 error when logging in then nothing ? The server is of course running on port 21. Using Shields Up all my ports report back as stealthed/blocked and this is where I think my problems start.

I am a total novice when it comes to routers (My old USB modem worked fine)any help in a very simple manner would be helpful. Please.


As for the rest of the advice on here bloody good job, love the secret selector stuff. Why can't BT provide this kinda thing straight from the box.


Pod51 - 14.03.05 7:18 pm

Oh its connected via Ethernet :)


pretty livid - 14.03.05 7:34 pm

I managed to unstealth myself eventually, got listed in the shoutcast yellow pages, but can only stream via localhost to myself.

So..the shoutcast server can see me eg:
03/14/05@16:21:29 dest: 205.188.234.162 starting stream (UID: 0)L: 1{A: SHOUTcast Directory Tester}(P: 0)
03/14/05@16:21:40 dest: 205.188.234.162 connection closed (0 seconds) (UID: 0)L: 0{Bytes: 204800}(P: 0)
03/14/05@16:21:43 yp_add yp.shoutcast.com added me successfully
03/14/05@16:24:44 yp_tch yp.shoutcast.com touched!

When anyone attempts to connect remotely it says 'connection refused' which is odd as I am up there on the shoutcast directory.





Here is a nice mess of a config file:

create nat rule entry ruleid 30000 rdr lcladdrfrom 192.168.1.3 lcladdrto 192.168.1.3 destportfrom num 30000 destportto num 30000
create nat rule entry ruleid 56 rdr prot num 6 lcladdrfrom 192.168.1.3 lcladdrto 192.168.1.3 destportfrom num 8000 destportto num 8000 lclport num 8000
create nat rule entry ruleid 57 rdr prot num 6 lcladdrfrom 192.168.1.3 lcladdrto 192.168.1.3 destportfrom num 8001 destportto num 8001 lclport num 8001
create nat rule entry ruleid 58 rdr prot num 17 lcladdrfrom 192.168.1.3 lcladdrto 192.168.1.3 destportfrom num 8002 destportto num 8002 lclport num 8002
create nat rule entry ruleid 59 rdr prot num 17 lcladdrfrom 192.168.1.3 lcladdrto 192.168.1.3 destportfrom num 8003 destportto num 8003 lclport num 8003

(didn't know if it would help to add udp as well as tcp)

Am now more baffled cos all the other things I had in there have vanished and the router reset the password. I think I might be best ignored until I grow some braincells and work out what on earth is going on. That or I will have to empty this routers rubbish and put my floppywall back on again.


paul cunningham - 14.03.05 7:48 pm

HI Cor,

I am not sure I understand. Are you saying that I should be able to access the server from outside this LAN and whether I am
browsing trough a proxy or not is unimportant?. Ihave now disable the proxy.

my url is headcc.ath.cx. please try it.

my NAT rules currently are:
808 ALL Virtual Server TCP 192.168.1.3 192.168.1.3
100000 ALL NAPT ANY 0.0.0.0 255.255.255.255


thanks,
paul



anonymous - 14.03.05 8:09 pm

I have a wireless router (airlink). All internet connection around my house work fine, but I'd like to setup some security for my Wireless Network. Now, I can't access my router anymore. Assinging static IP or DHCP obtain won't help.


paul cunningham - 14.03.05 8:10 pm

ok i went home and tried it and it works.
is there any way of letting users inside
my lan access the website via the url.
i know i could just point them to the localhost
but it make cause confusion as they are non techical.
thanks,
paul.


paul cunningham - 14.03.05 8:20 pm

HI Cor,

I am not sure I understand. Are you saying that I should be able to access the server from outside this LAN and whether I am
browsing trough a proxy or not is unimportant?. Ihave now disable the proxy.

my url is headcc.ath.cx. please try it.

my NAT rules currently are:
808 ALL Virtual Server TCP 192.168.1.3 192.168.1.3
100000 ALL NAPT ANY 0.0.0.0 255.255.255.255


thanks,
paul



scot - 14.03.05 8:52 pm

Hi Cor,

Please help. I've been through the whole site, followed your guidelines and stepped through the checklist. Everything works perfectly except for two things; when the router is connected to the internet the ethernet light (and LAN connection in taskbar) is constantly flashing even when I'm not accessing the net; and the routers internet connection keeps disconnecting (anywhere from 5 minutes to 5 hours) and won't reconnect until I've rebooted the router. BTW, I have a simple setup of one PC connected via ethernet.

Thanks in advance,
Scot


Tony - 14.03.05 10:01 pm

great site, helped me a lot, thanks!


paul cunningham - 14.03.05 10:44 pm

ok i went home and tried it and it works.
is there any way of letting users inside
my lan access the website via the url.
i know i could just point them to the localhost
but it make cause confusion as they are non techical.
thanks,
paul.


pretty livid - 14.03.05 11:18 pm

I appear to be magically fixed now. Not sure how or why, but this site definitely was a great help, thanks!


Russ - 15.03.05 12:55 am

Hi,
I've tried to get these ipf and nat rules correct, but to no avail today!
After stealthing my router, I'm using:
create ipf rule entry ruleid 1024 ifname public dir in act accept transprot eq tcp destport eq num 23 seclevel high medium low
create nat rule entry ruleid 1024 rdr lcladdrfrom 192.168.1.42 lcladdrto 192.168.1.42 destportfrom num 23 destportto num 23

as my two rules.

I have a SUN box on my LAN with static IP address as 192.168.1.42 and I want to ssh to it from outside. I want to access the box when I'm at work you see and my work allows port 23 out from their intranet but not ssh on it!
Hence I've configured ssh to to be accepted on port 23 (instead of ssh standard port 22) on my SUN box.
I can use ssh (using port 23) from any PC on my LAN to access this SUN box but I cant access the SUN box from outside at all. Using your port scan utility I get 'stealthed'.

I've removed all the rules (as you suggest) apart from the 2 stealth ones and the new ipf one above.


Dont know what else to try really!! Please help! Please email for extra (sensitive) info. Thanks.

Russ.



Phil - 15.03.05 1:07 am

Hi - great site and i now know a lot more about this router stuff than i used to - sadly, not yet enough though. Followed all direction to try and map the ports for WinMX - was getting nothing originally but now, according to your portprobe, 6699 opens ok but still can't download anything as 6257 "timed out probably stealthed" - the port probe on that gmx site confirmed that it was stealthed too. I've checked and rechecked, switched off all firewalls, switched off ALL firewalls and just cannot get it to work - oh, and i switched off all firewalls and went through checklist line by line to no avail :-)) - HELP!!


cor - 15.03.05 3:30 am

Pod51, good timing! I setup my own FTP server last night. works great, active (aka PORT, very confusing!) and passive, no probs, so it's doable, here's how..

First, although FTP (usually) uses port 21 for the transaction, it also uses another port, for the data, usually port 20, and although not technically necessary, when port 20 is opened, things certainly run smoother. For a regular FTP server, running on a machine at IP address 192.168.1.3, this would work fine..

create ipf rule entry ruleid 2121 ifname public dir in act accept transprot eq tcp destport range 20 21 seclevel high medium low

create nat rule entry ruleid 2121 rdr lcladdrfrom 192.168.1.3 lcladdrto 192.168.1.3 destportfrom num 20 destportto num 21


As you can see, I've used a range of port, albeit a very small range (only two ports). Note that I don't use ruleid 21 (as one would expect) because if you ever reboot the router, it will be deleted automatically! Same story for ruleid 80, almost like BT didn't want us running servers at home!

If you want to accept "passive" connexions (a very good idea), you will need to define a range of ports in your server software. In bulletproof, this is in the global preferences, folks running ProFTPd can simply add a line to their <global> section..

PassivePorts 50000 50100

Now the server will instruct the client to initiate passive connexions on any port from 50000 - 50100. All we need to do now is open this same range in the router...

create ipf rule entry ruleid 50000 ifname public dir in act accept transprot eq tcp destport range 50000 50100 seclevel high medium low

create nat rule entry ruleid 50000 rdr lcladdrfrom 192.168.1.3 lcladdrto 192.168.1.100 destportfrom num 50000 destportto num 50100


And Bob's yer uncle! The server will happily accept active OR passive connexions. I plan to add an FTP server section to the recipes, as you can probably tell, I'm sketching the copy right here! Let us know how it goes.

pretty livid, great news! by the way, did you realise that four of your NAT rules could be reduced into ONE RULE! make a range, less mess. Also, there's no need to specify protocols in NAT rules, only the ipf rules. See the note in my last comment about this.

You know, often, the reason that things don't work properly is that folk simply don't wait long enough. I've often noticed that rules can take a minute or two to kick in. By the time the rule kicks in, the impatient types have changed them, and then it really doesn't work!

paul cunningham, my first question is, what router do you have? those pseudo-rules aren't for a viking-based router. I don't mind helping out with any old router (I was doing (unpaid) remote admin on a D-Link last night), but it would be good to know, more useful.

The proxy thing; lots of folk use proxies, mainly to protect their identity while surfing, the theory being that the website won't know your real IP, but these folks forget that it's the ISP who keeps all the records, and no proxy is fooling them! But surfing VIA a proxy is very useful for lots of things, testing your home webserver being one of them.

In short, the proxy server is doing the browsing, from Sweden, or wherever, we are simply telling it which pages to fetch and relay back to us, so YES, you can test from OUTSIDE your LAN, by using a proxy. On the "how cool is that?" scale, it's about a nine.

The only alternative for self-testing, apart from the piecemeal tests one can perform with the various online SEO tools, is to take over someone's remote desktop and surf back into your own IP from there. I have control of a few desktops "out there" which I sometimes use for testing, like last night, for my FTP server. But with a good proxy, you don't need any of that.

Your dynamic domain is dead, by the way. try again! It looks like you simply need to add a firewall rule to whatever router that is. The virtual server (NAT) rule looks okay.

For the LAN users, why not create nice virtual names that they can all remember, see here for details.

scot, the flashing ethernet light is normal (you need to read the pages more slowly, dude!) and it's always in use, whether you are downloading or not; a LAN send lots of inter-puter messages, broadcasts, samba elections, etc, etc, I call this "background noise". The solution is to place the router out of sight.

As to the reconnexion, have you applied the ppp timeout tweaks (above)? If so, are there any other symptoms, like when it disconnects, are all the lights on (VoiP errors; upgrade firmware), or anything else?

Open a telnet session with the router, and leave it open. The next time it disconnects, report back here with the error you got.

Russ, (btw, when you refresh your browser, doesn't it warn you that you are about to POST the comment again? all my browsers do. don't worry about it though, I just delete 'em) Firstly, your rules are good. There must be something else blocking things.

Did you run through the checklist? Particularly, ensure security is enabled on the router (at any level, the lights for the rules will be green in the web interface, not red) and there are no other firewalls working against us. The firewall on the SUN box might be allowing free LAN traffic but denying outside traffic, for instance.

Phil, importantly, port 6257 is a UDP port (at least for WinMX), and the port probe is testing for TCP connexions only. If 6699(tcp) is open, WinMX should be good to go. Note, probing UDP ports isn't reliable, because UDP itself isn't reliable, particulalry over a few hops, ie. Trans-Atlantic. UDP isn't even necessary for WinMX, just run the app and try and download some stuff, it should work!

anonymous, take your time and ask again, including as much information as you can. also, it would be better if you used a nickname of some sort, just make it up! I'm gonna remove the ability to post as "anonymous", it's too confusing!

everyone, don't forget to SAVE your config after you get it working. you don't want to go through all this again!

Thanks for the flowers folks, appreciated, in a scroll-off-the-page sorta way.

for now..

;o) Cor

ps.. Adrian, thanks for the tip dude! I almost missed it!



Ian - 15.03.05 8:20 pm

Cor

I`m back up and running smiley for :D, its been busy on here better start reading up on whats been going on,

l8trz

Ian smiley for :cool:


pod51 - 16.03.05 12:37 am

Cheers Cor,

Doesn't work for me, I entered the rules (using telnet?) as per your advice and this is what I get :-

Bulletproof

15/03/2005 21:15:41 - FTP Server On-line : IP(s) 192.168.1.5, on port 21

Edited your rules from 192.168.1.3 to 192.168.1.5.

Flashfxp

WinSock 2.0 -- OpenSSL 0.9.7d 17 Mar 2004
Connecting to b-f-t-p.no-ip.com - IP=81.152.118.227 PORT=21
Connected to b-f-t-p.no-ip.com
220 FTP Server (Version 1.0) ready.
USER ********
331 User name okay, need password.
PASS (hidden)
530 Not logged in.
Connection failed
Delaying for 120 seconds before reconnect attempt #1

No-Ip Duc

Updating to IP : Nat/Router/Proxy 81.152.118.227
b-f-t-p/no-ip.comsmiley for :DNS is current, No update Needed.

Now I am stuck smiley for :ehh: I use the No-ip thing to mask the IP address obviously but I have posted all my details for all to see in the hope that you can advise further.

I have created a test account for the purpose of this problem and you can try it using Take A Look feel free to try it.

Cheers for reading this far and look forward to any further help you can offer.




Pod51 - 16.03.05 12:58 am

Really need an edit button here :)

I have changed the No-Ip program to bypass the automatic detection settings so it now connects to 192.168.1.5 so give it a try. I have managed to connect using both an Anonymous Http Browser Proxy (OPERA) and via FlashFxp. Just need someone outside the loop to give it a try.


shkim - 16.03.05 3:22 am

i have used this router to connect to emule. the thing is emule 'seems' to be working ok except the download is tediously slow. i am connected high-id. the problem is, it seems all the other protocol seems dead while emulw is running. i cant make it work whatever i try. is voyager205 not suitable for use with emule? i need help.....


Scot - 16.03.05 7:01 am

Yeah I had applied the ppp timeout tweaks, I left telnet open and it told me;

Wed Mar 16 04:49:26 2005 : WARNING : PPP Interface Down : Interface - ppp-0

Wed Mar 16 04:49:26 2005 : MAJOR ALARM : Failed To Get IP Address : Interface - ppp-0

Wed Mar 16 04:49:32 2005 : WARNING : ATM VC Congested : Interface - aal5-0, PortId=7, Vpi=0, Vci=38

When I have two connexions in my sys tray, a LAN connexion and an Internet Gateway, the LAN connexion stays lit constantly, but if the Internet Gatway (Routers ppp connexion) is closed then the Lan connexion stays quite unless I access the LAN.

Sorry if its a bit long-winded, just trying to give you as much info as poss.

Thanks, Scot


Scot - 16.03.05 4:55 pm

Forgot to say, the telnet messages above just repeat constantly until I reboot the router.


Gareth - 16.03.05 6:20 pm

I can't get the Voyager 205 to work with my PC over the Ethernet.
Have used the router via USB on a laptop to see if it was a problem with the box itself but it works fine.

The Router is in the living room and I have a Solid UTP cable up to the attic - which works great as a LAN. Any ideas?? thanks


cor - 16.03.05 7:24 pm

gr8 news Ian, you got some text to catch up on! It's been hectic, but better that than no ineternet! Good to have you back, dude!

Pod51, smiley for :lol: you know what you've done? You've entered your machine's "private" address into your hostname record. If I (or anyone else) tries to connect to your hostname, they will, in fact, be connecting to a local machine in THEIR OWN LAN! Using your raw IP gives me nothing, it's probably not your IP any more, anyway.

Go to the no-ip.com website and update your IP manually until you figure out the DUC. I recommend switching to DynDNS.org, if only so you can have your router do all this messy DNS business automatically. I simply never think about my dynamic hostnames anymore, they are always current.

The FlashFXP login looks fine, by the way, obviously the password was incorrect. What exactly (apart from the "outside dns thing") isn't working?

shkim, eMule can be slow, it depends what you're downloading. The 205 is certainly capable of fast eMule downloads, though you may want to tweak your preferences some, cap the upload speed, reduce connexions, disable KAD, etc.

Scot, I really could be doing with more info. Firstly, why do you have two LAN connexions? Do you have Internet Connection Sharing enabled, or something? The "ATM VC Congested" messages are normal, at least for BT they are. I get dozens every hour. It didn't tell us much about the PPP going down. What net apps are running when it disconnects?

Gareth, is the cable a crossover cable? You need regular CAT-5 cable; we discovered that the 205 has a cross-over built into it. Got an ethernet switch? If so, does it work plugged into that?

for now..

;o) Cor


cor - 16.03.05 7:30 pm

additional thought, Scot, you don't have the USB drivers still installed, do you? if so, get rid of them, and reboot!

;o) Cor


Gareth - 16.03.05 7:50 pm

I'm using a straight through cable on everything - I also want to be able to connect it to a hub at some point. But I want to get it working first.

Many thanks


Pod51 - 16.03.05 9:11 pm

Me again , bloody mud fluffing router. smiley for :lol:

Anyways Cor, I thought that was the case ref. connecting internally to my LAN, Doh !

Now No.ip DUC is connecting via 81.152.118.227 and reports that it is Updating to IP : Nat/Router/Proxy 81.152.118.227 once it has updated it reports that 81.152.118.227 is the current IP address found and in use via b-f-t-p.no-ip.com. All well and good ?

However Bulletproof FTP reports that the Server is On-line but connected via : IP(s) 192.168.1.5, on port 21

FlashFxp is attemting to connect via Connecting to b-f-t-p.no-ip.com @ IP=81.152.118.227 on PORT=21.

When flashFxp attempts to connect it reports 530 Not Logged In.

So that is where I am currently , unable to connect to my previously (Before the 205) working FTP. I am trying to connect via my machine of course, don't know if this effects things in any way.

It was all so much easier when I had me Spectrum smiley for :lol:


pod51 - 16.03.05 9:44 pm

Cor Sod it, if you can help me try MSN contact pod51@hotmail.com always better live.


Adrian - 16.03.05 10:42 pm

Cor i love you! Im XLink Kai on-line and i got green light for torrents...i owe you :-)


Adrian - 17.03.05 3:18 am

In a manly way of course ;)


Darren - 17.03.05 3:48 am

I am trying the port forwarding recipes for the BT Voyager 205 router but I do not get the option of "destportfrom num 6881 destportto num 6889". All I get are Destination Port and Local Port? I have upgraded the firmware to v1.6 Any advice? Thanks!


cor - 17.03.05 8:46 pm

Adrian, I know what you mean, dude! I get a lotta love here from here, right back at ye! smiley for :D

okay, Gareth, this is strange. The router itself can access the internet, sign-on, etc, without any computer attached, so I'd say, first connect the 205, and let it do its thing. then attach the CAT-5 to your puter and try and see if you can telnet in.

Perhaps the network needs configured on the peecee, check the static IP page and make sure everything looks kosher there, on the same subnet, etc.

Sorry pod51, I don't do MSN, but feel free to mail me your exported config file, and I can take a look at it. Others have done this and I've discovered glaring, obvious problems within seconds, your call.

You're right about the Spectrum (though I preferred my Oric-1), but then, you couldn't do just about everything we can do now, so I guess there's a trade-off. In the end, it will all be simple again, I promise. Trouble is, this may take decades.

Darren, these commands are for telnet, click any of the telnet links on these pages, and then enter the commands. tada!

for now..

;o) Cor


Bael - 17.03.05 11:08 pm

k man, thanx for the help, i've been searching for days for something like this, all i wanted was for BT to work lol, i tried www.portforward.com, but there method didnt work lol, then i happened upon your site =D Its all really usefull info and n00b friendly too =D

anyway to my problem, i'm not sure if this is anything to do with the things i did to get BT to work, but i deleted all the IPF rules like you said, apart from rule 5 and 500000, and i also have my Bit Torrent Rule 6881, but since i did this, i cant connect to any of my IMs (MSN, Xfire) do you know what port MSN etc run on so i can add a rule for them?

thanx,
Ryan


Bael - 17.03.05 11:14 pm

hmmm sorry bout that^^^

dunno what was wrong, but i restarted and now there all working lol, must have been summat up wi my comp :S

again thanx for the great site man smiley for :D


cor - 17.03.05 11:38 pm

no worries man, rule 5 takes care of most of the things we need to do online. UPnP takes care of many others.

sometimes it takes a minute for rules to kick in, rebooting the router is useful, too, AFTER you save the changes, of course!

;o) Cor


Darren - 18.03.05 2:41 am

Cheers Cor! It would help if I read things more thoroughly! Done the router tweaks to open port 6881, but when runnig BitComet it gives me an error message 'cannot listen to port:6881. I am still getting very slow downloads speeds too :( Any ideas?
Thanks again.


cor - 18.03.05 3:32 am

Darren, did you run through the checklist at the bottom of the troubleshooter page?

Scrub that, I probed you just now (if you are still at the same IP you used to post here) and I got success!!! so it looks like you're good to go. some torrents really are slow, particularly old ones. Try a few, you know. here's a test..

The Scene - episode one

That should really fly, they got slashdotted yesterday. let us know how you get on.

;o) Cor


Bael - 18.03.05 3:56 am

hi again man,just a question...but how fast shud that file be going?? cus when i DLed it, it only averages at speeds around 50kbps, but when downloading off of proper web servers, for example www.download.com (the site with all the shareware) i get download speeds of over 300kbps, is this normal, or is there still something up with my setup??


cor - 18.03.05 8:52 am

Well, Bael, it depends how fast you connexion is supposed to be. that torrent should pretty much max you out, gotta be 781 (i just checked) seeds. hmm. Don't always believe download speeds from websites, the file is downloading while you are chosing its location, caching often makes it appear to fly when really it came down a lot slower. No way are you getting 300kb/s downloads with a British Telecom ADSL link. no way.

Google for broadband speed test, do a few of them, and find out your true top speed, you should get that same speed on a really popular torrent. note, use of port 6881 is NOT recommended. many ISP's are blocking, capping, and filtering this port. use one of the ephemeral range, up high somewhere! See the azureus rule on the recipes page.

;o) Cor


Bael - 18.03.05 9:27 am

ok i did a speed test and it says my speed is 2927kbps , so what does this mean my average DL speed should be??

Pic:
Click Here


cor - 18.03.05 9:58 am

holy sh*t! what sort of connexion do you have?

As far as I know, BT's maximum plan is 2MB, and that's WAY faster than 2MB! Yeah 300KB/s would be possible with a link like this, even higher. I can get 240KB/s with my 2MB connexion, yours looks like a 3MB package at least! You get that speed in other tests?

I gotta know, is that British Telecom? and if so, who do you contact for this broadband package???

;o) Cor


Bael - 18.03.05 10:04 am

yeah i've got BT 2MB package, so dunno why it's so fast :S
i live more or less right next door to my exchange thing is tho, its like a 2 minute walk :P


Bael - 18.03.05 10:05 am

EDIT: next door to *where* my exchange thing is^^


Bael - 18.03.05 10:29 am

ok man, my router keeps just de-activating itself :S

i dont mean like switching itself off, cus the power is still on, but every so often it just stops working, and i can get on the internet, and i cant even connect to it using http://192.168.1.2/ it just says error 404, only thing i can think it could be is that its been on to long, cus i read something about im only allowed online for 15 hours a day, an i may have been on longer than that, cus i left comp on 2 dl stuff, but surely if that was the case i get some sort of message telling me i was been disconnected?? it just stops and i cant do anything to fix it, i have to restart comp to be able to connect again =/
what ya think it could be?


barney - 18.03.05 10:38 am

Hey cor

I am so upset with my download speeds.
I did the "Scene test" after you declared
240KBs and I only managed max 237KBs for
most of the download.
Where am I going wrong??
Still look every day

Best

barney


cor - 18.03.05 11:49 am

barney! Dismal! maybe you need to drill some more holes in that router! smiley for :lol: The net is slow, by default. You were probably undergoing some script-kiddie DOS attack! smiley for :lol: The net is slow, by default. You were probably undergoing some script-kiddie DOS attack! smiley for :lol: The net is slow, by default. You were probably undergoing some script-kiddie DOS attack! smiley for :lol.gif  *ahem* Yeah, I figured that would be a good test for BT capabilities. good result dude, tell me, what port are you using for BT these days?

gr8 2 c u around btw!

Bael, man, that's a weird plan you're on! Being so close to the exchange, could be a factor, I guess, it certainly is at the other extremity, so why not close up? I don't know enough about it to say for certain, though.

As for the disconnexion, this 15 hour business is very strange, exactly what plan is that??? You're not on USB, no? You definitely went through that checklist and ticked *everything*?

I gotta consider moving closer to my exchange..

;o) Cor


barney - 18.03.05 12:45 pm

Hi cor

High up in the numbers and def not
6881.
It must have been the dos attack!!!
By the way I switch of my router because
of the heat during the night
unless I am downloading and your shell script works
great first thing after rebooting.
Any chance of a script when one has to
reset the router to get rid of all the
defaults?
After 1.6 firmware flash Port 31 does not
automatically come back after reboot.

best

barney




cor - 18.03.05 1:50 pm

OMFG! someone actually found the scripts! smiley for :eek:

pretty cool huh, so long as you TOUCH NOTHING! smiley for :lol: The *nix versions are certainly cleaner, but a lot less fun! I've got a *nix script called "bigrad" which does what you require. I'll up it sometime soon (gotta check for bugs, haven't actually used it yet!) Got Linux?

I'll try and get around to a windows version. Or someone else might like to smiley for :D

Torrenteering; I suspected you were using a high port, 6881 just doesn't do it for me these days, ISP's get wise to these port numbers, but there's always another sixty five thousand others to choose from!

Yeah, I know what you mean about the heat, I can't sleep at night with that thing running, like an effin radiator it is! smiley for :lol: just kidding. it's okay man, it's supposed to run hot, if it blows, BT replace it!

And anyway, the monthly bandwidth limits come into effect in a couple of months, so you really want that thing busy 24/7, while ye still can!

and erm, port 31? who on earth needs that?

;o) Cor


cor - 18.03.05 2:00 pm

I should mention, you can run shell scripts directly on the router itself. basically just a set of commands like in all the pages here, then upload it via FTP, and run it from the telnet command line..

apply fname script.sh

note, you have to upload it into the root (not /home) folder, or else specify the full location on the command line (I presume)

most folk would probably find this more challenging than just running a windows batch file, but for power-users, it's a handy, quick way to get a series of commands into the router.

remember to commit afterwards!

;o) Cor



barney - 18.03.05 5:32 pm

cor

I changed the password in notepad it opened the telnet session itself and proceeded to do its job.
I did not commit it but when I checked on the interface it had happened and is still in place.
Have tried looking at 192.168.1.1 with Flash xp but cannot see any folders just opens, I am going to try and look again.
No Linux just Windows.

Best

barney


barney - 18.03.05 5:34 pm

cor

I thought the 30g limit was in place already?
barney


mohip - 18.03.05 5:59 pm

like the look of the site, i'm going to try sort out some problems via this site this weekend.

at the moment, BB connection seems to cut out over night during a d/l, azureus is giving me average of 3.1 kB/s, and i have major speed issues surfing while azureus is being used.

so I will try let you know if this site helps for a complete PC noob like myself ;)




cor - 18.03.05 6:38 pm

note barney, when you connect with FlashFXP, do not use the LIST -al (show hidden) command to get directories, it won't work. regular LIST is fine. note, even if you can't see any files, you can still upload scripts!

The BT-Yahoo limits are officially in place, for certain plans, but afaik, technically not actually working until May/June. You can't check your current monthly usage until then, anyway, so it seems unlikely they could actually enforce any kind of policy until at least that time.

IMPORTANT: when the limits come into effect, their totals encompass both UPLOAD AND DOWNLOAD usage. So that's 15GB of TV episodes, not 30GB, if you are a regular 1:1 torenteer. bummer, huh.

I forsee a lot of folk turning to the dark side, leech-and-run. Is this the ISP's intention? to strike at the very heart of the P2P community, to destoy its sharing soul? but I digress...

welcome mohip! enjoy your stay! Don't forget the checklist at the bottom of the troubleshooter page. As Brian Tracy (supremo time management consultant guru dude) regularly says..

"Always work from a list"

;o) Cor


Darren - 18.03.05 9:19 pm

Cheers Cor. Tried that torrent you gave me. 42-52Kb/s.That's fine for my 512Kb connection. It must be that, as you say, older torrents are slow. When opening up BitComent however, it still pops up with the same error message (cannot listen to port:6881)? I was wondering if you had any idea what could be causing another problem with my connection. It seems to 'drop' periodically, resulting in web pages loading with some images not appearing etc and downloads stopping mid-download. Occasionally the PC needs a reboot to sort it out when I lose the connection completely. I have only recently got broadband from BT. Could this be due to my distance from the exchange, a problem with my PC or router? I have tried another router (a Voyager 205), changed micro-filters, anti-virus/spyware checks etc. Sorry to be a burden, you've been more than helpful already.
Thanks


george - 18.03.05 11:33 pm

cor please can you help me with my dreambox connection to bt205 adsl router.
id areally appreciate it as im struggling for the last 2 months.
my email is there.
thanks mate.


Bael - 18.03.05 11:45 pm

ok.....problem...i odnt have all check listed :( my router is linked to my comp by usb not ethernet, didnt think it would make any difference at install xD what difference will it make?? how do i setup router to run on ethernet instead of usb without reinstalling??? if i do have 2 reinstall will all my ipf/nat rules be erased??

also i have another problem :(

I can donwload at ok-ish speeds on my p2ps and bit torrent, but when i browse the tinternet at teh same time, my DL speeds drop radically, and when i am posting in forums especially, they go down to 0kbps, is this because im connected with my usb??

thanx man,
Bael


cor - 19.03.05 12:09 am

Darren , normally, when a server can't listen on a port it's because another server is already listening on that port. do "netstat /a" (no quotes. never quotes!) in a DOS shell and see what you have listening, or otherwise using that port (without bitcomet running). I recommend Azureus for BitTorrent, by the way, for way too many reasons to list. Of course you've tested other BT clients, do they all give the same error? And have you tried another port?

Please confirm you have been ALL through the checklist. If you're using USB or running the XP firewall, or something crazy like that, we're wasting our time. It's no burden, and there's no such thing as a stupid question, but you gotta give me more details, exact errors, results of port probe, etc. leaving a torrent running so that I can probe you is also smart, though not tonight, I'm off for a kip soon, been up for days!

There are loads of good tips scattered throughout these comments, if you have a spare hour, have a read right through, hints like "open a telnet session and leave it open, watch for error messages, then paste them back here (except congestion errors!)", and "DO NOT use port 6881 for BT if you want the fastest possible downloads", or words to that effect. No one could come through all these comments and NOT learn something!

You've read all the router pages here, surely, but have you read them twice? Sometimes that can make all the difference. The reasoning is, a half hours careful reading can often save WEEKS of banging your head off the desk. There may be something obvious you've missed..

"When all else fails, read the instructions"

george, more details please. what's a dreambox, for instance, and what would you like it to/with do? It's doable, and we can help, but in here please, so others can benefit. run through the troubleshooter checklist first, of course.

If you want a private one-to-one email consultation, no problem, simply deposit £50 in my PayPal account and email me your request at my usual address smiley for :ken:

Bael, yes, I know you are connected to USB, there was no other possible explanation for this level of disfunction.

ethernet is simple, two steps..

  • remove USB cable
    (and all USB drivers, BT software, etc, etc, etc, and snap BT CD in half, and drop into your CD recycling bin)

  • connect router to peecee with CAT-5 cable


You're done! remember to backup your config before you do this.
Then run through the checklist again. Feel free to save these pages to your hard drive, in case you are ever offline and need a reference.

The answer to problem two is, unsurprisingly.. "because you are connected by USB". (although you additionally seem to be suffering from choked upload capacity) Please read troubleshooter page where I explain both issues in detail.

;o) Cor

ps.. The links to all the other router pages I wrote here and edited and slaved over and re-edited and tested and tweaked and cared for, and spent a great deal of valuable time over, are at the very top, in case you missed them.



george - 19.03.05 12:32 am

cor please can you help me with my dreambox connection to bt205 adsl router.
id areally appreciate it as im struggling for the last 2 months.
my email is there.
thanks mate.


Bael - 19.03.05 12:36 am

so all i pretty much have to do is edit my nat/ipf rules to IP 192.168.1.1 instead of 192.168.1.2??? heh thanx man ima try it now...... lol if theres no reply in atleat 30-40 mins you knwo it didnt go to plan xD



cor - 19.03.05 1:41 am

Bael, NO rules are for IP 192.168.1.1 OR 192.168.1.2 Those are the IP's of the ROUTER! (you'll find no rules on any of these pages for those addresses) The IP you use for port forwarding rules is the IP of the computer! where you want to forward the ports TO. At LEAST 192.168.1.3 and you shouldn't need to alter ANY rules!

Start at the top of the page!

george, glad to help m8. don't tell me, you refreshed the page, and then RESENT your post?

There's a dialog warns you that you are about to do this, isn't there? That's why folk get virii you see (I don't use anti-virii software, never have in all the years (about 23) I've owned and used computers), because people just click dialogs without reading 'em first! smiley for :lol:

for now..

;o) Cor


anonymous - 19.03.05 1:50 am

K man, i think i got everything sorted now, =D cus i tried DLin that torrent you posted earlier again (the scene) and this is the average speed i was gettin, Click Here can you think of anything else that might make it go even faster??

You are now officially my Broadband Guru =D

Thanx for everythin man =D lol i'd still be DLin at 2-5kbps if i hadnt found your site lol,

thanx again,
Bael


Bael - 19.03.05 1:52 am

that was me btw^^

i know lol i got confused, when i put in most of the rules i just copied/pasted into telnet, an all these IPs confuse my tiny n00bish brain lol =P
But i know what i meant =D


anonymous - 19.03.05 2:30 am

Now THAT is BitTorrent speed! good work dude! we always get there in the end.

You want fatter? Sure, there's always wee tweaks that can be done, timeouts and sfuff, but first let it all settle for a bit (remember to SAVE ("commit" in telnet)), get to know how the connexion performs, then you have a baseline to work from when you tweak. Happy torrenteering!

Ahh.. I can sleep now!

;o) Cor

ps.. good speed tweak you can do right now.. SWITCH OFF super-seeding!

unless you are the original seeder of a file, that setting will, in fact, slow the torrent down. Azureus (the best BitTorrent client atm) cleverly applies the super-seeding algorithm only when you are the original seed, otherwise it uses regular seeding. best of both worlds, and definitely worth a look. <- confessions of an Ex-BitTornado user!


cor - 19.03.05 2:30 am

that was me, by the way smiley for :D

nite dudes! have a gooo weekend!

for now..

;o) Cor


Bael - 19.03.05 3:02 am

k thnx agen for all your help, I'm downloading azureus as i type =D

If theres anything i can ever help you with id be glad to =D tho i dont know much about anything lol, cept for xbox hardware modding thats as far as my knowledge goes lol xD

and azureus is finished =D

lataz man,
av a good weekend =D
Bael


George - 19.03.05 3:31 pm

ok,heres the problem,
my internet is on laptop usb 192.168.1.3 & dreambox connects on 192.168.1.4 and router lives on 192.168.1.1.
the dreambox sometimes works and sometimes does not,i dont think its anything to do with port forwarding cause i tried all that as explained here.i think the router times out.im trying to log onto tcp port 4000 to 4020.
on laptop i do not have an ethernet port i have a pcmci network card,thats why i use the usb.
i think the only way anyone can help me is if they have a dreambox and had the same problem with bt 205 adsl router.
thx for your help guys.


duffy - 19.03.05 5:59 pm

when you open ports do you open them on your static i.p. or on your router address at 192.168.1.1?
when i open them i hear a clicking nose on the website then my internet stops responding alltogether after i try to open ports what is wrong?


cor - 20.03.05 4:02 am

duffy, you open port on your router, and you route them to the IP of the PRIVATE COMPUTER. ie. 192.168.1.4, or whatever. The router's address is NEVER entered into ANY rules. ever.

George, okay, we're starting to get somewhere. first, the router isn't trying to log onto anything, apart from your ISP. what uses port 4000 and 4020? Is that the dreambox? is that incoming connexions? from the LAN? from the net? outgoing? to the laptop? from the laptop? WHAT? What are you trying to do, exactly?

And please tell me what a dreambox IS, a link would be fine. anything. this will be easy peezee to setup, but not without good information about the equipment you are using.

The pcmcia card, isn't that ethernet? do you have an ethernet switch? please answer all these questions. THEN I can help.

;o) Cor

ps.. Bael, I might contact you about the XBox stuff! smiley for :cool:


Wags - 20.03.05 10:14 am

Please provide some help on how to connect a Dlink wireless router (DI-624) to the Voyager 205. My Voyager 200 was replaced and now I cannot connect the wireless router. Dlink asks if its PPPoE or Dynamic IP, when I try either, it doesn't work. Under PPPoE, it asks for password, which has changed from the 200 to 205. Do I use the "Voyager205.user..." password? Under Dynamic IP, I clone the MAC and try, but it doesn't work either. Dlink rep said to disable DHCP server on 205, so I did, but it still does not work. I am convinced the 205 is blocking something to my wireless router, but unable to figure it out. Any suggestions would be a great help!


duffy - 20.03.05 12:50 pm

cheers cor


duffy - 20.03.05 1:11 pm

i tried that and it didnt work what im trying to do is play age of empires what happens is the game doesnt load and i here a clicking noise in the backround then i end aok then my internet doesnt work at all any solutions?


duffy - 20.03.05 1:39 pm

i opened the port to 192.168.1.4 then probed it and it says its blocked im confused


duffy - 20.03.05 2:13 pm

right i figured something out when i set up a dmz rule it works then stops working, when i hear this clicking noise that sounds like a pop up blocker or summit, but i got all firewalls down this is really annoying whats wrong you know?


Jeff - 20.03.05 4:16 pm

Hello,

Has anyone configured thier 205 to 'use' Shareaza and successfully run the connection test http://jih.no-ip.org/connectiontest/ for both tcp and udp. I can get success with either tcp OR udp using a single rule id eg 6346 but not both.

I've tried rules and variations of as shown on the recipies pages without success. It's all bit over my noob head.

Any advice would be greatly appreciated - all the clever contributors to this site have my admiration for the time and effort they put in.

Thanks in advance.


cor - 20.03.05 5:54 pm

briefly passing through...

Wags, the Dlink usually does the ppp part, too, but not PPPoA, afaik, so maybe try with static IP, and alter either it or the 205 to be on the same subnet, the 205 uses 192.168.1. and the Dlink 192.168.0. so they won't talk without tweaking, then stick it on the WAN side of the DLink, and try again!

duffy, is 192.168.1.4 the IP of the machine running AoE? Show us the commands you entered. Have you been through the checklist at the foot of the troubleshooter page?

Jeff, what you need is the Azureus rules (recipes page), just change the port to 6346, and the IP to that of your private machine (the one running shareazza). You need three  rules, two firewall rules (one for udp, one for tcp), and one NAT rule (for both). Don't forget to UNcheck "random" in the shareazza ports setup.

;o) Cor


duffy - 20.03.05 8:48 pm

i didnt have it stealthed would this matter though and what is bios firewall?


Jeff - 20.03.05 9:08 pm

If I create two fw rules one for tcp one for udp and give them ruleid 6346, the second gets rejected cos its got the same id as the first although its for udp. This is where I've been stumbling up to now.


cor - 21.03.05 2:33 am

Jeff, go read those rules again carefully. you can't have two rules with the same ID, that's not possible! That's why, in the azureus rules, the udp rule is ONE DIGIT HIGHER. look again!

The numbers are totally arbitary, just make em up, so long as they go in the correct order, the actual ID numbers themselves are irrelevant. Generally we create rules that match the ports they apply to, because it makes for easy administration, but you can number them after the birthdays of your favourite film actors, whatever!

duffy, yup, the first stealth rule is nothing to do with firewalling, it's do to with enabling communication, another case of look again!

A BIOS firewall is just like any other firewall, except it lives in your computer's BIOS (Basic Input-Output System), which is that DOS-like screen you can get to when it boots-up, by hitting F10, or "delete", or whatever your motherboard manufacturer has set as the hot-key.

Firewalls are hiding all over the place, keep yer wits about ye!

;o) Cor


Jeff - 21.03.05 2:58 pm

Carefully. Ok I admit I'm a dummy. Cheers.


cor - 21.03.05 3:39 pm

smiley for :lol:

hey! Jeff! If I had a buck for every really obvious thing that I'd overlooked, well, there would easily be enough for a slap-up meal and Cinema for two! But Rule ID's isn't obvious, and I've made exactly that same mistake myself! We live and learn.

The important thing is we get there in the end, even if it takes a few comments back-and-forth. no worries, that's half the fun! Believe it or not, I'm truly grateful for you highlighting any possible confusions, and the opportunity to clarify things. I'll likely work some more on my body text, see if I can make things clearer still.

Or maybe I'm just really chuffed my web host reappeared! smiley for :D

keep em coming folks! and remember,
there's no such thing as a stupid question!

for now..

;o) Cor


duffy - 21.03.05 11:58 pm

when i use i dmz rule it works for a while then doesnt why is this cor ?


Rizla - 22.03.05 2:05 am

I cant tell you how thankful I am to people like you.

I was ready to throw this voyager router in the bin, with no explenation for my sister who has had internet problems for over 1 year. Now she is all setup with everything she needs.

THANK YOU!


Rizla - 22.03.05 2:08 am

also, gotta mention this.

I never laugh at anything, but your witty wording made me chuckle at least 3 times. :)


cor - 22.03.05 6:38 am

hey! Rizla!, best compliment I've had all day! mind you, I've only been up a half hour!  smiley for :lol:  glad you got it worked out dude. A year with a kaput router is a lorra lorra pain! Is your sister rich, by any chance? just a thought. smiley for :ken:  glad you got it worked out dude. A year with a kaput router is a lorra lorra pain! Is your sister rich, by any chance? just a thought. smiley for :ken:  glad you got it worked out dude. A year with a kaput router is a lorra lorra pain! Is your sister rich, by any chance? just a thought. smiley for :ken.gif

duffy, you're incredibly fortunate to get a dmz working at all, my experiments have shown it to be far less efective than regular port forwarding, at least with the viking chipset. Maybe it's possible, but I always view the DMZ as a last resort, because it's safer, and perfectly feasible, to have live internet servers behind a NAT gateway.

If I were you (which, as ever means, "if you were me"), I'd stick with regular port forwarding. remember you can open a range of ports. try these rules, in a telnet session (replacing the IP with that of your computer) ..


create ipf rule entry ruleid 2234 ifname public dir in act accept destport range 2234 2400 transprot eq tcp seclevel high medium low

create ipf rule entry ruleid 2235 ifname public dir in act accept destport range 2234 2400 transprot eq udp seclevel high medium low

create nat rule entry ruleid 2234 rdr lcladdrfrom 192.168.1.4 lcladdrto 192.168.1.4 destportfrom num 2234 destportto num 2400


create ipf rule entry ruleid 6073 ifname public dir in act accept transprot eq tcp destport eq num 6073 seclevel high medium low

create nat rule entry ruleid 6073 rdr lcladdrfrom 192.168.1.4 lcladdrto 192.168.1.4 destportfrom num 6073 destportto num 6073



It's been years since I've played AoE, but it's a cool game, give me the name of your server and I'll log in and kick yer butt!1 smiley for :cool:

;o) Cor

references:

1:
jus kiddin, I was never that good at it...


RiZLA - 22.03.05 7:16 am

I did notice 1 thing, when running webserver, it could be accessed with the .ath.cx by my friends remotely, but anyone on lan & server localhost gets the router config page.

thanks to your "Secret Admin Page Selector!", I changed the HTTP port to 61500, after reboot, accessing .ath.cx on lan yeilds a 404. :(

I have forwarded port 80 to the web host & it is obviously working since my friends can connect.

I read the info about using a proxy, not sure if that would help.

any ideas?


Rizla - 22.03.05 7:40 am

I downloaded the source for the page selector to change port to 61500, the other file wont download.

http://corzorg/comms/hardware/router/205_popup_pages.zip


Rizla - 22.03.05 7:46 am

figured out the corzorg was missing a "." :)


cor - 22.03.05 8:00 am

accessing your "public" dynamic domain from inside always gets you the 205 admin page, use a proxy! Then you are coming in from the outside, sotra "round-trip" style.

If you change the web admin port, that won't help, it's routing that's the problem (not that it really is a problem), not port numbers. My own webserver runs on port 80, my 205 admin runs on port 80, they don't conflict, because they are on different machines.

From outside, you get NATted to my webserver, from inside, you get the 205 admin. no problem!

sorry about the dot! oops! now rectified! Thanks for pointing that out. You see, "corzorg" is the domain I use to access my webserver locally (from outside, my dev server is corz.ath.cx). when I want to check the corz.org online versions, I just add a dot!

By the way, saving the regular html for the selectors works just as well as the php source, but the source is more cute, of course.

;o) Cor


RiZLA - 22.03.05 9:38 am

yeh, thought so, just that there are other users on the lan & I thought it would be better for them to get a blank page rather than the router config when accessing the ath.cx.

It would be difficult to get them all to use proxies.

this is a minor hitch tho, I am still very grateful.


cor - 22.03.05 12:44 pm

so give the serving machine a proper name, and get them to use that instead. something shorter and cooler than your dynamic domain name. see here for more details.

alernatively, hack the .ath.cx domain directly into your local hosts file, pointing it to the serving machine instead. This works great, and is transparent to users, too.

Once the ath.cx domain is hacked in to your local hosts, browsing to the ath.cx domain will take them directly to your server box, instead of the gateway. local host names are resolved before remote ones, you see. the above link will give you more details on how to do this.

;o) Cor


PaulG - 22.03.05 1:11 pm

Hi Cor

Did you see my message above dated 07.03.05 8:21 pm? I'm stuck in the water on this one. Thanks for your time.


cor - 22.03.05 2:11 pm

no PaulG, I didn't! You just nipped it in before one of my own replies!

I entered the two rules (replacing "(ip outside lan)" with an actual IP address), and it works great! I can't understand why yours wouldn't. hmmm.

Feel free to mail me the exact command, including IP address, and I'll take a look at it.

;o) Cor


duffy - 23.03.05 12:30 am

LOL yeah if i ever get it workin your on about aoe 1 or aoe 2 (age of kings) ? also the ip of your computer your on about static i.p. or the i.p. that is 81.???.??? etc? is it not ports 2300-2400?


duffy - 23.03.05 12:39 am

p.s. keep them telnet rules on for me until i know what i.p. to put in , if im right i should :- turn off dchp mode, open the filter to high,give myself a static i.p., set thoose telnet rules to my static i.p which ive used...........then it will be happy days? Another thing one other guy i talked to about this said i was behind a proxy so what is all that about ? cheers cor ... btw you wont ever beat me at aok smiley for :lol:


RiZLA - 23.03.05 6:43 am

create dns servaddr priority 0 212.159.11.150

Invalid command on my v1.1 voyager 205.

I tried "create dns ?" & it doesnt show anything for the PRIORITY arg

should this be "create dns servaddr 212.159.11.150 priority 0"?


RiZLA - 23.03.05 7:06 am

Also,

You say to disable DHCP & go static, any reason for this?, I have followed most of your guide but have kept DHCP enabled, to let clients connect on default server-assigned TCP/IP settings.

1 more thing sorry,

How easy would it be to move the ip addressing from 192.168.1.* to 192.168.0.*? (its what I've been using for as long as I can remember & its now hardcoded in my brain). Is it just a simple case of changing the "LAN IP Address" & re-creating the "ADDRESS TABLE"?, or are there other elements to worry about?

thx again

Keith.


cor - 23.03.05 11:27 am

yeah duffy, you got it alright. as for the proxy. hmm, that might create problems. If you are with BT, you shouldn't be behind a proxy. Or is that just a web surfing proxy you are talking about? if so, that's alright, it won't affect anything but your own web browsing.

I never did get Age of Kings for my peecee, just the mac, and they aren't compatible, which is crazy, but there ye go! I like the original best (which, in fact, Microsoft didn't write, but simply bought). You! Chop some wood! smiley for :lol:

RiZLA, maybe you need to upgrade you firmware. that command should just work, no problems. I don't know if you can set priority with the older firmware.

As for DHCP, it's perfectly feasible to have a mix of static and dynamic IP addressing, I do. Simply create your DHCP range away from your static IP's. I use 192.168.1.50 - 192.168.1.99 for the DHCP, and assign my static IP's in the low numbers, 192.168.1.3, etc.

It's very easy to change the subnet to 192.168.0.1, I was running it like this until very recently, as my own network was 192.168.0, and as you say, it was "hardcoded" into my brain. I changed it so that my own examples would work better for you guys. see here..

http://192.168.1.1/MainPage?id=2

The only real drawback is that if the router ever gets reset, you'll need to flip one of your machines onto the 192.168.1 subnet to go alter the setting again, or rather, upload your custom cfg file.

You can also create "virtual" subnets, so you can run both as once, but that's a tad confusing for most folk. Personally, I've gotten used to having 192.168.1 addressing, and the hard-coding in my brain has been overwritten! For most things, fortunately, I use "names", as opposed to raw addresses, so the changeover was fairly painless, pretty much just editing my host files.

have fun!

;o) Cor


George - 23.03.05 6:27 pm

Dear Cor
this is a link of the dreambox.
http://www.dream-multimedia.com.au/dm500.php
i got a freind running a server in europe on card sharing,now the ports i need to pick up from his server are tcp ports 4000 to 4020.
all this is programmed in the dream box,with a pass word.as i said sometimes it works and then stops or it will never work until i reboot the modem a couple of times.my internet is on usb on the voyager 205,and from the ethernet port on the voyager goes to the dreambox.ive uninstaled the router from the laptop to see if that was the problem and connected internet with ethernet worked no problem,then connected dreambox alone works for a bit then stops like it times out.
im not very expericenced with router configuration,but i did try some of your tips with telnet and browser. but still i had the same problems
usb is on ip 192.168.1.3 and dreambox pick up automatically ip 192.168.1.4.
is there a solution for this or should i go buy a new adsl modem router.
if possible and you can write the stuff down for me so i can input in my router with telnet id be gratefull of config a file for me to upload to the router,
sorry for disturbing like this,but i need some help please.
thanks in advance.







RiZLA - 23.03.05 9:15 pm

Thank you again

you're amazing! smiley for :eek:


cor - 23.03.05 11:09 pm

hi George.

firstly, I know almost nothing about televeision, I don't watch it, though I do enjoy the odd show over the internet. so "satellite television" is even more of a mystery to me, and ides like "a freind running a server in europe on card sharing" are totally over my head, or maybe some inches to the side.

whatever, I'll stick with what I do know, and start by saying, ditch the USB! If you don't have an ethernet switch, GET ONE! (they are around ten bucks) and set up your LAN with static IP addressing.

DHCP has some benefits, sure, but with static addressing, you know where you are. It's comforting to me that my Linux server is always at 192.168.1.100 and can be accessed by typing "soho" into my ssh/telnet/browser/etc. In an environment with so many variables, like a network is, it helps to remove as many as possible.

Page 34 of the dreambox manual (section 32.1) shows its LAN dialog, I would set it up like this..

IP: 192.168.1.200
subnet mask: 255.255.255.0
Type: LAN
Nameserver: 192.168.1.1
Gateway: 192.168.1.1
DHCP: unchecked
enable network: checked
port: 80

And save. Then work through the checklist at the bottom of the troubleshooter page, it only takes a minute, but ensures everything will be AOK for our NAT rules.

Open a telnet session with your router and issue the following commands..

create ipf rule entry ruleid 4000 ifname public dir in act accept transprot eq tcp destport range 4000 4020 seclevel high medium low

create ipf rule entry ruleid 4001 ifname public dir in act accept transprot eq udp destport range 4000 4020 seclevel high medium low

create nat rule entry ruleid 4000 rdr lcladdrfrom 192.168.1.200 lcladdrto 192.168.1.200 destportfrom num 4000 destportto num 4020


You may not need the middle one (UDP firewall rule), but the manual doesn't say if it uses UDP or not, it won't hurt to have it there. Don't forget to..

commit

afterwards. Once your done, export your OWN config file (use the web interface) and keep it somewhere safe on your hard drive. It's just a plain text file, a script. Check the text in the "shell scripts" folder of the public archives, which explains how you can get that back into the router if it ever gets reset, or you upgrade the firmware, lightening strike, act of God, or whatever. If you haven't upgraded the firmware to v1.6 yet, do that first.

The box itself looks like an impressive device. (insert a couple of minutes Googling) Hey! It's got a decept PowerPC CPU, runs Linux, and is scriptable! neat! so one person can grab a PPV show on their own satellite dish, and stream it straight over the internet to other folk for free! It's a great idea! Could I watch these shows on a regular peecee, I wonder? I do enjoy the occasional TV show (Yeah, I'm a "FREE SAT TV on your peecee" subscriber!) so I'm a bit curious. I'll have to delve into this, methinks. There must be loads of dreambox type devices out there streaming exclusive content over the internet that I don't know about! Tell me more! How do you find his server, for instance?

Anyways, let us know how you get on. Feed me more information about this secret world of free video and I'll be happy to answer all your dumb networking questions! smiley for :D

for now..

;o) Cor

ps.. shucks Riz! it's hard enough getting my head out the front door without you starting that m8! smiley for :lol:


mongoose - 23.03.05 11:48 pm

I have learnt more about IP stuff here in two days than in two months searching google. My Router is the BT Voyager 200, most of the 205 seams to apply. Iam trying to set up a Mandrake MNF and whilst the LAN side works fine I can't get it to "see" the Router (never mind the www), all my (STATIC)IP addresses stack up now, I think...yes I'm sure, but obviously something is not right, should I perhaps use a crossover cable between them?


duffy - 23.03.05 11:52 pm

i done everything and still didnt work, i dunno whats goin on do you know web settings when it say automatically detect setting that got owt to do with it, any more suggestions?


george - 24.03.05 12:14 am

cor.
thx for your quick reply.
i will let tell you a lot about free tv once ive got this dream box to workmcount on me.you will be impressed.
what i wanted to ask you is that i have a micronet sp888 broadband dsl/cable router,i tried to connect from ethrnet bt to router then to dream and ethernet pcmci card but i could not get it to work,is it possible for it to work rather than a switch as you suggested.
then you said i should telnet into the router create nat rule entry ruleid 4000 rdr lcladdrfrom 192.168.1.200 lcladdrto 192.168.1.4 destportfrom num 4000 destportto num 4020
i did but it says error and the first ip is higher than the second.
hope you are still there.


cor - 24.03.05 2:57 am

oops! George, please accept my humble apologies. Guests arrived just I was previewing, and I reviewed only briefly, and I now realised I'd altered only one of the two IP's from when I tested the rules on my own 205. I'm 192.168.1.4, not your dreambox at 192.168.1.200! kinda obvious though, eh! I guess not. sorree. it was a test! *ahem*

Anyways, I edited it so that both are 192.168.1.200, feel free to copy and paste once again!

mongoose, a regular CAT-5 cable is fine, the 205 has a hard-wired internal cross-over, as Country Bumpkin discovered. Run through the checklist (bottom of troubleshooter page), make sure everything's ticked, or at least the bits you need.

Does the Mandrake box talk nice to other machines in your LAN? can you ping it, etc? Tell me more about your LAN environment, how its physically connected, etc. In the end, I don't understand why you'd need MNF working with the 205, the 205 is a great wee firewall itself! Put the hardware to better use, Slackware, for instance. smiley for :D (seriously though, Slack rocks, is very KDE friendly, KDE3.4 is out now, and then there's Karamba too, MMMmmm! not to mention the best RSS News Ticker on planet earth, and Free! where was I..? )

duffy (from earlier) to clarify, the IP that goes in the NAT rules is the IP of your private computer, which will be 192.168.1.something.

I don't know what "automatically detect settings" you mean. In Age of Empires? All I remember is that you can choose tcp/ip (which is what we want) or serial (and maybe other) play. Don't worry about supplying too much information. It's all good.

k, back to the blog..

;o) Cor


cor - 24.03.05 4:33 am

George, why not get the micronet sp888 to do it all, connect the DSL, provide a 4-port ethernet switch/hub, etc. There's not a lot of info online, but it may be able to do it, search all the comments here for "Encapsulation Protocol" for BT's ISP connexion details. You will need to enter these into the unit, or at least check if the current settings are compatible. Don't ask me how to get to it's settings, rtfm! and give it a try!

just a thought.

;o) Cor

ps.. Interestingly, the comment where we had that error (above), was comment number 666. OoOoh!


mongoose - 24.03.05 7:24 pm

Yes, I have run through the troubleshooter checklist, all OK.
My LAN consists of 3 PCs and 2 Laptops with an outlet wired to each room + patio, all machines talking nicely to each other, inc MNF. All can see router except MNF.
Voyager 200 firewall set High, AV, Spy, Ad stuff coming out of my ears and still I get a remote control Trojan in, so I thought a Linux Firewall/Server was what I needed.
But if my router will do the job, lets go. Whats the difference between my 200 and the 205?





duffy - 24.03.05 8:49 pm

when u set ur static i.p. that is the private computer i set the rules to the private comp n it still not work


duffy - 24.03.05 8:53 pm

i tried the port probe n it says its denied what about the i.p. address that is 81.159. .... etc?


George - 24.03.05 9:44 pm

Cor,cheers again for helping out but im not familiar in routers and all the configs to go with it,so i might buy a new adsl modem.
but i have 1 more questions,bt voyager on default settings,usb automatically in 192.168.1.3 and dreambox works only if i disable the dhcp and use ip 192.168.1.35,it works for quiet a while 2 to 3 hours,then stops.any ideas why it works on 35 not on 4.
the server in europe that i pick up the codes from are 18 servers,each server and an original paytv card on it,so thats why tcp ports 4000 to 4020. the last to ports no cards on server yet.
when i called bt foor help i told them i was using the xbox on the ethernet port they suggested to me to use dmz rule id 50 and ip 192.168.1.35,so i tried that and it worked for a bit and works without dmz to.
im sure it has nothing to do with port forwarding,its something else in the router,i think its a setting for it not to time out,any ideas again.
email me for dreambox stuff i cant really type on here.
thx again.






Ian - 24.03.05 11:04 pm

Cor,

Thanks for this site, u are a god in my eyes. Now that i have buttered you up can i ask a favour of you.

a. I have setup my router as per your instuctions. ( Stealthed with rule 5 and 50000 also the standard attack protection, set up firewall and nat rules for emule.Also the essential tweaks for
time to live../enable ppp keepalive../ppp sessions time-out after thirty minutes inactivity. let's change that../maximum number of IP sessions the modem can manipulate simultaneously..
default is 192, max is 512.

b. I have tried to p2p port probe with no luck. Can i ask what i sould be putting in there and do i need emule running. Silly questions i know but getting lost.

c. I also am a games player (counter strike source) i am not a server but play multiplayer on lots of servers. Do i need to setup nat rules for these.

d. When searching for servers i dont get full list as per required any thoughts on this.

e. Lastly any tips to get full speed on this router when playing multiplayer.

By the way how is scotland, i am an Oban man myself but live in that country stuck on at the end of Gods Country. No offence meant England




Michael_O - 24.03.05 11:46 pm

Hi mate.

voyager 205

Please could you provide some advise on why my sonic wall VPN will not work on this router.I manage to surf fine until I enable my VPN In which case the connection to the internet fails. Allowing me no choice but to disable the VPN and then do a IP release renew.. Ive disabled the firewall on the router but no luck here. I have no FW on my win 2k laptop.

any ideas ??
thanks a lot


matanza - 25.03.05 1:35 am

Apparently this device supports multiple VPN pass-through, I don't suppose anyone knows where and how this is enabled/disabled. Or is it automatic and my remote firewall really is up the duff. I've not got much hair left at this stage... :-s

Cheers


duffy - 25.03.05 1:35 pm

do you know how to set up the adsl modem if your setting are for a router i tried but it didnt work


Dazzla - 25.03.05 5:33 pm

Thanx for helping me with my dl speeds i now can get good speeds on p2p networks... is resetting my router going to change any options i have changed on it??


anonymous - 25.03.05 8:33 pm

duffy - 25.03.05 1:35 pm

do you know how to set up the adsl modem if your setting are for a router i tried but it didnt work

Hi Duffy,

I dont know if this helps but if you are using the BT help program it has a option to swap to modem


uksparky - 25.03.05 10:02 pm

hi i need help

not it minded

need my bt voyager 205 adsl router done

i can get telnet up and i am lost

can you email me a copy and paste for telnet as i wont to use bittorrent and i need port forwarding and thay wont tell me how to do it.

as i wont to upload and share all i get is the red and amber light never the green

please help a newbie

many thanks


RiZLA - 25.03.05 10:11 pm

hi, me again

I'm at my sister's now. If she runs emule or other high band apps, although the ports are open, after a while the internet becomes non-responsive, even emule itself soon loses all connections. Sometimes cant even connect to the voyager router by either web/telnet, sometimes one, then the other or both.

I have done a reset then the basic 2 line stealth commands u suggested. Added the 2 tcp/udp ports for emule in v-server & filter.

any ideas?


anonymous - 26.03.05 1:35 am

Hi
I am running xpsp2 and are connecting via bt voyager 2o5, I use zone alarm security suite and I dont turn on the windoews firewall. For some reason I can not get the green smileys in azureus I have tryed forwarding the ports and it is stealthed and my pc has a static ip... this is all so annoying as i had it all workiing fine till the cat chewed me wires and i had to reset the router
Thankyou in advance for any advice you may have

ps Great site!!!!


cor - 26.03.05 11:35 am

sheesh! I can't leave this page for five minutes!

First, mongoose, I don't know anything about the 200. But if you can locate a technical manual, PDF or something, I'm sure we could figure out your rules.

duffy, sorry dude, you're gonna have to frame a sensible question if I'm to have any chance of helping. Put all the info in one post, make sure you've run through the checklist, and tell us exactly what's happening.

george, ditch the USB.

Ian Flattery doesn't work with me, but your question shows that you at least made some effort, and that does. YES you need eMule running if you want to test eMule port. YES you'll need to setup rules for the game server. For listing remote servers, try tweaking your timeouts (UDP/TCP, whatever it uses). Run through the checklist again, some of these things are mentioned there.

Michael_O and matanza, I'm still waiting for someone to get back to me about the VPN capabilities, I know it works, check through the earlier comments here. And when you get it working, let me know what you did! I've nowhere to VPN to, but I do know that P64 of the reference manual goes into greater detail. I just don't have the time just now to do theoretical work on something I can't test!

Dazzla, resetting the router (poking something sharp into that hole at the back) puts the unit back to factory defaults. If you want to save your config, save your config!. type commit in a telnet session, or hit the "save" button in the advanced pages, and then export it somewhere to your hard drive. you can upload it again to use it as your default setting after a reset.

uksparky, I have already provided exactly what you ask for. please see the links menu at the top of this very page. There are other pages!

RiZLA disable KAD, it uses way too many connexions, and overloads the router's IP session table. Also tweak for shorter tcp/udp timeouts. mine are currently..

modify nat global udptimeout 90
modify nat global tcpidletimeout 3600
modify nat global tcpclosewait 45
modify nat global tcptimeout 30


which seems to work pretty well. Games would probably want smaller timing. The max IP sessions, even at the max setting (512) is still too small for multiple p2p networks running simulteneously. A similar thing happens if you have a few torrents going, and eMule (so far, so good), and then start up Piolet, or similar. Bang! no internet!

anonymous Did you run through the checklist? It sounds like a firewall thing, but do the checklist, and see if everything's kosher, come back here if it is, and you're still getting problems.

for now..

;o) Cor

ps.. Sometime soon I'm going to start ignoring all posts that don't explicitly state "I went through the checklist and every single thing is checked!" smiley for :ken:



barney - 26.03.05 12:40 pm

Happy Easter!cor
modify nat global udptimeout 90
modify nat global tcpidletimeout 3600
modify nat global tcpclosewait 45
modify nat global tcptimeout 30
What are the defaults for these please
I am intrigued?

Best

barney


cor - 26.03.05 3:01 pm

hey cheers barney! right back at ye!

The defaults? erm, no idea! We'll have to ask someone who hasn't altered them!  smiley for :lol:  they aren't specified in the firmware or "clean" configs. But they won't be so far away from my values, I don't remember making any drastic changes, in the end.

;o) Cor



Jeff - 26.03.05 3:30 pm

Hello,

NETSTAT -AN:192.168.1.4:xxxx should xxxx always correspond to the port or range of ports specified in a torrent app when said app is running(and no other net-apps)? Mine usually do when BT open (say 30006 thru 30011 with a connection established on each one) but today they are all over the place(:1714,1720,1736 etc). Did a Shields up and ports were stealthed but torrent was downloading.

Thanks in advance.


mongoose - 26.03.05 4:08 pm

The 200 looks just like a Dynalink RTA but I have not been able to establish whether its a 100 or a 220.
A bit more Googling and I've found that the firmware updates for the RTA220 follow the same format as the Voyager 200 (ie: 5.1.0.7).
Also I seem to recall coming across the name Askey when browsing the USB installation disc that came with it.
Favourite ISP helpfull as ever...zilch.


Ian - 26.03.05 6:03 pm

Dear Cor,

Thanks for thisIan Flattery doesn't work with me, but your question shows that you at least made some effort, and that does. YES you need eMule running if you want to test eMule port. YES you'll need to setup rules for the game server. For listing remote servers, try tweaking your timeouts (UDP/TCP, whatever it uses). Run through the checklist again, some of these things are mentioned there.

Just before i setup rules for games can i ask.
a. On a ranged nat can i use ALL instead of UDP/TCP for the type of traffic or set up for both types.

b. The port range for the game is as follows UDP 27000 to 27015 inclusive TCP 27030 to 27039 inclusive. Which have no problem setting up using the generic nat rule. But also i have been given this UDP 1200. Any ideas what that number is for.

Thanks again, Shame Flattery does not work.

Ian




Ian - 26.03.05 6:06 pm

Dear Cor,
Think i may have answered my own question on above, is this another nat rule i have to setup for port 1200.smiley for :D


Jeff - 26.03.05 6:44 pm

Ignore my 3:30pm question about netstat - I think I've figured it out. Thanks. Happy easter all.


justmakeituplol - 27.03.05 2:29 am

great stuff zone alarm is quiet as if it never did work :-p
stelth mmmmmmmm
plus all my anline games work even better
a big THANKS you are a dude


RiZLA - 27.03.05 3:00 am

Thx for the tips, shame tho, this 512 max cons thing is a big concern if it means a max of 512 sources in p2p.

If this is the case, After using USB for over 5 yrs, I'm beginning to wonder if Ethernet is the best method. since with USB, there is no max ip connections limit, and using both down/up bandwidth at full capacity is stable too. Besides the extra resource usage, which isnt really noticable, even with KWF) was just pure hell the 1st yr using the Alcatel drivers, but since Thompson came in, the drivers have been pretty stable. I thought Ethernet would be a sweeter solution, but the Voyager has crashed more times in a day than the USB st330 does in a yr and its hard to do much of anything without hitting this limit & even refusing access to the router itself. (unless I have a broken 205).

It's ok for me, I can plug my USB back in, but my sis is stuck with it since she upgraded to the 2.2mbit bt line.

BT said the Speedtouch 330 is not suitable for the 2.2mbit line, so they made her buy the Voyager205, but after problems, they sent her another, so 2 for £25 aint too bad, means I get to play with one & help her out.

If there is something wrong with my view on this, please let me know.

thx cor


adam - 27.03.05 1:12 pm

hi can you help i have a smile cam but when we try to view over the net we get no pic can someone help as i really have not got a hope in hell many thnaks adam


Mick - 27.03.05 2:40 pm

Hi, i found the website very helpful it helped me understand using my router allot better than i did. I tried to open ports 6881-6889 like you gave the recipy for and 49210 but on azureus it said nat error when testing the port and then said it couldnt access it, and on bit torrent i still get the yellow light and downloads are goin painfully slow. If you could give me some information to help i would really apreciate it because its bin like this for AGES and isnt getting better. I have no firewall on pc, firewall on router was of and stil didnt work so i put it back on, i got 205 voyager, i got 1mb downstream and like 288 upstream..? my pcs ip is 192.168.1.3 and i changed the recipes to suit it. If you can help me in the right direction PLZ e-mail me it would save me so much hassle, and ur webbie rocks for info. Thx.


cor - 27.03.05 3:19 pm

RiZLA yes, there's something wrong with your view! your USB connexion was with a different modem. the 512 max is limitation of the 205, regardless of how you connect it, that's 512 simultaneous IP sessions. If you connect the 205 by USB, you still have 512 limit PLUS it will disconnect you every few minutes! The only way to increase the limit, is to use a different modem.

Jeff, Ian, are you really sorted now? If in doubt, make a port-forwarding rule!

adam please provide more details. what cam exactly? what software? is it a server? does it need an incoming port? tell us anything you think may be relevant.

Mick, run through the checklist at the foot of the troubleshooter page, sounds like something's amiss. ensure you have set the exact same port in Azureus, for instance (49210, or whatever).

I'm not at home today, so I can't fiddle with my router, it's Easter! take a break dudes!

;o) Cor



agentgates - 27.03.05 3:39 pm

hi

Hmm... I have big trouble...

:((( (hi is very sad)

I think, I killed my router. smiley for :roll:

I came home from work, I was quite tired that evening and I started to continue the rebuilding of my new home-network. I,ve changed three lines in the script file, because I wanted to switch it to dhcp client mode.

And since that when I switch it on, the router isn't working, just the 5 leds are lighting. I tried to reset it (many of times), but the symptom is just the same.

Here are the original script lines:


modify dhcp server cfg enable
create dhcp server pool start-ip 192.168.1.3 poolid 0 end-ip 192.168.1.34 mask 255.255.255.0 dname laptop gwy 192.168.1.1
modify snmp trap disable
create ethernet intf ifname eth-0 ip 192.168.1.1 mask 255.255.255.0
create usb intf ifname usb-0 ip 192.168.1.2 mask 255.255.255.0


And here are the magic lines, the creature of my "genius" brain:

modify snmp trap disable
create ethernet intf ifname eth-0 usedhcp local
create usb intf ifname usb-0 ip 192.168.1.1 mask 255.255.255.252


Do you have any idea how can I reset it?

Thanks all of your help smiley for :erm:

AgentGates


cor - 27.03.05 4:01 pm

agentgates, you are trying to have the 205 to get its IP address from a different DHCP server on your LAN? that's crazee! It's the gateway! how will you plug the gateway address into other machines if it keeps moving? anyways..

Have you tried poking something sharp into that wee hole at the back of the 205? If you have, then run the v1.6 firware upgrade; that should zap it. If you haven't, then poke something in!

;o) Cor


Creeg - 27.03.05 5:13 pm

Hello there.

Thanks for all the info, it's been a great help! Awkward as it is, I see the many benefits of this little box...

I've followed all of your guidelines to the letter. I'm still having problems, though. I can't seem to be able to set up a static IP for my computer away from it's preset dynamic range of ...1.3 - ...1.34 (I can't find a way to tell if I'm using the static one I set up at ...1.50!). Different sites proclaim different methods of how to set this up. I can figure out how to configure my pc to use a static IP, but how do I configure the router? Should I have set up a static address outside of the standard range, or what?

Also, I'm running eMule, and even though I've set up port forwarding for it (as you described), download connectivity and rate is weak compared to the very strong upload rate. Any help?

I have no other devices connected to my router, so I have no real need to use it as a router. Is there any way you can disable the router aspect and use the box simply as modem, no strings attatched?

Finally, my biggest problem. Whilst running eMule, I can use no other internet apps on my pc (i.e. IE(!), Messenger etc.). I've checked and double-checked all of my internal pc settings and everything is fine... Is this something to do with port forwarding? What's the deal?

Although I'm very new to all of this router/internet business, I am very computer literate, so relative newbie-speak would be appreciated.

Ta! =)


prv.joker - 27.03.05 7:14 pm

I have used the following telnet commands to enable me to see more servers when playing: medal of honer online.

modify nbsize maxipsess 512
modify nat global udptimeout 10
commit
reboot

I would like to portfoward my game port for Mohaa but not shure what port / ports to uses. when i portscan while game is running and connected to my favorit server it lists the following: 1915-12203 running and 12203 listed on its own aswell.

please help



RiZLA - 27.03.05 7:19 pm

yes, u misunderstand me, I know the USB function of the 205 uses some kind of virtual ethernet type thing that normal USB modems dont use.

with the 205, even in USB mode, the router still has the public ip & eth .1.2 address while u have .1.4. and yes, I knew the 512 limit would exist in either mode, but ONLY on the 205.

However, with a normal USB modem, like Speedtouch 330, voyager 10x, etc. there is no maxip Limit, no crashes, no lost connectivity whatsoever, the extra resource usage is minimal. The only downside is that if u want to ics over LAN, u'll have to install some 3rd party ics software because microsoft ics is useless, but right now, standard USB is looking to be the most reliable solution.

How on earth BT expected my sister to use this router is beyond me, she has enough trouble doing menial things like extracting zips, copying files etc. she will never be able to work this router out. if she didnt have me, she would be royally screwed.

oh and about BT forcing her to buy it when upgrading to 2.2mbit. I have a friend that also upgraded, but he remains on the standard usb voyager100.

something stinks.

update: my sis just rang BT, they say they have no idea why she was told to buy the 105 & she can send it back for refund. but she's now back on the voy105 & all is well :)

thx cor.


RiZLA - 27.03.05 7:50 pm

oops, typo.

they say they have no idea why she was told to buy the 205

shame u cant edit your comments, but then that would need user accounts wouldnt it?


Ian - 27.03.05 8:06 pm

Dear Cor,

Yes i am sure i am sorted now mate. Just want to thank you for your help. I know you have not said much to me about the problems i have had, but your pages of info do give all that i needed and are also set out well.

Thanks again for help mate.




cor - 27.03.05 9:44 pm

creeg, you don't need to setup anything on the router, it's up to the private machine to supply its own IP, and then other machines on the LAN (including the router) will simply respect that, unless there's some kind of conflict, like you have DHCP enabled on the router, AND you are attempting to use an IP from its DHCP pool (192.168.1.3 - 192.168.1.34 is the default pool)

Simply disable DHCP, or use an address outside this range. you're done! no further configuration required. As for eMule, is KAD running? It's probably best to disable that. Or you might want to experiment with very short TCP/UDP timeouts.

There's no way, afaik, to use the 205 as a "simple USB modem", and anyway, the disadvantages far outweigh the advantages, at least for most folk. Connecting a Windows® machine directly to the internet simply isn't smart.

prv.joker, here's the ports for mohaa..
Monitoring Port         UDP        12201  -  12201
Alt Game Port           UDP        12202  -  12202
Default Server Port     UDP        12203  -  12203
Alternate Port          UDP        12204  -  12210
Master UDP  Port        UDP        12300  -  12300

I got these from here..http://www.tmmworld.com/Default.aspx?tabid=56

I've also seen the 12299 - 12310 range mentioned, so it would probably be best to create a single udp rule for ports 12201 - 12300..

create ipf rule entry ruleid 12201 ifname public dir in act accept transprot eq udp destport range 12201 12300 seclevel high medium low

create nat rule entry ruleid 12201 rdr lcladdrfrom 192.168.1.3 lcladdrto 192.168.1.3 destportfrom num 12201 destportto num 12300

I don't know about 1915. What's that for?

RiZLA If I were even slightly paranoid, I might surmise that BT started supplying this router especially because it limits the total IP sessions to 512. Out of the box it's set to 192! P2P scares ISP's. perhaps this was there attempt to curtail p2p usage on their network. hmm?

Simply, the only way around the limit is to use a different modem/router. And as for the USB Vs Ethernet argument, there isn't one. Do you know of any ISP's, or webservers of any sort that are connected to their backbone's by USB? For unlimited P2P connexions, buy a good modem/router and connect it by ethernet. Linksys and DLink make some great boxes that are near identical to the 205 in funnctionality, yet don't suffer from the units' inherent limits.

The instructions here are for folk that want to make the most of the FREE hardware that comes with BT's broadband packages. If you want more, you'll need to spend some cash. But watch out, when the bandwidth limits hit in a few weeks, they include UP AND DOWNload bandwidth, so maybe then you'll be want to curtail your OWN usage!

I don't find the IP session limits to be a real problem, and I've always got a few torrents on the go, eMule running, my own webserver, plus surfing/mail/IRC on multiple machines. If you are mindful of the limits, and configure your private machines accordingly, you can squeeze a lot in.

Most modems can handle way more than 2MB, by the way; so if you have an old speedtouch, or voyager 100, or something like that, you can keep on using it!

for now..

;o) Cor

ps.. gr8 news Ian! I sometimes find it difficult to sleep with "unresolved tech" smiley for :geek:


agentgates - 27.03.05 10:04 pm

"how will you plug the gateway address into other machines if it keeps moving? anyways.."

The DHCP server ALWAYS gives same IP address for each device by MAC address. So, the routers IP address and the gateways address always same.

"Have you tried poking something sharp into that wee hole at the back of the 205?"

Yes. Same trouble... :(




prv.joker - 27.03.05 10:09 pm

Thanks for your quick response on : Ports Mohaa

will try them as soon as ive had a few hours sleep, lol.

Once again Thank you Very much. ......Joker


mub - 27.03.05 10:16 pm

Hi all,

I'm having an intersting time getting VPN pass-through to work. Actually, to be honest, I'm not entirely sure it's not working.
When I telnet to the router and issue commands for L2TP I get a "Feature not supported" message.
Example:

$get l2tp global config
Error: Feature not supported
$get l2wall cfg
Error: Feature not supported

This is a obviously a bad sign, but I'm hoping it's not terminal.
Can anyone help me solve this issue and make VPN pass-through work for certain.
I already have port 500 opened and forwarded to my main PC which is where the VPN client is.
I would really like the router be the VPN client so I can access it from any PC on the LAN. But if I can only get it working from my main PC I'll be happy.

Thx guys,
mub


Bael - 28.03.05 1:21 pm

hey again cor =D

I have another problem xD

It's nuthin major, but i think theres something wrong with my connection while playing a game (JKA), see my ping on most servers is like 200+ but when i was on 512k i used 2 have a ping around the same amount, so surely i shud have a better conenction?? right??

The Port the game uses is 29070, and i have made both a IPF and a NAT rule for the port, so i was wondering what else could be wrong with it??

Pic (click) -

an image

these are the rules i used,

firewall:
create ipf rule entry ruleid 29070 ifname public dir in act accept transprot eq tcp destport eq num 29070 seclevel high medium low

nat:
create nat rule entry ruleid 29070 rdr lcladdrfrom 192.168.1.4 lcladdrto 192.168.1.4 destportfrom num 29070 destportto num 29070


any ideas what i missed/did wrong??

thanx man,
Bael


Gary - 28.03.05 4:28 pm

I am having problems connecting my voyager 205 to xlink kai. Can anyone please help!


RiZLA - 28.03.05 4:38 pm

yeh, sorry cor, I dont mean to come here & bash the sole reason for your site. just cant help speaking my mind. :)

I didnt think all routers/ethernet solutions where this cumbersome.

My Argument is 205 vs USB, not ethernet as a whole.

I'm just trying to find the best for my sister with what she has.

she probably would have suffered for another year tho, without your help.

I'm running a web server too, for my hobby site, RenderMiNE. which I wish could go public one day.

1 thing I notice with the 205, is that sometimes when I 1st go to the website, some of the graphics are red X's till I refresh, then its alright. never had this on the USB. not really sure if its 205 related or not.

hosts
192.168.1.3 render.mine.nu


Pod51 - 28.03.05 6:50 pm

Afternoon cor,

Heres hoping you remember my problem from a few pages back, just recovering from some crappy flu thing so bear with me :(

Anyway I would like to get back to geting my FTP up and running and was wondering what info you need from me so that you may help me out. You mentioned config files, which ones do you need and how do I best get them.

Everything else works bloody perfectly games,P2P,connecting to other FTP's etc etc

Ok thats me done for now hope easter was good, will check back soon for reply. Thanks for patience with an inexperienced router noob.


Pod51 - 28.03.05 7:09 pm

Afternoon cor,

Heres hoping you remember my problem from a few pages back, just recovering from some crappy flu thing so bear with me :(

Anyway I would like to get back to geting my FTP up and running and was wondering what info you need from me so that you may help me out. You mentioned config files, which ones do you need and how do I best get them.

Everything else works bloody perfectly games,P2P,connecting to other FTP's etc etc

Ok thats me done for now hope easter was good, will check back soon for reply. Thanks for patience with an inexperienced router noob.


cor - 28.03.05 8:21 pm

RiZLA, I ddin't think you were bashing anything, until you said, "...come here & bash the sole reason for your site". wtf! dude, this section isn't even on the list!

See my last post re: 205 Vs USB. that's not an argument! ethernet is better than usb for network connexions. And most routers are better than the 205 for running lots of connexions. Simple. But if you want to make the most of BT's FREE solution (the 205), connect it by ethernet. Or use some other solution. USB is okay, the old "gree frog" modems, and similar, still connect millions of broadband users every day. no problem. But USB with a 205 is Not Good. We have established this.

And your webserver is live right now! public! What red X's? Is this when you browse your own site? looks fine from the outside, that's what matters. When you access a local website, it's best to use a local domain name, for testing. check out my hosts page, link on this page.

Gary, what is xlink kai?

Bael, a faster connexion won't improve your ping times. The only way to do that is to use less congested network routes, in other words, play with folk in the same geographical location as yourself. UDP across the Atlantic just isn't reliable, for example, too many unpredictable hops.

A 2MB line means now you could send four times more pings at once! (that's just an illustration, other factors would prevent this actually happening in practice)

by the way, thanks for the screenies, THAT'S how to frame a question!

mub, VPN is not in my ken at all, I've managed to avoid it pretty well up til now. In theory the unit does VPN, and folk have certainly dropped in to say they've got it working, but no one's said exactly how. I get the same response for that command. hmm. I hope BT's 1.6 firmware update didn't knock something. If it did, you guys better get complaining to BT ASAP! Anyone still with the original firmware, to check?

All I see in the unit is an ALG rule..

create alg port portno 1701 prot num 17 algtype l2tp

port 500 is used for IKE (Manual Key Exchange, there's also an ALG for this), but it looks like the actual tunnel happens on port 1701. I don't know if you need to create rules for this, NAT may or may not interfere with the tunneling itself, depending on the protocols used. I take you want the 205 to make the VPN connexion, so that all your machines can access the tunnel.bt voyager 205

Some 205 documentation talks about "Multiple VPN – PPTP/L2TP Pass-Through", so perhaps it can't actually be the client, simply allow you to run a VPN client on your pc. For sure, all the telnet commands I've tried just give errors. If I had somewhere to VPN to, I might be able to look into this.

agentgates, don't worry about the dhcp, it's just kinda ironic if you think about it. now try a firmware flash!

ahh, Pod51 FTPd is easy, just bung in a few rules..

create ipf rule entry ruleid 2121 ifname public dir in act accept transprot eq tcp destport range 20 21 seclevel high medium low

create nat rule entry ruleid 2121 rdr lcladdrfrom 192.168.1.100 lcladdrto 192.168.1.100 destportfrom num 20 destportto num 21

create ipf rule entry ruleid 50000 ifname public dir in act accept transprot eq tcp destport range 50000 50100 seclevel high medium low

create nat rule entry ruleid 50000 rdr lcladdrfrom 192.168.1.100 lcladdrto 192.168.1.100 destportfrom num 50000 destportto num 50100


The first pair setup the regular port 20/21 FTP stuff, the second pair are for a "passive" range, which you would also need to configure in your FTPd (FTP server software), whatever you use. Alter 192.168.1.100 to the IP of the machine running the FTPd, of course.

I'll likely get around to adding a recipe for this. Don't forget, Vitamin C (not from pills, though) is your friend!

l8rz..

;o) Cor


agentgates - 29.03.05 1:57 am

"agentgates, don't worry about the dhcp, it's just kinda ironic if you think about it. now try a firmware flash!"

Thanks :)

But, I still have the bigest problem:
How can I upload a firmware if the router doesn't work?

Actually, I tried to reach the router on the USB port, but the router's USB port hasn't IP address.

Do You have any low-level miracle for this problem?
Can I reach the routers flash by direct addressing?

Or can I chuck it out? smiley for :cool:


mub - 29.03.05 2:18 am

hi cor,

Thanks for the input. Just so's you know, I've successfully made a VPN connection from my WinXP PC to a friends VPN host. All I have is port 500 forward to my PC. It turned out to be his smelly Linksys router giving us problems. He swapped his old zyxel 643 back in and hey presto one working VPN. smiley for :D

As far as getting the Voyager to be the VPN client I think your probably right. But seeing as it works fine from my XP box It's not really an issue so don't sweat over answering that one.

Heres another question for you tho. I want to make sure uPNP is turned off on my Voyager. My FW rules set sometimes changes for no "obvious" reason. I get a bunch of extra rules and some of the original rules disapear. Any Clues?

Thx for the info, keep up the great work.

mub - Yawwwwwn...bed time.


Bael - 29.03.05 2:27 am

K thnx man :P

heh guess it doesn't help that every server i play in, is across the atlantic lol xD




RiZLA - 29.03.05 2:33 am

yeh np dude, Im still amazed there are kind people like yourself on the internet that are willing to offer your knowledge for free.

Reminds me there is hope for human civilisation :)


Bael - 29.03.05 1:48 pm

nutha question man =D
I'm just on BT Broadband 2mb package, not the Yahoo! one, an i was wondering, you know like you get a usage/download limit of 15gb per month, does that include files i download of BT, or just files i download of normal websites?? sorry for tarded n00b question lol :P

thanx,
Bael


cor - 29.03.05 2:49 pm

agentgates check further up the comments, there has already been some low-level messing around. See the public archives for files/more instructions, too. (link above the comments)

Bael, your limit includes everything. I'm using bold text because I don't think it's quite sunk in for most folk. That means every email you send and receive, every webpage, ftp tranaction, p2p file shared, all files uploaded and downloaded, dns requests, EVERYTHING!!!

Mine is 30GB/month, and I know that won't be enough. I'll have to cut back some. When your limit is reached you will be reduced to a 115kb/s service. not so bad. Or you can buy extra GB for extravegant prices.

Once again, The Limit Includes Everything!

hey! great news mub! Does it work without the rule in place, I wonder?

And hey! Riz, I give it for free, but I do still like to occasionally remind folk about that big PayPal button at the top of the page. smiley for :ken:

for now..

;o) Cor


cor - 29.03.05 3:51 pm

By the way, mub, perhaps the UPnP is what makes the VPN work so easily. It's easy enough to disable..

upnp cfg nbstatus disable

but beware; your VPN might not work after a (router) reboot without UPnP capabilities. Worth testing, though, and disabling if you can. UPnP sorta gives me the willies, even if it is only happening on the LAN-side.

;o) Cor


doink - 29.03.05 5:09 pm

Hi all,

does enybody know how to make broadband with this router work on linux? I see linux for first time in my life, so dont know nothing about it. Sitting 2nd day trying to find smf, useless, if you know help please.
My pc connected to usb port, and my linux didnt detected nothing (i think so, im trying mandrake 10.1), tryied lan, detected card but not router. Im i missing smf, do i need drivers?

PS. Very helpfull site, i tryed and i enjoed:)

Tnx m8s.


cor - 29.03.05 5:32 pm

Hey doink, Linux should be a no-brainer. See the static IP page for how to setup the Linux box itself. Once you set the IP to 192.168.1.something, and gateway and DNS server address to 192.168.1.1, the Linux box will be connected, just like that!

If it's not happening, run through the checklist on the troubleshooter page. Let us know if you stick somewhere.

;o) Cor


Bael - 29.03.05 5:35 pm

lol well ive had this connection for about 2 weeks and ive already DLed loads of BT lol xD

Do you get some sort of warning when your running out lol??

Cus i must be getting close an i have another 2 weeks 2 goto till it starts again lol =P


glover - 29.03.05 5:41 pm

i with bt broadband got a bt voyager router and im trying to set up incoming tcp ports and incoming/outgoing udp packets, ive spoke to bt, they didnt help too much, was wondering if anyone had this same problem and could help me set the router up for the tcp and udp.. plz help my email is matglover2003@hotmail.com thnx


glover - 29.03.05 5:42 pm

i with bt broadband got a bt voyager router and im trying to set up incoming tcp ports and incoming/outgoing udp packets, ive spoke to bt, they didnt help too much, was wondering if anyone had this same problem and could help me set the router up for the tcp and udp.. plz help my email is matglover2003@hotmail.com thnx


uksparky - 29.03.05 7:09 pm

can you do me a fav please i am not a comp minded and programing is very hard

i wont to use p2p bittorrent but i am allways being not connected bt dont help in any way or form as to port forward thay are very un helpfull

please can you email me the commands to put into the router via telnet as to allow me to port forward.

many thanks

hair pulling will stop sooon :)

thanks


cor - 29.03.05 7:44 pm

Well, Bael, the limits haven't taken effect yet, but will do in May, from which time you'll be able to monitor you're usage at the BT site.

You will be sent email warnings at 75% and 90%, or something like that, plenty warning, anyway. Moral is; make the most of it while you can, like now!

Yeah. glover, pretty much everyone has the same problems, that's why we're here. Check out all the pages here, try the links at the very top, more than likely you're question, whatever it is, is already answered. If not, just ask!

Same for uksparky, it's the recipes page you need. have a look!

If anyone wants one-to-one personal email attention, simply drop a tenner in my PayPal account and then email me your FULL details; I'll get on it right away, Sir!

for now..

;o) Cor


Bael - 29.03.05 8:11 pm

lol i thought there must be something wrong with it lol, but they just hadn't started, cus after i made my above post, i checked how much stuff i'd actually got in my Bit Torrent downloads folder, and i had over 40GB of stuff in there that ive DLed lol xD so i thought BT was broke or something lol =P


tmdg - 30.03.05 1:14 am

I found to my dismay that the Solwise SAR110 firmware won't work in the 205.

Having said that loading the Solwise image doesn't total the 205 you just need to reload a BT version of the software.

Tom.


crusti - 30.03.05 1:25 am

AAAAAAAAARRRRRRRRRRRRRGGGGGGGGGGGHHHHHHHHHHHH!!!!!!!!!!
ive been thro your pages many times now and i still cant manage to get anything working.

im trying to host a game (hidden and dangerous2) and to make things simple i just want to open ports 11001-11020 udp and tcp

so i stealthed my router (v205) and used your firewall/port forwading examples with a few changes

eg
create ipf rule entry ruleid 11001 ifname public dir in act accept transprot eq tcp destport range 11001 11020 seclevel high medium low

create ipf rule entry ruleid 11001 ifname public dir in act accept transprot eq udp destport range 11001 11020 seclevel high medium low

create nat rule entry ruleid 11001 rdr lcladdrfrom 192.168.1.35 lcladdrto 192.168.1.35 destportfrom num 11001 destportto num 11001

so i run game and try to check ports with "Advanced port scanner" from www.radmin.com and it seems no ports are open

i have turned off my windows firewall (XP2) and set up static ip to 192.168.1.35

ive been to a few forums, and the more i look the more im confused ,,LOL

hope you can help me, im not bothered about getting game to host just yet, i just want to be able to open/forward a port succesfully

help me please, its doing my head in
crusti



uksparky - 30.03.05 10:25 am

if i had a tenner i pay you belive me i would.


i have not nor a paypal account

please can you do it for me as a fav 2 wks trying to sort this all i like to use is bit torrent and be connected..

please can you email me m8




barney - 30.03.05 10:49 am

Crusti

Looks to me as if you have only opened port 11001 in your
nat not 11001 to 11020?
Could be your problem?

best

barney


Prasad - 30.03.05 12:31 pm

Hi, help please.
Till yesterday it was fine with our BT Voyager 205 adsl router modem. From today morning we are unable to connect to internet. My pc is getting the ip 192.168.1.3, iam able to ping to the router (192.168.1.1). When I have gone to the troubleshoot webpage and run the diagnostic, it is passing in the first two steps. In the third step which is connection to exchange (did'nt remember the exact word) - is saying as FAILED.
In the home page also, the user name is defaulted, and i dont know the password. (need to give the password and press connect button).

Could anyone please help me in getting my net wroking please.

many thanks in advance.

Prasad.



cor - 30.03.05 12:44 pm

morning!

First, Crusti, barney is right. Your rules may have opened a range of ports, but you are forwarding only one port. (well spotted dude!)

uksparky, if you frame your question, tell us exactly what you are trying to do, exactly what you have done (include actual commands, like Crusti did, above) and exactly what errors you are getting, you'll get a solution back! Include details of private machine IP, ports you need, application/server you are trying to get working (you mentioned bittorrent in your last post, more details like that, please!), etc, etc, etc. more info is better, make it a great big post! don't worry about the web server, it can handle it! Without at least some basic information, NO ONE can help you.

Yeah Bael, keep your torenteering hat on! It will be a matter of weeks before the golden age of unlimited bandwidth ends, and there's so much good stuff out there..

Tell me tmdg, how did you resuscitate the unit? Did it accept a flash, or did you have to open it up? just curious.

Prasad, the default "voyager205.user@btbroadband.com" with empty password should work fine. Maybe your exchange has a temporary glitch. doesn't sound like a router fault. The advanced diagnostic test would serve you better.

Physically check all your cables. A mouse may have eaten through your modem cable (or something) Try power-cycling (switch off for as couple of minutes and switch back on) the router, and re-connect to BT.

If that doesn't work, get BT to test your line. Use this number.. 0845 6007030 which takes you directly to the department you want, even at 4am!

for now..

;o) Cor


Rudu - 30.03.05 4:10 pm

This guide is wicked but need a NAT recipe for LIME WIRE ANY SUGGESTIONS???


Scott - 30.03.05 5:45 pm

I need some help as im alot of troble. Im trying to configure my voyager 205 modem to forward port 80 to my server which is located on 192.168.1.4 so that i can host web sites. Im also trying to forward port 3389 (Windows Terminal services) to the same server. Everything i try isnt working and i dont know why!

I am also trying to forward port 21, as well as some of my own ports for MMS. I have followed everything on your site which i think is a great help, but i cant get the moedem to forward the ports.

I have run a special programme called network monitor on my server to pick out any anycoming HTTP traffic or 3389, and port 21 traffic but it shows nothing which means data is not getting to the server.

Please can you help...?

From Scott Walker


uksparky - 30.03.05 6:51 pm

well errr mmmmm eerrrr mmmmm *&^%%^^& up

create ipf rule entry ruleid 5 dir out act accept storestate enable seclevel high medium low
create ipf rule entry ruleid 500000 ifname public dir in act deny seclevel high medium low

create ipf rule entry ruleid 6881 ifname public dir in act accept destport range 6881 6899 transprot eq tcp seclevel high medium low

modify fwl global blistprotect enable attackprotect enable dosprotect enable

delete ipf rule entry ruleid 6881


create nat rule entry ruleid 100000 napt

create nat rule entry ruleid 6881 rdr prot num 6 lcladdrfrom 192.168.1.3 lcladdrto 192.168.1.3 destportfrom num 6881 destportto num 6889

firewall:
create ipf rule entry ruleid 6881 ifname public dir in act accept transprot eq tcp destport range 6881 6889 seclevel high medium low

nat:
create nat rule entry ruleid 6881 rdr lcladdrfrom 192.168.1.3 lcladdrto 192.168.1.3 destportfrom num 6881 destportto num 6889


errrrr vmmmmmmmmmmmm

just copied and pate in the commands i saw.


i no i am a laimo but i just wont to get port forwarding for use with bit torrent

many thanks





uksparky - 30.03.05 6:53 pm

email is uro2000@btinternet.com

many thanks


Bael - 30.03.05 9:25 pm

Rudu These are the rules i used for Limewire, though don't take my word for it lol :P I'm a n00b 2 smiley for :D


firewall:
create ipf rule entry ruleid 6346 ifname public dir in act accept transprot eq tcp destport eq num 6346 seclevel high medium low

nat:
create nat rule entry ruleid 6346 rdr lcladdrfrom 192.168.1.4 lcladdrto 192.168.1.4 destportfrom num 6346 destportto num 6346


But i have great dl speeds on LW so im guessin its right =D


crusti - 30.03.05 9:27 pm

Thanks Barney
my mistake, its right when i checked the "commitedconfig" file, its a typo in my explanation. "embarassed or what, should have used cut and paste"
any more suggestions, Thanks in advance

crusti

PS does turning off the (XP2)firewall in the settings really work, or does it just turn of the warnings and still block ports


crusti (again) - 30.03.05 10:21 pm

ive also used your P2P port probe test page, the result/error i get is

connexion timed out (probably stealthed)

i did do the stealth from the top of the page

create ipf rule entry ruleid 5 dir out act accept storestate enable seclevel high medium low
create ipf rule entry ruleid 500000 ifname public dir in act deny seclevel high medium low

so do i have to move my commands ??? if so how and where,, can i just edit "commitedcfg" and upload it back to router?

crusti



crusti (again) - 30.03.05 11:06 pm

also i got rule id numbers wrong, but they are also right in "commitedconfig"

i used your p2p port probe, and the error i get is

connexion timed out (probably stealthed)

do i need to move the rules?, i used telnet to put the rules in, can i just edit the config file and upload it back?

i could post commit file if you want, or is that just being silly

crusti



Ianw - 31.03.05 1:01 am

hi cor,

semi upto date on whats been happening, hard drive is back to where it should be maxtor sent a 250gb replacement for the 200gb one so i`m not complaining. changed name to ianw as i saw ian got nabbed, i`ll be in and out of here over the next two weeks as fatherinlaw has the big c and has been given 2 weeks so as you can imagine things here are a little heckit at mo.

barney, sorry i haven`t got back to you regarding the files you sent me but if i remember correctly from before my harddrive died, the network traffic was just self tests and loop backs which is perfectly normal (basically its a fail safe method of checking that the programs are doing what they are meant to be doing)

Ian smiley for :cool:


matanza - 31.03.05 1:14 am

Some VPN Success!

Using (Corz-Stealthed) 205 and VPN-1 SecureRemote (mine is configured for IKE not IPSec in the SecureRemote client settings found in the network control panel, the 205 does both I think amongst others).

It would seem that VPN pass-through config is default on the router, there are ALG settings for the common protocols, read this great site to find out how to display these settings.

Okay so a few minutes reading down the list of postings here paid off. I know the 205 can handle VPN pass-through, it says so on the tin. ANT's posting above, (search for "ant -") mentioned s/he had discovered that the network being connected to had a device on it with the IP address 192.168.1.1 as such when trying to register (?) the 205's ip address it get's a conflict and doesn't issue a warning, the connection just times out. The solution is to change the base IP address range that the router assigns IP addresses from.

The first thing to do is create a new address pool from which to assign addresses to devices attached to your home network. This is possible via the 205's "Advanced/IP Addressing" page and selecting the "DHCP Server" tab. Make a note of the current settings and create a new pool, repacing the third number in the ip address sequence to whatever you want to use. (e.g. 192.186.1.1 becomes 192.168.50.1) and so on. Copy the sequence for the existing pool therefore start is 192.168.50.3 and finish is 192.168.50.34 (if you have more than 30 devices on your network, set this limit higher), the gateway address should be 192.168.50.1 and the Netmask is 255.255.255.0. These are the minimum config options.

So you'll end up with a new pool like this:

Start Finish Gateway Status
192.168.50.3 192.168.50.34 192.168.50.1 Enabled

Then disbable the default address pool using the edit/pencil icon at the end of it's listing.

Go back to the "IP Address" tab and change the "LAN IP Address" to 192.168.50.1

you'll get a warning about not being able to reach the new address if you don't have a route. Submit the changes and wait, it takes a while to bring you back to the new page. Eventually you will get the admin page back with the new setting in the "LAN IP Address" fields, click save or you will lose your new settings if you have to rebot the 205.

Once I had made this change, I logged into my VPN with no problem at all. This problem is a prime example of why you should change the default IP address of our network equipment when installing it.

I hope this helps. This site certainly did me.

Matt




prv.joker - 31.03.05 11:30 am

Please can anyone help with :Telnet

For the last 2 days,when i run telnet i get a blank cli with no user name/password prompt, and if i try to type anything it closes

Can anyone tell me why this has started,


Scott Walker - 31.03.05 1:58 pm

When you open telnet you need to connect to the modem with the following command,

Asuming that the default gateway is still set to 192.168.1.1 you need to type o 192.168.1.1 which will connect you to the modem. It will then promt you for your username 'admin' and you password. The password will not show up as you type.

Does this help?

From Scott


prv.joker - 31.03.05 4:09 pm

No sorry Scott, when this happens as soon as you type the CLI closes...?


cor - 31.03.05 5:36 pm

/me shakes birthday celebrations from head.. "omg! can't leave this page for a minute!" smiley for :eek:

In no particular order (cuz I'm still a bit hungover) ..

Rudu, that reminds me, I'll need to add a gnutella rule to the recipes page! (thanks Bael)

prv.joker, reboot your router. this has happened to me once. that was the cure!

matanza, matt, good work! there's definitely enough info here for someone to get their VPN working. I'll likely mash it all together and drop it somewhere more visible. thanks again.

Scott Walker, I was going to scan your box, but it looks like you are giong through a proxy. no worries.

My first thought is "did he run through the checklist?". You need to go eliminate any "obvious" things (I put that in quotes, because they are only obvious once you know about them!) static IP, no other firewalls, etc. Seer the troubleshooting page, and tick everything! If it's not something on the list, get back here and we'll dig deeper. Everything you are trying to do has been done before, so it's likely something minor, XP firewall perhaps.

uksparky, getting there dude! lots of questions, like is "192.168.1.3" actually the IP of your private machine? Did you go through the troubleshooter checklist? The rules look okay, so it's likely something else. Do the checklist, one-by-one, and also consider altering your BitTorrent port to something (much) higher.

crusti, yeah, turning off the firewall in the settings turns it OFF. But if you want to make extra sure, you could disable the service altogether. It definitely sounds like you have a firewall running somewhere.

Sure, you can upload an edited cfg file, but only after you've gotten the rules to work the regular way. uploading a non-functioning cfg would be a Very Bad Idea!

hey ian(w), no hurry man! I got another Maxtor here waiting to go back, just figuring out the threatening legal letter as we speak!

apologies if I missed something, in a bit of a time-crunch today!

for now..

;o) Cor

ps.. as well as the usual advice of RUN THROUGH THE TROUBLESHOOTER CHECKLIST! I would also advise that when you post here, DO NOT use a proxy, and DO NOT reboot your router (if possible) until you've had a reply, that way I can run some tests on your IP, which may or may not be useful.


crusti - 31.03.05 6:56 pm

hello again
im still trying, still no joy using Advanced port scanner.

Also i have just looked at 192.168.1.1 Advanced/Security/IP filter/custom and there are 38 rules on the page???

do i need all of these? i could copy and send if anybody wants to see them, i dont want to remove them without knowing what they all do

the stealth rules near the top of this page, do they have to be at the start of rules, or one at the start, and one at the end???


cheers crusti



uksparky - 31.03.05 7:04 pm

ok still getting

Error (port 68...

iam stealthed

useing azureus bit torrent now just cant get any ports to port forward all of them are red

azureus bit torrent cant connect do a port test and all i get is

testing port 6883

then i get
NAT error

on any of my ports

please help

many thanks uksparky




uksparky - 31.03.05 7:07 pm

Error (Port 6881 is blacklisted, use another port (0.00018 seconds))


(a range within the region 49152 through 65535 is preferable


testing port 49512

then i get
NAT error



Scott Walker - 31.03.05 7:14 pm

Cor,

Thanks for yor help,

I have run throught the checklist. I am not trying to forward the ports to a windows xp machine but to a windows server 2003 machine. I have no windows firewall running or anyother antivirus programes. I have turned off the external wan access to the modems webpage and still cant get the port forwarded. I have a dynamic ip acddress thats why i use my host name publictransfer.no-ip.org which resolves to my address.

I am getting desprate and my mum and brothers are going mad as the internet connection sometimes slows right down.

I am going to go back to my prvious modem if i cant get this one sorted.

Thanks Again

From Scott


Scott - 31.03.05 7:16 pm

i dont run through a proxy either


uksparky - 31.03.05 7:16 pm

hoot now i am getting tracker status OK

whoot

have i done it ?



uksparky - 31.03.05 8:11 pm

now i am getting connection error :(

testing port 6883

then i get
NAT error

on any of my ports

testing port 49512

then i get
NAT error






joka - 31.03.05 9:33 pm

hello,
read through all your comments(seriously), still cant open ports, here in thailand with xavix8124r, think the telecom hacked the firmware and wanna flash. do you have a step by step tutorial somewhere?


prv.joker - 01.04.05 2:01 am

Thanks reboot worked


cor - 01.04.05 9:49 am

Scott, When I access your domain, I get a IIS under construction page. Is that you? I have to ask; why did you stop using the old modem? email me your exported configuration file and I'll have a wee look.

crusti, please read all the pages here, more slowly. You would know the answer to your question. (this page and stealth page, too)

joka, for firmware stuff, check the public archives (link above the comments here) The recipes page has the port-forwarding instructions; the other pages (links at very top) are worth a read, too.

aye, prv.joker , that usually sorts out most things. I've noticed this occasionally when I have multiple telnet sessions open with the router. It won't let you login again until you close one of the others. rebooting anything is a bummer, but c'est la vie..

;o) Cor


uksparky - 01.04.05 11:31 am

can i email my configuration file to you to look at i can connect to any torrents now says unable to port forward connection refused.

please help


many thanks


cor - 01.04.05 12:00 pm

sure

;o) Cor


Ian(w) - 01.04.05 8:03 pm

cor

which version of the firmware are you running the bt one or the globespan one with imported bt config

Iansmiley for :cool:


crusti - 01.04.05 10:48 pm

HI
maybe i should have explaned myself better, if i delete the other rules then nothing works (msn,Yim, browser)
and i have read and reread the stealth, main and troubleshooting again and again

but the only response i get from p2p portprobe is
connexion timed out (probably stealthed)

maybe im just getting to old for this sort of thing, the more i read about this router and the more i try to open a port, the more confused i get. LOL
so i need to prove that i can open a port, if not then i just dont understand what im reading anymore,,,,, help me please
i have change the pc`s ip to 192.168.1.35
i am turning off the blacklist protection and windows firewall, and starting game before i try p2p, is there anything you can think of as im trying everything that i have read

crusti




barney - 02.04.05 11:26 am

crusti

Are you connected by ethernet?


best

barney


jimmyjojojr - 03.04.05 12:04 am

anyone give me a hand to allow windows media encoderto allow me to stream. i am connect via ethernet and have tried everyhting but no-one is able to connect.i also have another problem when trying to host game servers such a counter strike, and in a simmilar problem iwhen i try to acess many online games i get latency's of about 40 then when i try to connect it shoots u to 2000. please can someone help me i know there are a lot of problems but thanks for any help.


Eric - 03.04.05 5:18 am

here we 4 sharing internet, funny thing is when we all downloading, (all p2p app)the router modem randomly disconnected, then back to normal, few min later, again, disconnect, whats wrong with it, we can download same time or problem with adsl router modem


crusti - 03.04.05 4:03 pm

Hi guys
Barney, i am using ethernet
but im going to reformat HD/reinstall windows
this time im NOT going to install BT software,
and i will have to open all the ports on game for to start communicating, so i will try some software first that only needs 1 or 2 ports to work,

thanks for your pactience with me
crusti




Scott - 03.04.05 9:01 pm

Cor,

Sorry i will get round to e-mailing the config file to you but at the moment i am very busy starting to publish web sites. I didnt think i could get it to work with the old router but i was rong and now im flying.

Cheers

From Scott Walker


Jon - 04.04.05 1:10 am

I am stealthed, have followed all of the instructions on the 205 page and thanks to you have managed to get emule back to its cheerful double green arrowed self.

However, specific game (Dawn Of War, newish RTS by Relic), is still having major problems, cannot host games (that are joinable) despite forwarding port 6112 (which the game readme details as required)as well as all the ports gamespy requires, and am still having big probs joining games with more then 2 people already in them (can't connect to the game). Help?


Ditch - 04.04.05 7:12 am

Hi

I have good through your advice about opening ports, but when I use your p2p probe it only says success for one port which is port 80. This is a list of ports I have opened

TCP ports:
80, 6667, 28910, 29900, 29920

UDP ports:
4321, 27900

All I want is to play Command & Conquer on line, why is this so hard to do


cor - 04.04.05 1:48 pm

I'm running the BT standard v1.6 firmware (the one before they removed and replaced it) which I presume is the same as the current v1.6 firmware, though I haven't verified this. Works great. What are you running Ian(w)?

The firmware I'm using is the one available in the public archive.

jimmyjojojr, dude, these questions are simply to generic to work with. If nothing is working, then clearly something fundamental is wonky. go through the toubleshooter list and ensure everything on it is AOK, then get back here with specific errors. really, that's the best way.

Eric, it just sounds like you're overloading the 205's IP session table. I presume you applied the max IP session tweak, but that still won't get you enough sessions to run "many" p2p apps simultaneously. Not in their default state, anyway.

crusti, looking forward to working with your BT Driver-FREE system! (I should probably add that to the torubleshooter checklist! .. Remove BT Drivers!)

Scott, I get similar feeback from others, after soaking themselves in these pages for a while, they were able to setup other routers and modems. This was always an intention of mine.

Jon, congratulations on the port-forwarding. Next, it sounds like you need to tweak the time-out settings a bit. I would also google around for (name of game) ports and ensure you haven't missed any. I've seen umpteen so-called "ports lists" which were woefully incomplete. Also always open UDP AND TCP for each port, many manuals don't specify this, even though the game needs it.

Ditch, getting a success result for only port 80 doesn't necessarily mean failure. Although an app may use many ports, it will initially be listening to only one, or maybe two of those ports for the initial connnexion.

After that it's the usual story of running through the checklist, checking for firewalls, tweaking the timeouts, etc. play the game and tell us exactly what fails.

for now..

;o) Cor



Mickey - 04.04.05 8:32 pm

Hi Cor ur page rocks, althought im having a little trouble. Im running bit torrent and its yellow lighted and goin painfully slow.
Ive done the recipes for the ports, nat and firewall rules, i followed the steath recipe and i have a static ip - 192.168.1.3 I adjusted the rules to suit my ip address and stuff but downloads still painfuly low. im not sure how to work your port scanner either so cant tell whats wrong. Also i use xbox live and so made a few rules for it, the xbox's ip is: 192.168.1.35 i hope this doesnt interfear.
Last but not least, firewalls, my pc doesnt have one, my router firewall is at high and u said something about netbi0s firewall? well im not sure wat that is how to disable :S ALL HELP IS MUCHLY APRECIATED. Thank you.


cor - 04.04.05 9:41 pm

Mickey, the IP's should be fine, I'm assuming you have disabled DHCP on the router (always smart).

The other possible firewall is a BIOS firewall (NetBIOS is something else), and that can be accessed from the BIOS setup screens you get when the peecee first boots (by holding down F10, or delete, or whatever). Not all motherboards have a BIOS firewall, but some do.

As For BitTorrent, have you tried a few different torrents? Preferably something with LOTS of seeds, as a test. Even correctly setup clients can get slow torrents, and yellow lights. If you get it all the time, for lots of different torrents, then you definitely have a problem. Also I recommend NOT using ports 6881-6890 for BT.

As for the port probe, simply enter whatever port you are using for your torrents (If you are using azureus, enter whatever port you've set in the connection preferences.) and the probe will attempt to connect to you on that same port. Ensure you have a torrent running when you run the test.

Lastly, for now, did you run through the checklist at the bottom of the troubleshooter page?

;o) Cor


Jon - 04.04.05 10:30 pm

Its me again, I've run several port testers and basically everything is closed, connection refused. Even ports which i have specifically opened using the command lines you gave are stubbornly refusing connections. Any ideas?


Sylver123 - 04.04.05 11:04 pm

Hi Cor, Very nice site you have here smiley for :cool:
I want to make my own ftp server but dont know how to setup my Voyager 205 Router for this, Cor is it ok if i e-mail you my config file?

Thanks

Sylver123





Alix - 05.04.05 12:56 am

Hi
I have a speedtouch 580i router. I am trying to configure it to pass a VPN thru to my PC. I have managed to set port forwarding but have been advised to also forward protocol 47 for PPTP pass thru. I have no idea how to do this. Can you please help me or do you know of anyone that can?
Regards
Alix


Jack - 05.04.05 3:26 pm

WOW excelent site. My 205 was working great with all this info it was the perfect setup. But i have recenty uprgraded my PC and have lost the disk with the USB drivers/software, i would be very gratefull if you could emai/post them to me. Many Thanks


cor - 05.04.05 5:41 pm

thankyouthankyouthankyou!

Sylver123 check out the new section in the recipes page; setting up an FTP server. TADA!

Alix, VPN should pretty much "just work". there are ALG rules in place to allow regular pass-thru. But then, that's the 205. What you need is on the recipes page (check the generic rules), though how they translate to your device, I dunno. Do you have a manual, with the command sysntax? For the 205 you would simply replace "rdr", for "pass", and remove the target IP part of the command.

Jack, I don't recommend using USB, and have subsequently snapped and ritually burned my BT install CD. But you can pick up the drivers here. Have fun! And DO consider using ethernet!

Jon, I'm running out of ideas dude! You got eMule working, yeah? Seems strange that other ports wouldn't work. I just scanned you, and I can't see any open ports on your router, not from this side (assuming you are still at the IP you posted with, if not; sorree other person! hehe). Is eMule still working? Anyway, I'd run through the checklist again, just in case.

for now..

;o) Cor


Sylver123 - 05.04.05 5:56 pm

cor, Thank you smiley for :cool: Will post a comment if i need any more help.


prv.joker - 05.04.05 6:02 pm

Me again,,,can u help with telnet?

After loging in admin ok
Password ok
succsess
AND YES I HAVE CANGED IT from admin:works fine

if i try to copy paste a nat rule i only get the first letter c
in cmd: window
and then ti freezes?
I have to close it by clicking X
then i login again and still happens every time

If i type rule word for word it says unknown command create?
What am i doing wrong?
i have used a number of your ipf rules no worres
but nat rules are giving me hell, ive worked all night,and trying to sort this out ALL DAY AHHHHH! i need sleep zzzz lol please help


Mickey - 05.04.05 6:30 pm

Hi Cor, me again lol. Yup turned of DHCP mode and also deleted a DHCP rule or something lol. Althought im running windows ME and so when i tried to do the static ip thing i ddi it slightly differently seemed alrite tho :S i scanned the ports while using a torrent (stillll yellow lol and has been) and i got "no route to host" and "connexion timed out" only thing left is that firewall which im gona try but first can u suggest some ports for bit torrent other than 6881-6889 and if so mabey ones that are already open lol?. Mabey its jus me cus i nvr have any luck with Pcs :'( Thx for the help.


uksparky - 05.04.05 8:34 pm


*******************
Welcome to Viking
*******************

GlobespanVirata Inc., Software Release V1.1
Copyright (c) 2001-2003 by GlobespanVirata, Inc.

login: admin
password:
Login Successful
changed the password at this point did not wont that easy 1 :)

did create ipf rule entry ruleid 5 dir out act accept storestate enable seclevel high medium low
create ipf rule entry ruleid 500000 ifname public dir in act deny seclevel high medium low

then did

create ipf rule entry ruleid 6881 ifname public dir in act accept destport range 6881 6899 transprot eq tcp seclevel high medium low


then did

modify fwl global blistprotect enable attackprotect enable dosprotect enable


then did

create nat rule entry ruleid 100000 napt

then did

but its still not port forwarding and i am shown as not connected with bittorrent :(

what else can i do please

uksparky


uksparky - 05.04.05 9:15 pm

ip its a ip thing can you email me the setting or a range as to set up the static ip i know i am asking a lot but hey been trying 2 wks to get it there

thanks m8





Jack - 06.04.05 12:04 am

thank you so much got it all set up again now but am going to take your advice and get me a cheap switch, many thanks


Jon - 06.04.05 1:45 am

Still at the same IP as when i last posted, after repetaedly using your port probe, everything either times out or is refused. I tried another port probing software and it basically showed up everything as either stealthed or closed.

I have checked my list of NAT rules, they are all there, all directing to this IP.

Emule works just fine, WinMX is also perfecvtly functional.

Uh...hmmmm.

Any last ideas? I tried phoning BT Tech support, the first guy after having my problem described to him said he would just go and talk to a specialist and put me on hold for a minute. After 45minutes on hold I hung up.

the second told me to phone Voyager...and has given me a dead number. WONDERFUL!


matanza - 06.04.05 2:17 am

Anyone got a working recipe for ssh (22)? I can't get the damned thing to unstealth from teh two golden rules... I want to restrict ssh access to only be allowed from one external address and set up port forwarding to one machine on my lan. Any help appreciated.

I tried the generic port recipes but it didn't work probably, something simple, most likely me...

Cheers




Tynee - 06.04.05 2:17 am

Hi Cor,

Fabulous site, and thanks for sharing.

I have a 205 router, and have stealthed it, and protected it as suggested on your page.

After creaing the 2 rules for the TCP and UDP port....and having eDonkey2000 connect initially....I notice that after about 30 seconds...my internet connection is lost until I quit eDonkey2000. This means that even trying to browse the internet fails. Its as if someone has pulled the plug on my internet.

I did the port probe, and see that i have set up the port forwarding correctly.

I wonder if you might be able to help me out?

Tynee




Pseudopath - 06.04.05 2:52 am

If any one has successfully established a PPTP VPN through a BT Voyager 205 I would be grateful if you would let me know the firewall/NAT rules you used?
Thanks.


crusti - 06.04.05 3:23 am

you should add another golden rule
!!! if youre on this page then the new golden rules is NOT to phone BT !!!!

if fact it should come with the package on a little golden card, dont waste time with them, i had hours on hold, or "just putting you thro to the experts" and then cut off
crusti



JamesO - 06.04.05 3:23 am

Hi Cor, just me sitting here on the back burner...sob..sob...lol
I received the new Medatrix 2102 SIP VoIP Voice converter. It works sometimes but calls cannot be received. The 205 assigned it 192.168.1.6 The provider tried to check it from their end but said ports 162 and 161 were blocked by the 205. They suggested I try bridging the 205 , but it did no good. I rest the 205 to factory default again then I have shut off security and intrusion protection, and even deleted all the rules. Still its very intermitient. The puters all work fine coming out the converter, into the wireless/ router so pass through is fine.

So please... how might I set up the 205 as pass through / modem only, as we discussed? or how might I open the ports or bridge this converter properly?

Cheers

Jas



Stephen - 06.04.05 9:55 am

well i'm having probs i trying to run multiplayer server with dungeonsiege but it dont seem to see my main wan ip only 192.168.1.3 i added all the ports to forward and created all the firewall rules still dont work even every port using your port probe says connection refused on all ports even port 80 any ideas


cor - 06.04.05 5:08 pm

yikes!

okay, prv.joker, that's strange! Have you tried a different client? Like Putty, or something. Also, is your firmware up to date? If not, upgrade it! Also, get your connexion fairly quiet before trying again, I mean don't connect when you have loads of P2P stuff going on at the same time. We're assuming NAT is enabled, here..

modify nat global enable

Mickey, check out the Azzy recipe on the recipes page, and use THAT port. Azureus really is the finest BT client out there, and using one single port for everything is a real boon. and YES, disable the firewall, disable them ALL. The 205 will be your gateway firewall. that's the best place for it!

uksparky, have you deleted ALL the other rules? There should only be the two "stealth rules" the first rule doesn't provide stealth, quite the opposite, but it's convenient to call them "the two stealth rules"! Delete them ALL! Run through the pages (static IP page, stealth page, etc, links at the very top) and get the router back to basics. THEN start to add the port forwarding stuff.

Jack, my ethernet switch was probably my greatest ever hardware purchase; a friend for life!

Jon, "times out or is refused" is two totally different results. The first means stealth, it means you don't even have a firewall rule (IPF) in place. The second means you DO, but some computer is blocking the connexion, that includes the computer living inside the 205.

Send me your exported config (SAVE first) and I'll have a look (remind me of your objective, too!)

matanza, the generic recipes (adapted for port 22) should work fine. I just probed you on port 22, and it NOT stealthed, simply refused, so either your NAT rule is incorrect, or the puter running the ssh server isn't accepting connexions (or ssh isn't running)

Thanks Tynee, it sounds like you have maxed out your IP session table, that's just my first thought. Ensure you have applied the Max IP Session tweak, and check your prefs inside eDonkey. I'm not familiar with it, but eMule (which accesses same ED2K network, and more) has something called "KAD" which almost instantly achieves the same result, disabling the KAD network fixes it.

See if there's some way to limit the application's total connexions. Also ensure you aren't going above 80% upload capacity (which equates to roughly 25kb/s for a BT line). This will kill your connexions, too.

Pseudopath load this page with all the comments. I know there's a lot (hope you got a capable browser!), but a quick search for "vpn" will yield possibly useful results.

crusti, I feel for ya dude! mail me your config (save first (advanced pages) or "commit" from a telnet session before exporting the config), remind me exactly what you're trying to do, and I'll see if I can track down your problems. I can mail you back an "improved" version, which you can upload to the router.

JamesO, I remember looking into this, didn't I mail you some commmands to try? Any joy with those? The NAT global command (above) but with "disable" would be choice, too.

Another possibility is to create one BIG NAT rule to simply redirect everything to the next router in line, but then we have the IP Session table unnecessarily limiting your LAN. Let me know about the commands. We could even get together and try a few things out. it *should* be doable, but the documentation is scant, to say the least.

Stephen, I just probed your port 80... success!!!

for now..

;o) Cor




crusti - 06.04.05 7:03 pm

the rant about BT was a warning to others, i gave up with them months ago, im have given up trying to open a port for the moment
first i have some backingup to do, then i will try again after a format/reinstall

Another warining, is NOT to upgrade your browsers, each time you log in - it will Download shit you dont need, and extra pages on tabs, using up your precious data LIMITS, (the robbing bastards) so dont do it folks
stick to your basic 'internet explorer' and 'outlook express' or what ever you choose

i could moan for england about the run around BT gave me, they told me i could host anything i wanted when i joined, so after a few months of asking for help (to try and host a game) with no results, just a simple email telling me the admin/admin password asked for my money back and they said it possible to host but BT dont support it, so now im stuck with them untill october :(

crusti



barney - 06.04.05 7:07 pm

crusti

good rant that one man!!


barney


g bonehil - 06.04.05 11:40 pm

hi first time postin, site very helpfull but could anyone tell me how to open port 6665 on my voyager 205 so i can play pro evo soccer online
thanx g bonehil


cor - 07.04.05 2:54 am

Yeah guys, you're dead right, BT technical support sucks big-time.

I've noticed, over the years, requests and "suggestions" that can obviously and instantly improve the bottom-line are adopted fairly quickly (like, what about "pay for broadband with your phone bill" - payment of which you can protected by threat of disconnexion, under one year), but vauge ideals like "satisfied customers" seem to fall on deaf ears (what about a "pre-recorded helpline of common solutions" - eh?)

They need to invest in capable staff or else suffer large when uk broadband market becomes saturated and connected folk start to think about "migration".

g bonehil, check out the generic rules on the recipes page (links at very top of this page), replacing the port number and IP with whatever you need.

shit, is that the time?

;o) Cor


Looking for a power adapter - 07.04.05 10:48 am

Hi,
What a great set of documentation.

My problem at the moment is that I have lost the power adapter for my BT Voyager 205, (sob)

Can anyone point me in a likely direction. I have tried BT's website. It's obsolete as far as they are concerned.

Thank for your help.

Andrew.


naruto - 07.04.05 11:04 am

exellent reading but im not that clever to follow it to the word but im working on it.thanks.....ps.do you do house calls lol



cor - 07.04.05 11:58 am

hey Andrew, any standard 7.5V (@ 1AMP ie 7.5VA -ish) DC adaptor will do the trick. I often see those multi-adaptors for around a fiver, that would work fine.

naruto , that all depends where your house is!

;o) Cor

ps.. correction, it's 16V @ 1A (16VA) (but something close enough would be okay)


JamesO - 07.04.05 12:59 pm

Hi Cor,
Thanks for your reply! Yes I tried enable bridging, it makes no difference how 205 help docs say:

"If you enable bridging on an interface that has already been assigned an IP address, then it is considered IP-enabled and will route (rather than bridge) IP packets received on the interface. The interface will bridge non-IP data it receives, however."

I tried disabling the global NAT, and I loose the internet connection to the puters. I guess we need a way of just getting the damn 205 to act as moden only, f the rest! I remember reading somewhere that there are unresolved issues with the 205 and BT Communicator. I imagine the issues are the same as both are SIP VoIP.
I wish I just go out and find an ASDL ethernet modem only that works with PPPoA, all the modems only are USB junk. The only reason I went with BT is that they provided a Etherner Modem...."DOH!"

Live and learn...

Drop me an email M8,




steven - 07.04.05 2:02 pm

Hi Folks

Excellent site loads of info for the router. plenty of tips that you don't get from the offical sources.

Any ideas how to get VPN working on the 205?
is it bst to conenct via USB or Ethernet to the router for this?

Have fun
Steven


JamesO - 07.04.05 3:33 pm

Voyager 205 Firmware update ver 1.6 download.
http://www.voyager.bt.com/205/btbroadband/firmware_update.htm


JamesO - 07.04.05 5:57 pm

Yo Cor,

Just got a shocker the VoIP tech who is trying to help sort this from Canada just phoned me to say he logged into my router! In the configuration mgr, security, IP FILTER is OFF, INTRUSION CONTROL is OFF, but MGT CONTROL is not activated for any IP and there are no ticks for WAN access only WAN!

When I turned the IP FILTER to MEDIUM he was cut off and could no longer log in. So leaving the IP filter off seems to leave the 205 WFO!!!

BTW I used your generic recipe to open TCP/UDP port 5060 (SIP) and UDP 5000-5004 and forwarded these to 192.168.1.6 (DVC) Shields up says 5060 is now open but 5000-5004 are not and either "closed" or "stealthed". Any suggestions?

Also seems rules only work when IP filter is enabled. Otherwise port are closed.


cor - 07.04.05 4:43 pm

yeah, JamesO, that's what I mean by "perhaps they wanted to drop in sometime", meaning BT. As for the ports, remember, you'll only get open (success!!) if you have a listening server on the probed port, otherwise you'll get closed. Also, I note that it is UDP, very few online probes will do UDP testing. There are a couple, worth a google.

As for the bridging, it's true, we only want to be dealing with Layer 2 traffic (or is it layer one, damn! I knew I should have never read that bloody Cisco manual!). Have you tried creating your ethernet interface without an IP address?

Hmm, I wonder, is zipb mode any use? The reference manual (P.50) says..

Advantages of the ZIPB mode.
Configuring the modem in the ZIPB mode:
  • does not require you to install any software on subscriber PCs
  • does not require you to run NAT on the modem
  • allows you to manage modem for both LAN and WAN sides, because the modem has an IP address on both LAN as well as WAN interfaces.
  • allows you to run Firewall/filtering feature on the modem.
  • allows you to use bandwidth efficient PPPoA, on the modem’s WAN interface.

Looks useful. There's certainly a lot of stuff in the manual about bridging, but mostly seems to apply to non-PPPoA setups. I can't really test any of it, though, so we'll have to suck-it-and-see!

steven, load this page with all the comments. I know there's a lot (hope you got a capable browser!), but a quick search for "vpn" will yield possibly useful results. <- copied from my post, up the page a bit. Your right about one thing, this is definitely the unofficial viking chipset page!

for now..

;o) Cor

ps.. the BT firmware page link is in the "Useful Links.." section, above these comments!


Jack - 07.04.05 7:37 pm

me again, just a quick question. Is there any way within the router itself or with a application to measure the amount i download from the internet? The reason i ask is that i am think about changing my ISP at the moment i pay £20 a month for 512k speed, unlimited broadband. But for the same price i have seen 2 gig broadband BUT with a 15 gig download limit. So i am hopeing that i can measure how much i download a month and therefore see if it would be cost effective to change ISP's.
thanks


cor - 07.04.05 8:09 pm

sure, just login to the main front page at http://192.168.1.1 and you can see your totals, in bytes! (rebooting the router will reset the totals, I think, perhaps even reconnecting to BT, I haven't really paid attention to the numbers. I'll check next time I reboot/disconnect)

If you run *nix machines, perhaps you could install darkstat (or something similar) on the machines and gather totals there. There's bound to similar things for windows.

For what it's worth, I'd rather have the 512kb/xGB than the 2MB/15GB deal. 512kb/s is a tad slow for certain occasional things (one user streaming video will eat the lot), but 15GB is always gonna be too small, at least for me. It depends on how you use the internet. 2MB is nice, but I know I'm gonna feel it when my 30GB/mo comes into effect in a few weeks.

BT will have a page on which you can check your usage, you will be expected to believe this page. Also, copious email reminders will litter your inbox, sort of a countdown.

My ideal broadband package would have 1MB/s down, 512kb/s up, and 50GB/month quota. I wonder if BT are reading today..   smiley for :ken:   of course, a year later, I'd expect 25% more of everything, and cheaper, too!

;o) Cor



cor - 07.04.05 8:25 pm

perhaps useful..
http://www.bt.com/broadbandusage/

;o) Cor


Jack - 07.04.05 8:42 pm

thanks aot great help i think i am going to measure my usage for one month and then decide. (Sorry for mulitple posts, didnt know that hitting the refresh button done that)


Brian - 08.04.05 8:56 am

Hi,

Your pages a great help, but the feckin 205 beastie has to be powered down then back up before it establishes a connection. I have set the various DNS settings, stealth rules, Static IP address (only one machine) etc, but, although it maintains a connection - which was the original hassle I was having - I still can't connect without powering down/up.
Any ideas?

brian


Jon - 08.04.05 11:13 am

Cor, exactly how do I send my config file to you? (email address pls?)


cor - 08.04.05 11:45 am

Brian, assuming you are connected with ethernet, this is very unusual. we'll need more information. I suggest opening a telnet session with the router, and leaving it open. report back what errors you get. I'd be interested in looking at your config file, too.

Jon, my email address? Just click my smiley on any of the pages on-site. tada! (sometimes it's my smiley, sometimes it's my name underneath) you can also click my big smiley in the toolbar (top-right) to get my contact page, which has LOADS of ways of getting $hit to me.

;o) Cor

ps.. if you look at the source code for any of my pages, you'll see that my email address is "mashed", which prevents me getting spammed, which is why I don't just drop it here in the body text.


Brian Noad - 08.04.05 2:53 pm

Thanks cor,
I will do this and post over the weekend.
Further info is that YES I do have an ethernet connection. When I fire up the machine, and after XPSP2 gets itself organised, I see an open Ethernet connection.
When I access the Internet, thru my own account (Admin priv)I get a 'sod off, can't view this page offline...' screen. Once I have powered the router down then back up, I can connect without hassle, and stay on-line.
My machine is not on a domain - I only have other users on the same machine connecting. If I log on as another user and try to get an Internet connection BEFORE logging on as myself it will not let me/that user connect, BUT if I log on as another user AFTER having connected thru my own account, it's fine. (other users are both admin priv too). Feckin computers (PS I work in IT!!)


Jonas - 08.04.05 4:42 pm

BT Openworld are scanning your connection with this very Router that they provide...and killing your internet connection, as soon as you connect to any p2p app.
They are getting smarter....but not that smart.



Jack - 08.04.05 5:11 pm

Im finay going to order my switch now, im just going to pick one up off ebay seen one on ebay exactly the same as yours. Would you recommend it?


JamesO - 08.04.05 5:27 pm

Hi Cor, So basically the Security MGT control means nothing if WAN access to the 205 is wide open! Any this rather urgent, after upgrading to Ver1.6 I cannot telnet the 205. I can enter the user, but it does accept any keyboard input for the password. I even rest to default config.

1) Any solutions?

VoIP techs were trying to recreate a new entry on NAT/Virtual Server DMZ to forward very packet to port 5060/udp to your DVC IP 192.168.1.3, they could not do it properly from their end.

2) If I can get in by telnet, Can you create a recipe for me to do this?

RE Bridging:

It seems I cannot kill the LAN IP for the bridge mode on eth-0 because that is for 192.168.1.1 the 205 itself.


3) ZIPB mode where do I try this?

Looking forward to sorting this?


Cheers tech dude

JAmes












Uncle Bob - 09.04.05 12:46 am

HELP!!! I followed your hacking advice and updated my router's security settings etc. Now I cannot sync my iPAQ with Avantgo (sync.avantgo.com port 80). How do I allow that on the firewall or whatever?


cor - 09.04.05 1:16 am

brian, my first hunch is that WinXP is doing something funky with the UPnP, and messing it up. Disable the UPnP service in Windows, both of them. And did I mention my handy troubleshooting checklist? Probably.

The internet connexion on the voyager, when using ethernet at least, works independently of any computer, even with all my computers switched off, my internet is still there! A switch box helps with this, and yes, Jack, I recommend my unit, but of course I would, it's been absolutely solid since I plugged it in about three years ago, working hard ever since.

Fort the record; My switch box is a Chinese-made "NWay" 5-Port Switch I got for £20, back when such things were £40 (now they are £10!) It's got all the usual clever internals, automatic cable detection, back-pressure flow control, auto-negotiation and all that jazz, and came in a completely recyclable "egg-box" carton (No Polystyrene!) which endeared me to the unit immediately. Previous to this, I'd been messing about with null cables and living in networking hell. Plugging it in literally changed my life. Money well spent. It even came with a wee printed manual! Ahhh...

It sounds like your XP internet settings need help, Brian, I'd recommend a nice static IP, and exactly duplicate those settings for each and every user's desktop. It sounds like the admin account is okay, so use that as a base. Ensure DHCP is OFF on the router, too.

Jonas, that's at least partly consipiracy theory. The router itself has certain limits, yes, but it's not responding to P2P in particular, just volumes of data, the number of connexions. BT might want to drop in, yes. BT might want to implement certain traffic-shaping measures upstream in their own routers, but our lowly 205's are just doing what they are told, preferably, told by us, which is why we are here.

BT can't stop P2P, no one can (the proof), but it's within their rights to try and lessen the impact on other users of their network, we can simply switch ISP if we don't agree. BitTorrent seems to the most elusive P2P app, hardest to find and block, by the way. A tracker can be created, a torrent swarmed, and completed, vanished before anyone has a clue what happened. Back to business..

JamesO, yikes! Is that the firmware from my archives? I had no such problems. You may want to attempt to upload a nice clean cfg file to the router (it reboots immediately on upload) I might put together a selection of these, sort of; "basic setup + WinMX", or whatever, with all the important stuff already done! You may also want to consider re-flashing the 1.6 firmware.

For pure bridging, in theory, the eth-0 can be created without an IP, but like you say, that means you couldn't reach it there from the LAN, but if you ever needed in, you could always plug (GASP!) a USB cable in and reach it from there.

I'm uploading (right now) an updated technical reference manual. It's quite large (4.4MB), but if you have the updated firmware, it's worth a look, there's lots of info about ZipB mode, for starters. In the public archives, named.. "SAR130extra2.1notes-for_viking_v1.6+_firmware.pdf"

And your VoIP rule will look something like this..

create ipf rule entry ruleid 5060 ifname public dir in act accept transprot eq udp destport eq num 5060 seclevel high medium low

create nat rule entry ruleid 5060 rdr lcladdrfrom 192.168.1.3 lcladdrto 192.168.1.3 destportfrom num 5060 destportto num 5060


Final thought: I realise that networking is still something of a black art, even to many professionals, and that the technology has a long way to go towards being user-friendly, but consider; the things we can do now with a free box from our ISP, hardware firewalls and routing, secure NATs, port-forwarding, not to mention goodies like automatic DDNS, just a few years ago, would have required serious resources and technical skill to implement.

Sure it's frustrating sometimes, but all doable, and really, when you think about it, quite incredible.

for now..

;o) Cor

ps.. Uncle Bob! Is it it really you Uncle Bob? smiley for :D First rule of computing: Don't PANIC! If the worst comes to the worst you can, at any time, poke something sharp in the back, and you're back to square one. *phew*

But if you go to the recipes page, and try the web server recipe, you should be back in business! I'm presuming you need an incoming port 80 connexion, though I've no idea why you would. Have fun! Let us know how it goes.


Uncle Bob - 09.04.05 7:44 am

smiley for :erm: Yup its really me!!! I suppose its too late now to say "Ignore the above entry of mine" as I only afterwards got the brainwave smiley for :idea: Yup its really me!!! I suppose its too late now to say "Ignore the above entry of mine" as I only afterwards got the brainwave smiley for :idea: Yup its really me!!! I suppose its too late now to say "Ignore the above entry of mine" as I only afterwards got the brainwave smiley for :idea.gif to check the website - site down for maintenance!!! Working fine now...

On the other hand, how and where do you check if the firewall is on or off and what its settings are?


rob - 09.04.05 12:30 pm

i cannot do anything thats on this site it keeps asking for a username and password how do i get past this?

your help would be much appriciated


cor - 09.04.05 1:18 pm

no problem Bob, I suspected something was amiss (there's no such thing as coincedence). Look on the bright, now you got it all setup and secure, AND everything works!

rob, easy! simply enter the username and password! TADA!
(the usual one, mentioned in main article (above), and the other pages, too!)

;o) Cor

ps.. bob, try the selectors above the comments here, main security settings are at http://192.168.1.1/MainPage?id=19


rob - 09.04.05 2:01 pm

Thanks cor i looked further on in your instructions and found this anyway.

I have one main question that might stem in to serveral others

first of all Iam an IT helpdesk beginner and I am still learning I suppose so are most people in the technology industry

I have downloaded Realvnc which as you may know is software to enable me to remote in to anyboadys PC as long as they have a) the same software b) no firewall and c) no passwords or things like that.

Iam trying to turn off the firewall or can I enable this certain product in and out access to my PC. Its a Voyager205 would it be better to use the Windows XP firewall instead or both. Is this wise or not. all i want to do is use Realvnc to help my father in law and untie to do things while im at work if they have any problems, what do you recomend.

Thanks if you can help I will be very happy.

sorry for the essay.

rob


cor - 09.04.05 3:17 pm

Hey rob! essay is good! more info is always better than less!

VNC is a fine tool, so long as they have a) a VNC server running, b) a GOOD Firewall, and c) a VERY STRONG PASSWORD.

VNC uses port 5900 by default (I think), you will want to change that at the server (Father-in-Law's) end, and use the same port at your end, too, of course. To get through the router, create a regular port-forwarding rule-pair, like the generic ones on the recipe's page, using whatever port you want. (he has a 205? yeah?)

Ensure your FiL's VNC server has a VERY STRONG password. I can't stress this enough. If some script-kiddie stumbles across your FiL's VNC server and discovers the password, he will have complete and total control of your FiL's desktop. Think about it.

Most VNC server's allow you to create temporary sessions, with once-only passwords, good for an hour or so. You might want to consider getting together first on IRC (a DCC chat, perhaps) and only using the VNC server on an occasional basis. KDE (on Linux) has all this built-in, rather handy, and I use it to control my main Linux box, where Azureus lives.

If you have any other firewalls running at the server end, you will need to punch a hole through on whatever port you chose, this is usually called "creating a service" on the firewall, or just "opening a port", perhaps (I'm dropping in these juicy easy terms  to pass onto your FiL, he'll need to open the port without you!)

This only needs to be done on the machine running the VNC server, AND its router/gateway.

Feel free to ask more questions, I'm in the mood for fast typing today.

;o) Cor


rob - 09.04.05 4:08 pm

Cor your a ledgend

No FiL does not have a V205 a wannado broadband standard box

is there a way i can get in there and set up my FiLs password for him and if so what do you mean by strong password like lots of carracters i have a standard Pc and run Windows XP i have done a few of your tips like

create nat rule entry ruleid 6881 rdr prot num 6 lcladdrfrom 192.168.1.3 lcladdrto 192.168.1.3 destportfrom num 6881 destportto num 6889

and also modify nbsize maxipsess 512

what excatly do they do, does the last one speed up the connection? i also have done the one for winmx but not sure if things have sped up i mean it stills goes through the traffic light set up bit.

is there any thing else i can do to speed the connection up and is it the create ipf rule entry ruleid 5 dir out act accept storestate enable seclevel high medium low

that i have to set the port for the RealVnc to work?




cor - 09.04.05 5:10 pm

Legend? shhh! the folk here don't know bout dat! smiley for :lol:

Set his password for him? Not easily. Get him to use a word you both would know but wouldn't have to say out loud, I mean, something you would know only by giving clues, like "my sister's dog's name".

Once you are in, you can alter whatever settings you need. My first thought was, in fact, "use RDC!", but I must have presumed that you couldn't use RDC (Remote Desktop Connection) for some reason. Can you? If he has XP installed (or 2000 pro with terminal services) you could do exactly the same thing with RDC. Simply get the RDC client software from M$ and get him to create a user for you on the system.

The downside is that you can't share the desktop in the same way you can with VNC, it's basically him or you. Worth considering, though, and more responsive in use.

As for the router rules, I recommend you go step-by-step through the pages here and setup a stealthed router with simple rules for whatever P2P/servers you need, static IP, etc. There's a checklist at the foot of the troubleshooter page which definitely helps with this.

You only need to create port-forwarding rules on the machine running the server (which applies to web, FTP, VNC, P2P apps, whatever). The first stealth rule (id 5) takes care of ALL outgoing traffic.

have fun!

;o) Cor


cor - 09.04.05 5:15 pm

oh, yeah, the passwords..

weak: "God", "sex", "admin", "<name of someone you know>", "<date of birth>", etc.

strong: "fJh58^gh@@2jF16" or "095++2BbAuQ}£~#fo0", or whatever.

for now..

;o) Cor

ps.. DO NOT use my "example" strong passwords, by being published on the web, they are no longer strong smiley for :ken:


cor - 09.04.05 5:18 pm

ps.. a very clever person I know (me) uses passwords based on interesting shapes on the keyboard, things that can be typed very very quickly. I don't know what many of my own passwords look like!

I learned this was smart after having my first account on an old VAX machine stolen by some dickweed looking over my shoulder as I s l o w l y typed in my akward password.

My own system passwords are a complex blur of finger motion that not even a hidden camera could catch!

;o) Cor


rob - 09.04.05 5:54 pm

hello again Cor im not have any success at all this is iam afraid over my head i have done everything you have said in the troubleshooting guide at the bottom and i have tried to test to see if port 5900 is open and it has come back and said connection refused what do i need to type in the telnet thing to get port 5900 open please help me im getting stressed

is it true that my ip address keeps changing or is it just me? is there a way just to turn the firewall off this voyager205? do you have an email address that i can email i think that it would be quicker that way

thanks again
rob


Neil - 09.04.05 7:32 pm

Hi.

Despite reading this help guide i still cannot get a program called dameware to connect to the internet in anyway or form.
Any ideas or help would be greatly appreciated guys :-)

Thanks
Neil



Jack - 09.04.05 11:04 pm

Hi

Trying to add the hacks you have up on this site but i cant get past the first stage. How do i open up a telenet session with my router if it is not at 192.168.0.1 ? Mine is at 192.168.0.2 thank you


cor - 10.04.05 11:28 am

rob, remember, you'll only get success if you have a listening server running on that port. You have a VNC server running on your machine, too?

IP changing? Which one? The public IP (Yes, every time you reconnect to BT), or the Private IP? (192.168.1.something, No, shouldn't, not if DHCP is disabled on the router)

Without the firewall running on the router, you can't forward any ports.

Neil, simply create a regular port-forwarding rule for port 6129. The genric rules on the recipes page are what you need, just replace the IP and port with whatever you need. Remember you'll need to disable other firewalls, like the XP firewall, or else create a rule to allow dameware, like this. I'm presuming you've setup the router, as per these pages.

Jack, open a DOS box (prompt, window, whateveryoucallit) and type telnet 192.168.1.2 or whatever the address is. Keep a shortcut handy in your browser's bookmarks.

for now..

;o) Cor


JamesO - 11.04.05 12:30 pm

Hi Cor,

Looking forward to this ZIP B mode, but first I need to telnet the box and it will not accept any keyboard input for the password at all. Works fine for login, but dead as though the keyboard was not even connected, except the enter command. Then login fails, and returns to user: I reuploaded a clean Ver 1.6 from BT and f...k all no results. Very odd. I can login to the advanced confirguation page, but not telnet.
I realise its a good box when for free, but I don't think I need DDNS and I only want my VoIP to work properly, as I need the USA inline for business.

Hoping for the sort!

Cheers

James


alan - 11.04.05 3:06 pm

Hi Cor just found the site and it's brilliant. My problem is my netgear DM602 will not allow pop email port 110 to connect is there any way to open the port manually or hack the router to allow this traffic through ?


Andy - 11.04.05 5:17 pm

great website, can anyone tell me, what power adaptor is required to power this from AC, I've just moved into a new house, where they've left this for broadband use, but NO PSU!

voltage, polarity, and ampage would be good. Is this on original battery eliminator/power adaptor?


cor - 11.04.05 6:44 pm

hey JamesO, it looks like the keyboard isn't working, but that's normal for shell password entry. just enter the password as normal, and press <enter>.

alan, stealth rule one will allow all outgoing traffic. If you need to allow incoming traffic to a POP server, simply use the generic rule from the recipes page, swapping in port 110, and the static IP of the machine running your POP server.

Andy, check the previous page of comments, someone had a similar problem. I think it was 7.5V @ 1AMP, but check anyway! I dunno what the polarity is, usually the center is + and the sheath is -. I could unplug mine (*gasp*) and check, if you like, but generally speaking, getting it wrong isn't usually fatal (don't quote me on that!) and you just swap it and it works! Thanks heavens for diodes!

have fun!

;o) Cor


Andy - 11.04.05 7:02 pm

is that 7.5v on the original psu, as the manual states 18 volts! @600mA.




Andy - 11.04.05 7:22 pm

nope, tried 7.5v, 9.0v and 12.0v it does the same thing, it starts up, Power LED Green Lit, and then Diag, DSL, Ethernet and USB all flash once, and then Ethernet and USB Light and go off.

Doesn't get recognises if I plug in USB to computer and ethernet light doesn't light if plugged in.


Andy - 11.04.05 7:40 pm

Success.

For further people who lose, blow-up, don't have the battery eliminator, you must use a PSU with 18 VOLTS, that can supply at least 600mA! If you use anything less than this, it will start-up and reboot etc

But, if you have an old (very) Ext PSU from a US Robotics External Modem, no problems, they were 18v!




cor - 11.04.05 7:54 pm

haha, if in doubt, turn up the juice!
I ventured under the desk again for a closer look. Yikes!

In fact, the power pack states 16V @ 1A (16VA)!!! I must have been looking at my switch box power unit the first time around smiley for :roll: there's so many of them under there!

;o) Cor


Andy - 11.04.05 8:41 pm

i read the manual! 18v!


cor - 12.04.05 12:36 am

you got a manual?

;o) Cor


beefy - 12.04.05 6:46 pm

i need help i dont have clue how to get my router to let me play games etc :S


Alex[RM-UK] - 13.04.05 11:55 am

Hey, I'm trying to run the Bit Torrent Client Azureus, I have done the rule commands that you supplied, and I have changed your IP address to mine. I set the port for Azureus to use as 49210, but when I download a torrent, my download speeds are still around 8-9kb/s Please help, these speeds are unbarable! smiley for :lol:


cor - 13.04.05 7:11 pm

beefy, start with these fine pages! I guarantee, by the time you've finished them, you'll know a helluva lot more about port-forwarding!

Alex[RM-UK], first, confirm you have checked every item on the checklist. And the IP, is that really you? 192.168.1.something?

Azzy is grabbing for me right now, at a neck-breaking 230kb/s (a busy torrent) so that's what you're aiming for. something's definitely not right if you're only getting 9kb/s! Also, try a few torrents, older, dying torrents sometimes do go at that speed!

I'd be remiss in my duty as a torenteer, if I didn't take the opportunity to say, once again.. If everyone seeded just 1:1, no torrent would ever die.

;o) Cor


sandy - 15.04.05 8:33 pm

when I export the config in the web interface nothing happens!


Marc - 15.04.05 9:50 pm

I am using the Voyager 205 on USB (ethernet for xbox), and i am trying to set up port forwarding for emule (TCP-4662, UDP-4672). Can someone email me a step by step guide from scratch to unlock these ports ?

Marc.Lane@tiscali.co.uk

I am not very technical so be gentle on me please.

I assume my ip using the usb is 192.168.1.2 ?

Thanks peeps.


Dan - 15.04.05 9:56 pm

Hi there, first I'd like to say what a helpful site this is. I had no idea what to do but now I can set up port forwarding etc easily. The only thing is I have a problem :o( basically, every time I try to change the DHCP mode to off it comes up "Fails to perform the specified action..." and " Error: Invalid command", this also happens when I try to add my own server pool. I have a horrible suspicion this might have been put in place by BT to stop me setting up a static IP, if this is the case are there any ways around it? Any help appreciated :o)


Dan - 15.04.05 10:01 pm

Should have tried using IE instead of firefox first, doh! Still an excellent site though, wouldn't have been able to do any of this without it!


zaffarc@gmail.com - 15.04.05 10:44 pm

Hi

Ok, i've been invited onto Gmail.I'd been using netscape 7 on FC3 (i'd have preferred to use thunderbird, but the BT pop & smtp server don't support it - BUMMER why? I think yahoo don't like open-source). Anyway, I got to thinking one way round for me get round yahoo and BTs' restrictions on thunderbird, would be "centralize" all my e-mail accounts that i seem to have accumulated over the years onto gmail (that way I can leave ALL my mail on the Gmail 2GIG account they offer - that yahoo don't - and in the bargin get e-mailed mp3 tracks from friends). To cut a long story short, I need to open ports ports 995 (pop.gmail.com) & 465 (smtp.gmail.com). I tried the guid on this site and then tested it using the this sites' port scanner - which returned "connection refused" ... anyone out there have a similar promlem. Appreciate if they could get in touch. Cheers. :-)


jamie - 15.04.05 11:13 pm

hi seems a good site from comments.im not having much luck with my voyager 205 and shareaza.i ve followed instructions to stealth and nat rules.i have a static ip 192.168.1.40. but when i start shareaza
its still telling me im behind nat or firewall(im not using a firewall by the way).when i made rule for both nat and firewall,i copy/pasted from here but changed to my ip.do i need dhcp mode off always or just when setting static ip?also can tell me more bout disabling blacklist as u say something bout it for port probing.
hope u can help me,im missing my quick fast d/ls
thanks peeps


Bael - 16.04.05 9:47 am

hey Cor =D

I'm lost again lol xD

I just Downloaded Ares, but it's different to all other p2ps, when it starts up it randomly selects a port to listen on, and you cant change the range of ports, to change it, you have to goto the control panel after its started up, and enter the port you want it to listen on, but when i do this with a port i already have forwarded, i tried a few BT ports, 6881 etc, i get connection refused on your p2p probe =S you got any idea whats up??

Thanx,
Bael


cor - 16.04.05 2:17 pm

hi!

sandy, it did! It just looks like it didn't, check your default download location, it'll likely be there.

Marc, I recommend you get an ethernet switch and connect them both by ethernet. Have you seen the recipes page? Check it out! There's an eMule recipe right there! We don't do USB here, but I presume the commands for port forwarding would be the same. Don't expect it to work very well, though, eMule+USB=Trouble.

Dan if you mean the WAN (Internet) side, of course you can't alter that. If you mean LAN side (your home network), it should be easy to disable it. Confirm for me that you are trying the latter, see pop-up admin page selector pages 8 & 11.

zaffarc (hey, you want me to leave your email address as plain text on my page? Probably not a good idea!) Firstly, Thunderbird works great with BT/Yahoo, and is well supported. What gave you this crazy idea?

Secondly, you don't need to open port to communicate OUT, only for allowing others to connect IN to your machine. Ergo, you don't need to forward ports to use Gmail.

From thunderbird I run; several BT/Yahoo mail accounts, my Gmail account (thanks barney!), and Hotmail accounts, as well as my regular gmx and other POP accounts. (an associate here also runs Yahoo Webmail from the bird)

All my accounts use the same inbox, same folders, same set of filters, etc, etc. Maybe you just need to play with the bird a bit more.

jamie, for now, all I'll say is; run through the checklist at the foot of the troubleshooter page, ensure everything is ticked, and try again. Get right back here if you're still in difficulty.

Bael, that's strange, my version (1.8.1.2955) of Ares allows me to specify a port (I use the same one as my peecee BT port, good call!) and it works fine, and if I have Ares running, the port probe says "sucess!!!", too.

What about the connexion test in Ares? Does that pass? I can't remember your setup, but it sounds like there's another firewall somewhere, assuming you're setup as per checklist.

Also, avoid the 68** ports (BitTorrent) altogether, use 49000+ typr numbers instead.

for now..

;o) Cor


phill - 16.04.05 9:29 pm

Please could anyone tell me if there is a way to get this modem to work with linux


david - 16.04.05 10:46 pm

when i used the telnet,i entered a code...then it kinda freezed...since then i can't login as an administrator:I had set up a new login and password and it wont accept them...
Any ideas?...can i reset the program so i can start with admin/admin...


jamie - 16.04.05 10:48 pm

hey thax for quick reply.well i went thu troubleshoot and i never changed dhpc to none.so now i get SUCCESS at ur helpfull port probe page.however,when i run shareaza now i get poor search results still!also i cant connect to anything else while i run it.grrrr
cant see anything wrong with shaza settings.im stumped.do u have any idea whats up?
thanx


david - 16.04.05 10:53 pm

Well forgot to precise...but obviously uninstalling/reinstalling the software didn't work...any advice would be very welcome as i need to be able to access the configuration menu and it's very frustating not to be able to do it anymore...


david - 16.04.05 10:58 pm

yeyy...now it works...(sorry for the double post by the way)


mark - 17.04.05 1:09 am

I've been trying for hours to open the ports tcp 4662 udp 4672 on my bt voyager 2100,but nothing works.
I'm using emule and always get a low id.If anyone could give me some advice that would be more than welcome.thanks



cheva1ier - 17.04.05 10:43 am

I've been experiencing dropouts for about the last month or so with BT Broadband even after uninstalling all p2p software. Sometimes the dropouts will happen around 5 in the evening all the way up to around 9, other times it seems random. What happens is a webpage will stop loading and after about a minute or so, I will be able to connect again. During that minute I can still get to the admin page for the router itself.

I've called them on numerous occasions. They have checked the line and at the exchange server and have not found any faults. I have an engineer scheduled to come out tomorrow, but I'm afraid that the engineer will not find anything either.

I am using the ethernet cable. I have tried using the usb cable and have experienced the same problem. I have swapped microfilters and only have one phone connected to the line. I have not found any spyware or viruses on the computer. I have no firewalls running other than the one already on the router. The disconnects have happened using the default settings and the settings you recommend on this site. I am also using version 1.6 of the firmware.

I have copied my telnet session here, in hopes that this would shed some light on my problem. This is only a sample of what happened over the night up until 4:30 in the morning.

$
Sun Apr 17 00:53:32 2005 : WARNING : PPP Interface Down : Interface - ppp-0
$
Sun Apr 17 00:53:32 2005 : WARNING : ATM VC Down : Interface - aal5-0, PortId=7, Vpi=0, Vci=38
$
Sun Apr 17 00:53:32 2005 : MAJOR ALARM : DSL Interface Down
$
Sun Apr 17 00:54:05 2005 : STATUS ALARM : ATM Interface Up : Interface - atm-0
Sun Apr 17 00:54:05 2005 : STATUS ALARM : ATM VC Up : Interface - aal5-0, PortId =7, Vpi=0, Vci=38
Sun Apr 17 00:54:05 2005 : STATUS ALARM : DSL Interface Up
$
Sun Apr 17 00:54:26 2005 : STATUS ALARM: PPP Authorization Successful : Interface - ppp-0
$
Sun Apr 17 00:54:27 2005 : STATUS ALARM : PPP Interface Up : Interface - ppp-0
$
Sun Apr 17 00:59:07 2005 : MAJOR ALARM : ATM Interface Down : Interface - atm-0
$
Sun Apr 17 00:59:07 2005 : WARNING : PPP Interface Down : Interface - ppp-0
$
Sun Apr 17 00:59:07 2005 : WARNING : ATM VC Down : Interface - aal5-0, PortId=7, Vpi=0, Vci=38
Sun Apr 17 00:59:07 2005 : MAJOR ALARM : DSL Interface Down
$
Sun Apr 17 00:59:25 2005 : STATUS ALARM : ATM Interface Up : Interface - atm-0
Sun Apr 17 00:59:25 2005 : STATUS ALARM : ATM VC Up : Interface - aal5-0, PortId=7, Vpi=0, Vci=38
Sun Apr 17 00:59:25 2005 : STATUS ALARM : DSL Interface Up
$
Sun Apr 17 00:59:46 2005 : STATUS ALARM: PPP Authorization Successful : Interface - ppp-0
$
Sun Apr 17 00:59:47 2005 : STATUS ALARM : PPP Interface Up : Interface - ppp-0
$
Sun Apr 17 01:04:27 2005 : MAJOR ALARM : ATM Interface Down : Interface - atm-0
$
Sun Apr 17 01:04:27 2005 : WARNING : PPP Interface Down : Interface - ppp-0
$
Sun Apr 17 01:04:27 2005 : WARNING : ATM VC Down : Interface - aal5-0, PortId=7, Vpi=0, Vci=38
Sun Apr 17 01:04:27 2005 : MAJOR ALARM : DSL Interface Down
$
Sun Apr 17 01:05:08 2005 : STATUS ALARM : ATM Interface Up : Interface - atm-0
Sun Apr 17 01:05:08 2005 : STATUS ALARM : ATM VC Up : Interface - aal5-0, PortId=7, Vpi=0, Vci=38
Sun Apr 17 01:05:08 2005 : STATUS ALARM : DSL Interface Up
$
Sun Apr 17 01:05:29 2005 : STATUS ALARM: PPP Authorization Successful : Interface - ppp-0
$
Sun Apr 17 01:05:29 2005 : STATUS ALARM : PPP Interface Up : Interface - ppp-0
$
Sun Apr 17 01:10:10 2005 : MAJOR ALARM : ATM Interface Down : Interface - atm-0
$
Sun Apr 17 01:10:10 2005 : WARNING : PPP Interface Down : Interface - ppp-0
$
Sun Apr 17 01:10:10 2005 : WARNING : ATM VC Down : Interface - aal5-0, PortId=7, Vpi=0, Vci=38
Sun Apr 17 01:10:10 2005 : MAJOR ALARM : DSL Interface Down
$
Sun Apr 17 01:10:28 2005 : STATUS ALARM : ATM Interface Up : Interface - atm-0
Sun Apr 17 01:10:28 2005 : STATUS ALARM : ATM VC Up : Interface - aal5-0, PortId=7, Vpi=0, Vci=38
Sun Apr 17 01:10:28 2005 : STATUS ALARM : DSL Interface Up
$
Sun Apr 17 01:10:49 2005 : STATUS ALARM: PPP Authorization Successful : Interface - ppp-0
$
Sun Apr 17 01:10:49 2005 : STATUS ALARM : PPP Interface Up : Interface - ppp-0
$
Sun Apr 17 01:15:30 2005 : MAJOR ALARM : ATM Interface Down : Interface - atm-0
$
Sun Apr 17 01:15:30 2005 : WARNING : PPP Interface Down : Interface - ppp-0
$
Sun Apr 17 01:15:30 2005 : WARNING : ATM VC Down : Interface - aal5-0, PortId=7, Vpi=0, Vci=38
Sun Apr 17 01:15:30 2005 : MAJOR ALARM : DSL Interface Down
$
Sun Apr 17 01:16:10 2005 : STATUS ALARM : ATM Interface Up : Interface - atm-0
Sun Apr 17 01:16:10 2005 : STATUS ALARM : ATM VC Up : Interface - aal5-0, PortId=7, Vpi=0, Vci=38
Sun Apr 17 01:16:10 2005 : STATUS ALARM : DSL Interface Up
$
Sun Apr 17 01:16:32 2005 : STATUS ALARM: PPP Authorization Successful : Interface - ppp-0
$
Sun Apr 17 01:16:32 2005 : STATUS ALARM : PPP Interface Up : Interface - ppp-0
$
Sun Apr 17 01:21:12 2005 : MAJOR ALARM : ATM Interface Down : Interface - atm-0

The only programs I was running over the night was Skype, AIM and Yahoo Messenger.

Sorry for such a long post, but this problem has been plaguing me for far too long. Any help would be greatly appreciated.



crusti - 17.04.05 11:37 am

Hi Cor
its me back again
ive started again, this time with out the BT shite in the way,
but i still get "connexion timed out (probably stealthed)"from your portprobe.

can i send you my config file? see if you can see what im doing worng??

cheers Crusti




EnemyOfThe205 - 17.04.05 12:01 pm

I have happily followed and implemented all the lovely instructions and tips on here and have decided that this router is the worst piece of hardware anyone ever invented. It's useless!
I'm not a stranger to IP tables and port forwarding, in fact it is what I do as an unpaid job for people who need help with various things, but this particular piece of hardware really is useless.
Whatever I set for Emule, the minute I switch it on, I can't surf..or use msn or anything. It's not my uploads speed, I set that to 0.5kps for testing, the router just can't handle multiple concurrent connections.
It also does the same using Mercury msn on Linux, mercury = on.. connection= GONE.
I'm putting my homemade router back on and disabling NAT on the 205 for an easier life.


Dave - 17.04.05 1:57 pm

This site is so much appreciated..My 205 would be smashed by now if it wasnt for you lol!!


crusti - 17.04.05 3:22 pm

LOL, Well put dave


cor - 17.04.05 3:33 pm

ahh, gotta love Sundays!

phill , no problem! The 205 connects to the internet independant of any machine, so it doesn't matter what platform you use, so long as you have an ethernet connexion. Check out the static IP page for more details (links at the top of this page)

david, glad it all worked out! don't worry about the double post, almost everyone does it! and hey! surely you mean "send my 205 to cor for experiments" heheh. thanks guys!

jamie meet the max IP session limit! (more on this later) you really want to a) apply the max IP session limit tweak, b) use ethernet and c) tweak shareaza to use less connexions. I recommend eMule (but disable KAD!)

mark, I don't know the bt voyager 2100, do you have a command line manual? we could work out the commands easily enough if you do. If not, maybe google a bit?

cheva1ier, yikes! Have you applied the ppp tweaks from these pages? If not, do that! I'd like to see your config file, you can mail it to me if you want.

same for you crusti, no problem! It's become a "morning coffee break" activity now, looking at folk's router configs! But PLEASE add a full description of what you are trying to achieve WITH the config file.

EnemyOfThe205, I'm your number one fan! smiley for :lol: I know what you mean, the IP session limit is a bummer, but I can understand why it's there; this thing gets hot enough, and there isn't the memory on it for anything bigger.

If folk need a more serious solution, they can pay for it, but for FREE, the 205 is sufficient for most folks' needs. certainly, I've downloaded a *lot* of data in the last few months, all through the 205, and if the client machines are setup mindfully, its limits aren't so bad.

I was considering getting something beefier myself, but with the 30GB/month limit about to hit, it seems kinda pointless.

for now..

;o) Cor


stephan - 17.04.05 3:54 pm

Sorry if my question sounds stupid.but is it possible to use a bt router abroad or is it just possible in the uk?...I'm going in france for 8 months in september and i wonder if my router will work there.


cor - 17.04.05 4:57 pm

THERE'S NO SUCH THING AS A STUPID QUESTION!

Yeah, in theory it should work okay. You'll need a local AC/DC adaptor, to supply 16VA (say 16V@1A or maybe 18V@750MA or something like that) and the ISP's settings will likely be different, check Makila's forum (link above these comments) for the French versions of these.

For the UK, it's..

DNS = auto
VPI = 0 (zero)
VCI = 38
Authentication = CHAP
Modulation = G.DMT
Encapsulation = VC MUX
Encapsulation Protocol = PPPoA


Just so you know what to look for! have fun!

;o) Cor


jamie - 17.04.05 6:40 pm

hi again,i ve to what u last said and still nothing.has shareaza gone bust or something?anyway i give up.im going to try out emule now.thanx for your help.
tc


jamie - 17.04.05 9:41 pm

hi,installed emule,set the firewall rule and nat rule(copied your recipe).emule connects,but no downloads happening.disabled kad.ran emule port test and it fails every time.i ve once again been right through ur check list,well the whole of your site really,lol,and i cant figer this one out.must be something silly.



Alex - 18.04.05 12:50 am

I just want to thank you for taking the time to write this guide.

It has helped me alot, very good work keep it up.



Stephen - 18.04.05 9:27 am

Hi cor i running a world of warcraft server but how do i get so ppl can connect to it atm in the files it has the lan ip 192.168.1.100 i also did firewall rules and forwarded the ports which are 3724 8080 8085 thanks


cor - 18.04.05 4:28 pm

working back..

Stephen, folk can connect just fine. Your webserver (port 80), for instance, shows your root web folder with "modperl/", "modperlasp/", "wow/", and "xampp/" folders. success!

I haven't scanned any other ports, but if you've got port 80 working, the others should work just the same.

Alex thank you! Time is my most precious asset!

Jamie, yeah likely. Feel free to send me your config file if you like, and I can eliminate any silly things from there.

for now..

;o) Cor


Hamiee - 18.04.05 4:39 pm

I am connected to TalkTalk B/Band and am trying to use my BT Voyager 205 ASDL Router to connect my mac and PC to the internet simultaneously. I have a naff wee Sagem modem that came free with the TalkTalk package and acquired the BT Router from a friend. I'm having major problems getting the router to recognise the existing TalkTalk connection. As of yet I have been unable to connect both platforms to the net @ the same time. Heeeeeeeeelp


cor - 18.04.05 4:51 pm

Hamiee We'll need more information about your setup. Are you using the 205 to connect to the TalkTalk service? Or the sagem into the 205 and then to the other machines? Are you using an ethernet switch (highly recommended)? etc.

If it were me, I'd chuck the Sagem, configure the 205 to use TalkTalk's settings (check their site) and connect it to a switch, and the machines connect to that, too.

more info!

;o) Cor

ps.. (when you refresh the page, doesn't it warn you that you are about to POST the comment again? all my browsers do!)


Frankie - 18.04.05 9:15 pm

Hey, thanks for all the info on your site... helped a lot


Kung - 19.04.05 11:58 am

I can't config SNMP to this H/W. How to config SNMP, I'm use XAVi X8124r.

H/W Detail :
Model: Viking
H/W Version: 810020
S/W Version: 3.959AVT1.8124A/138030917a2

Can I use SNMP on this machine?
Thx a lot.


Stevie - 19.04.05 12:40 pm

I am having a few problems!

I am running Windows XP SP2. I know that there have been changes made to the TCP/IP stack in SP2.

I am using 2 file sharing progs: Shareaza and LimeWire. Both of these progs are causing me problems. Shareaza ( on port 6346 ) and Limewire ( on port 6348 ).

Sheraza is by far the worst, as when connected, within a few minutes I am unable to get function from Internet Exporer or Outlook Express ( send and receive ). Limewire will eventually cause the same fault if there is multiple downloads.

I know of 2 other people with a broadband connection who are running SP2 and do not appear to have this problem. However, in both cases a ADSl modem ( terminal adapter ) not a router is their connection device.

Is there some way to configure the voyager 205 in order to correct the problems I am having?

I have followed all the steps on your main page to reconfigure my router but I am still having problems.

Stevie


Stephen - 19.04.05 2:41 pm

Hi Cor well in the config file for the game server i was reading on a router guide and says you put your wan ip in so ppl can connect i tryed that but i could not connect to the server only if i put the lan ip in


jamie - 19.04.05 4:41 pm

hi bk again!i ve copied my nat and firewall rules from the web interface after ive set it up for port 6346.it should still work if i dont hit that red save button,right?as it stays in that state till
i reboot router.
Rule ID I/F Apply Stateful Inspection Direction Rule Action In I/F Log Option Rule Description Oper. Status Action(s)
5 ALL Enable Outgoing Accept ALL Disable - Edit Detail Delete
6346 Public Disable Incoming Accept N/A Enable 1.Protocol eq TCP
2.TCP Flag All
3.Dest Port equal to 6346
Edit Detail Delete
6356 Public Disable Incoming Accept N/A Disable 1.Protocol eq UDP
2.Dest Port equal to 6346
Edit Detail Delete
500000 Public Disable Incoming Deny N/A Disable - Edit Detail Delete






Rule ID IF Name Rule Flavor Protocol Local IP From Local IP To Action
1 ppp-0 Virtual Server UDP 192.168.1.40 192.168.1.40 Delete Detail
2 ppp-0 Virtual Server TCP 192.168.1.40 192.168.1.40 Delete Detail
6346 ALL Virtual Server ANY 192.168.1.40 192.168.1.40 Delete Detail
6356 ALL Virtual Server ANY 192.168.1.40 192.168.1.40 Delete Detail
100000 ALL NAPT ANY 0.0.0.0 255.255.255.255 Delete Detail

hope thats ok!!:(


jamie - 19.04.05 4:52 pm

sorry for ddl post.
1 ppp-0 Virtual Server UDP 192.168.1.40 192.168.1.40
2 ppp-0 Virtual Server TCP 192.168.1.40 192.168.1.40

dont think these r supposed to b there.but when i delete them they pop back when i run shaz/emule
thanx


andy - 19.04.05 6:11 pm

can someone give me a simple rule for iDent 113. I've been "playing" for hours, and the only way I can get it to work if disable Rule 500000 not a good idea! Followed port forwaring and doesn't work, another question, why does the telnet interface hang when I paste commands into it!

(it's okay with vb script!) firmware v1.6


bingram - 19.04.05 7:56 pm

Hi,

I am trying to configure my 205 to use Shareaza which uses port 6436 by default. I have set up a static IP address of 192.168.1.50 I have also "stealthed" my router as instructed.

I have allowed both a TCP and UDP IPF using the following commands:

create ipf rule entry ruleid 6436 ifname public dir in act accept transprot eq tcp destport eq num 6436 seclevel high medium low

create ipf rule entry ruleid 6446 ifname public dir in act accept transprot eq udp destport eq num 6436 seclevel high medium low

I have created a NAT rule as follows:

create nat rule entry ruleid 6436 rdr lcladdrfrom 192.168.1.50 lcladdrto 192.168.1.50 destportfrom num 6436 destportto num 6436

The problem I am having is that as soon as I create the NAT rule I can no longer access any information on the internet (including the 205's page) let alone using Shareaza.

I also noted that the following message was posted in my Telnet session after creating the NAT rule:

Tue Apr 19 19:55:18 2005 : WARNING : ATM VC Congested : Interface - aal5-0, Port
Id=7, Vpi=0, Vci=38

Can anyone shed any light.

Brad



Stephen - 19.04.05 9:44 pm

Hi Cor well in the config file for the game server i was reading on a router guide and says you put your wan ip in so ppl can connect i tryed that but i could not connect to the server only if i put the lan ip in


cor - 20.04.05 2:13 pm

Kung, yes! check out the PDF's for more details.

Stephen, I recommend a Dynamic Hostname (DDNS), the 205 will keep it updated for you, too, automatically.

Stevie , it just sounds like you're hitting the 205's "max IP Session" limit. ensure you've tweaked it to 512, and configure the apps to use less connexions. eMule works great for me, and that's with a few torrents running on another machine, too.

andy so long as you deleted the built-in firewall rules, regular port forwarding should work just fine. did you?

jamie if that's a windows machine, disable UPnP!

bingram, firstly, forget the ATM VC Congested messages, we all get those. you say when you add the NAT rule, your internet dies??? that's a weird one! mail me your config! want to see this!

I guess it's possible that the moment you create the rule, Shareaza starts connecting (ie "working") and Shareaza is the number one killer of internet connexions! Well, at least with the 205. Try eMule!

did I miss someone? kinda in a time-crunch..

;o) Cor



Michael - 20.04.05 5:47 pm

Hi cor, now... when i check my ip address in ms-dos by typing in the command "ipconfig" it says im 192.168.1.3 but on various websites which tell you your ip address including your port probe it says i am 81.155.101.74 Can you please explain the difference please?

Thanks :)


jamie - 20.04.05 9:09 pm

i did that.still no joy!im going to call my isp.hopefully theyll
sort it for me.
thanx again for your help.



Mick - 20.04.05 10:01 pm

Yo cor remember me? well after redoing your whole stealth, static ip, and azures recipies i finialy got it working its a dream come true lol im talkin from 4kbs to now jus over 100kbs!!! TYVM


Andy - 20.04.05 10:03 pm

Michael: The IP address 81.155.101.74 is the Internet facing IP address assigned to you by your ISP, on what we call the WAN side of the router.

192.168.1.3 is your internal IP address of your router, which we cannot see! If you router is configured correctly, but remember Java applets can reveal your computers IP address to the world, but 192.168.x.x is in the private range, and cannot be routed to.


Andy - 20.04.05 10:05 pm

Michael: whoops!

192.168.1.3 is the ip address of your computer, the IP address of you router, is likely to be 192.168.1.1.


Andy - 20.04.05 10:10 pm

yes, i've deleted all the inbuilt default rules using the script, but after doing this should I only have rule 5 & 500000, because there are more 1010, 1020, 1030 etc are these also default!


michael - 20.04.05 11:04 pm

Andy thanks allot


Bael - 21.04.05 10:36 am

hey again Cor, i just gave up on ares, couldn't get it to work xD i'll stick to limewire =P
but this ain't really an big problem, but my upload speed on bit torrent sucks...an i mean sucks lol, i have a massive DL speed and virtually no UL speed, and i get called a leacher lol, but at the speed it uploads, i dont have the time to let it seed to a 1:1 ration xD and when i turn up the upload speed in bit tornado, my download speed goes way down =S
heres a screen (click)

an image


what can i do so i upload faster an still keep the good download rate??

thanx,
Bael


Recall - 21.04.05 4:04 pm

Hi, I followed the instructions to stealth and also setup bittorrent ports within those rules. I checked shieldsup and it say i am totally stealthed, which is great.

Now what I want to know, is for games like UT2004 it says I must have certain ports open. I never configured any port forwarding, and just tested to see if it would connect and it did.

Does this mean that my firewall is not working as it should? I was on the understanding that you have to forward ports for any program that wishes to access the net?


Cloudedbrains - 21.04.05 5:32 pm

smiley for :D Just came to say THANKS for the site smiley for :D

I just got a Voyager 205 to go with a Bt Broadband upgrade that Id ordered!
Thanks to your site it is nicely set up and working like a dream without any problems!
Thanks again!
Cloudedbrains


emil - 21.04.05 8:23 pm

Hi,

I'm tearing my hair out. I tried to set a static IP, which i did. I tried to disable this DCHP mode thingy, but it keeps asking me for username and password. I don't haver one, and I've tried everything, even leaving the space blank, it refuses me access. I just want soulseek to work, and my other p2p apps. It's really pissing me off, because, I am in no way, shape or form a techie, and all this stuff just seems way to complicated and dull for me. Yr site is great, and goes some way to explain things, but I need layman's terms because hardware stuff is too complicated. Waht can I do?
Many thanks,
Emil


Yeti - 21.04.05 9:44 pm

emil,

Usual defaults:

Username admin
Password admin

Good Luck


Bael - 22.04.05 12:16 am

Emi this is a stupid question...but did you try,
username: admin
password: admin

lol :P


Bael - 22.04.05 12:16 am

omg y dint yetis post appear on my screen??? it was made like 3 hours ago =S


Mick - 22.04.05 12:41 am

Omg after all that trouble i finialy got port 42910 working for azureus and i actualy downloaded fast but today its yellow again and going painfully slow, also yesterday the probe said Success! now it says connexion timed out. (probably stealthed), Help is apreciated so plz do.


Bael - 22.04.05 9:50 am

Mick You proably did everything right while forwarding that port, but forgot to save your configuration by going to the router config page/advanced and clicking the little red save button on the left hand side of the page, at the bottom of the menu :)


cor - 22.04.05 12:46 pm

ahh, back again, but not for long..

Michael, there's lots more info on the static IP page, check it out!

Mick, Cloudedbrains, great news! When the 205 is setup properly, there's nothing to stop a good torrent completely maxing out your download capacity! Don't forget Mick (apart from saving your config (to make it permanent)), not all torrents go full-pelto, and not all torrents will give you a green light, at least not immediately. It's usually worth trying a few torrents, from a few different trackers before drawing any conclusions.

Yeah, Andy, delete them ALL! By the way, the 1010 type numbers won't come back again after a router reboot, but the 10,30,50, etc numbered rules will. my "rad" script will deal with them, though. When I need to reboot the router (rarely, these days) I do..
rr
rad
and everything's back to normal. "rr" is my router rebooter script, easy enough to create from a copy of "rad"!

Bael, you can only upload as fast as people ask for it, I generally cap my torrents at around 10kb/s, so your screenshot looks fine to me. The trouble is your client.

With BitTornado (or similar "one-shot" clients) your seeding and your fresh leeches get done in different windows, and this irritates most people to the point where they feel the need to kill the old torrent, effectively becoming leeches. Not enough time? YOU HAVE ALL THE TIME IN THE WORLD!

There's nothing to stop you seeding any torrent for weeks, MONTHS! But yeah, it's annoying, having all those copies open (and your process manager will tell you, your many BitTornado's are probably still running even after you quit them! though not actually "live", just running) . So get a better torrent client. I recommend Azureus.

With Azzy, you're seeding and leeching is all done in one "queue-based" window. New torrents go in the top, capped at maybe 10kb/s, and when complete, they move to the bottom pane, where they are seeded. At this point, I often drop the speed down to maybe half again (5kb/s) and let it seed for as long as it takes to get 1:1 or more. There is never an excuse not to seed 1:1, though I've heard a few!

Once you get used to operating this way, you have yourself a permanent queue (for example, you can queue up fifty downloads (or whatever) at once, and have Azzy process them all to your requirements, downloading two or three at a time, seeding each to 1:1, handy when you have to go away for a day or two, as I often do)

Usefully, Azzy allows you to specifically set maximum IP connexions for each torrent, as well as an absolute maximum number of connexions, VERY handy for IP session-starved 205 users!

Recall, look again! Stealth rule one allows all outgoing communication by default. It's only incoming connexions you need to make rules for.

emil, I know it seems daunting, but the best thing you can do is read these here pages, where your fears will be assuaged, and your questions answered! It doesn't take that long, really, and I've been told time and time again that it's time well spent!

Thanks for mucking in guys, appreciated. I often have to nip away at the drop of a hat for days at a time, so it's comforting to know you'll share the wealth (knowledge) in my absence!

for now..

;o) Cor

ps.. Bael, gotta love the preview function! smiley for :lol:




Bael - 22.04.05 1:16 pm

Yeah i tried Azureus a while back, but seemed a little complex lol i was jus lookin for a simple interface lol :P guess I'll give it anotha try :)


Mick - 22.04.05 3:04 pm

Thanks Cor, i figured out the problem as to why it wouldnt work, it was becuase i made my xbox a DMZ (its ip is 192.168.1.35) i took it off and azureus is running good, except now when im downloading a torrent internet pages takes ages to load and sometimes msn wont let me sign in also :'( Nothins easy is it.. lol.


Cedders - 22.04.05 4:13 pm

Do these recipes work with the Voyager 2100?
Thanks


cor - 22.04.05 5:34 pm

dunno Cedders, but if you can get your hands on a CLI manual, we can certainly find some that do!

np, Mick, keep an eye on the upload speed (no more than 25kb/s) and the total connexions (no more than your "MaxIPSession" setting, which should be 512, if you tweaked it, as shown above. Setup correctly, it shouldn't affect your www speed one bit, unless you are downloading at 240kb/s, of course!

Instead of the DMZ, you might want to replace rule 50000 with a rule forwarding everything to the xbox. Your regular port forwarding rules (executing numnerically earlier) will still do your p2p stuff, as expected, but all other incoming connexions will go to the xbox, instead of the firewall. Just a thought.

Bael, I hear THAT! Its complexity put me off too, in the beginning. But really it looks a lot worse than it is, and it's definitely worth sticking with Azzy for a couple of days, you'll quickly master its (many many) settings. Once you do, you have total control of your torrent activity, and it's unlikely you'll go back to a "one-shot" client, thereafter.

;o) Cor

ps.. a little birdie told me that the entire Charlie Chaplin archive is being seeded, starting about now, on the Pirate Bay. All legal, of course smiley for :ken:



jamie - 22.04.05 5:44 pm

hi,just to say that i ve called my isp and they have put it down to a fault with my router,and r sending me a new one.so,fingers crossed
this one works!
thanks again for great site


Recall - 22.04.05 5:50 pm

HI cor, you say it allows all outgoing. So that means I only need to make rules if I want block a outgoing program for example.

OR.. I need to allow incoming connection for say a server for a game for example or bittorrent?

As it stands I am safe is this correct? I have only made a incoming connection for bittorrent as thats the only prog that needs it atm. Sorry feel like noob, I know pc's but this is my first hardware firewall.


cor - 22.04.05 7:41 pm

jamie, well, it may fix it! keep us posted!

Yeah Recall, correct, on all counts! Those two simple rules, thanks to the 205's "stateful inspection", will enable you to carry out all the regular internet tasks in complete safety. All connexions from your computers to the internet will pass unmolested, along with the data you requested. Everything from FTP to SIP will "just work", and most regular users can leave it at that. All incoming requests will be silently discarded (stealthed).

If you need to block some outgoing connexion, or allow some incoming connexion (both are the exact reverse of the usual conditions) then you need to create a port-forwarding rule, which consists of two parts; firewall and NAT.

Application blocking is probably best performed on the machine running the application, unless you wish to prevent some network-wide nuisance.

;o) Cor


Recall - 22.04.05 8:30 pm

Cor, thanks very much for the help. I am so glad I came across this site. I nearly was going to use my Nvidia hardware firewall, as had zero idea on how to setup a router firewall. But you have been a saviour!

One quick question, I am going to be connecting another computer at some point. Will this protect my other LAN port as well? Or is it best to setup the Nvidia firewall which is on the other port for protecting my LAN? I would rather not use the USB connection for routing.


mub - 22.04.05 9:24 pm

Hi cor,

Thanks for your help before. I haven't tried the VPN without port 500 open but I will next Friday . . . . probably.

I'm still getting a problem of my FW rules get messed up.
I have quite a few ports above 128 open but only ports 21, 25, and 80 below 128 open. It's fine for a time then ports 21, 25, and 80 disappear and about 10 new rules appear. Number 11,12,30,31,50 and others. It doesn't seem to follow any pattern except it's the same ports that vanish and the same ports that come back.

I've just had a thought. I'll have to check next time it happens but i think some of the new rules are the original ones with different rule id's. But that doesn't account for the other extra rules I adds.

The Port Forwards are fine though.

Anyway, hope that all makes some sort of sense.

Thx.
mub


Recall - 22.04.05 11:36 pm

One other question, how do I see my download and upload attenuation with telnet?


Bael - 23.04.05 11:49 am

yeah, probz will get used 2 azzy eventually =P tho i'm havin problems with it already lol, when i try downloading plugins from inside it directly....nuthin happens it doesnt download anything, even tho i kno the plugins are online cus you can dl them from soundforge =S i havn't tried it witha torrent yet tho lol....cant think of anythin i wanna download, cept this, but i need your help with this to lol,

Click Here

this is what i wanna download, but it says the tracker is down, but there is a backup tracker enabled, so how do i get it to connect to the back-up tracker instead?? cus it just keeps sayin "no-data from tracker".

thanx
Bael


cor - 23.04.05 1:36 pm

Recall, buy an Ethernet Switch (NOT a "hub", unless it's a "Switching Hub"!). Do that first, they are around ten bucks.

In fact, anyone reading this, who doesn't own an Ethernet Switch, please go out and buy one now. You will need it, and it will save you WEEKS (total time spent) of trouble in that period when you're "getting by without a switch".

If anyone reading this paragraph doesn't own an ethernet switch, please read the previous paragraph! smiley for :lol:

Then it goes Internet >> Voyager 205 >> Switch >> Computers. The 205 continues to act as a hardware firewall, protecting your whole LAN (basically, anything plugged into the switch) If you need to add more computers than your switch has ports for, just add another switch, and so on. The switch does all the complicated stuff, you just plug 'em in!

GET A SWITCH!
(unless you will only ever have one computer in your house, in which case; wise up! they're soooo cheap! hahah)

As to the telnet statistics, I don't know which ones you mean, but get will most certainly be how the command begins, try get ?

mub, like most people, you kinda skimmed through most of the pages here. Don't feel bad about it, it's human nature. smiley for :ken: I mean, I just spent five minutes typing a well-worded answer for Recall, when in fact, I've already answered the same question many times, AND incorporated the answer into the main articles. Same story here! I don't mind, it's my day off! smiley for :roll: So long as you don't mind me utilising the opportunity to rant and discect human nature! smiley for :lol: I mean, I just spent five minutes typing a well-worded answer for Recall, when in fact, I've already answered the same question many times, AND incorporated the answer into the main articles. Same story here! I don't mind, it's my day off! smiley for :roll: So long as you don't mind me utilising the opportunity to rant and discect human nature! smiley for :lol: I mean, I just spent five minutes typing a well-worded answer for Recall, when in fact, I've already answered the same question many times, AND incorporated the answer into the main articles. Same story here! I don't mind, it's my day off! smiley for :roll: So long as you don't mind me utilising the opportunity to rant and discect human nature! smiley for :lol.gif where was I?..

The rules you refer to are built-in. Every time you reboot the router, they are re-inserted. To remove them, use the "rad" script, from my public archive (links above these comments), available for Windows and *nix platforms.

Because of these automatically inserted rules, you will need to create your server rules with different ID numbers, as explained in the recipes for these servers, troubleshooting page, etc. I use 808 for my webserver, 2121 for the FTP, etc. The numbers themseves are arbitary, but these are sensible choices.

Bael, power to ye dude! stick at it!

To use a backup tracker in Azzy, simply edit the details for the torrent (after opening it, of course). The easiest way to get the details, is to double-click the torrent in the queue.

Then go to the "General" tab and right-click the "Tracker URL" (I know, it's plain text, and doesn't look like it could be right-clicked, but almost everything in Azzy can, and that's a good thing!) and select "edit URL", you'll get a dialog; do the same there for the actual address; right-click, "edit URL", and enter the backup URL. Okay that, and it will connect to the new tracker immediately. Except that one looks dead. Try another torrent!

I'm glad to answer any Azzy questions! And that was all from memory (even though I have my linux desktop in a VNC session here somewhere! I've had to edit a few tracker URL's myself recently)

Plugins, I always grab manually, from sourceforge, and install afterwards. I haven't even tried to do it from inside azzy itself! (a minute later...) hey! that's cool! I just installed "Upload Shaper" from inside azzy, using the plug-in installation wizard. Hey! now it's in my seeding queue! It was a torrent! This is too funny, I must still be a bit tipsy from last night! smiley for :lol:

And hey! as for that "cant think of anythin i wanna download", man! You must be on a different internet from me! I'd need a 20MB link to even scratch the surface of all those goodies!

Have fun dudes!

;o) Cor


funy - 23.04.05 3:08 pm

im here trying to set up my friends xbox on xlink kai but for the life of me i cant get it going. i have set the filters you suggested for adrian but they dont seem to work here.

pulling my hair out :(


cor - 23.04.05 4:13 pm

funy, importantly, you'll need to give the xbox a static IP before you start messing with router rules and suchlike, say 192.168.1.200

Then do all the stuff here, static IP, stealth rules, etc, but replace stealth rule 500000 with a port forwarding rule redirecting everything to the xbox, like this..

create ipf rule entry ruleid 500000 ifname public dir in act accept transprot eq tcp seclevel high medium low

create ipf rule entry ruleid 500002 ifname public dir in act accept transprot eq udp seclevel high medium low

create nat rule entry ruleid 500000 rdr lcladdrfrom 192.168.1.200 lcladdrto 192.168.1.200


If you do this, and it works, let me know!

You may need to alter the nat rule to go before the NAPT, say ruleID 99999. but try the above first and test, test, test!

keep us posted!

;o) Cor

ps.. cool trick for all router owners..

If you replace your own "stealth rule number two" with the above code, any incoming packets will be forwarded to a non-existant machine! (192.168.1.200, or just make it up!)

The sender (or "attacker", perhaps) will, rather than just have their packet dropped (the usual way of "stealth"), get back a "destination unreachable" (aka. "No route to Host") packet (from your trusty Viking). If you think about it, this is perfect stealth", it's like you really don't exist. Try it at my port probe!

Am I overlooking something, or is that the neatest trick of the week? smiley for :lol:


funy - 23.04.05 5:34 pm

thanks cor i'll give that a try when im there again tomorrow, so the ports need to be forwarded to the xbox then? i thought it had to be to the pc with xlink on.

Will try and post how it went.

Thanks


cor - 23.04.05 6:20 pm

erm, xlink? dunno about that! smiley for :lol:

I've got zero experience with xlink, whatever it is. perhaps you do need to go via the peecee, but it depends what you're trying to do.

Wherever the host is, the machine serving the game, that's where you need to forward ports to. If the xlink system running on the peecee needs some incoming connexions, make regular port-forwarding rules for those, just like we do for p2p apps, no worries.

A wee google later..

It appears you will need one single port-forwarding rule to run Kai, a UDP rule for port 30000. Along with the "xbox stealth" from above, you should be good to go. Any incoming that isn't specifically covered with a port-forwarding rule will pass to the xbox, so you should get the best of both worlds with the above setup.

test, test, test!

;o) Cor


prv.joker - 23.04.05 7:23 pm

hi cor.

Thanks for yor info on p-fwd multiplayer Mohaa/sh/bt.

And modem/router config.

This is bound to be a silly thing to ask "BUT" here goes!

I have ave'upload speed around 288 Kbps

And a ave'download speed around 2272 Kbps.

Is There a way to config your bandwidth so as your upload speeds
could be increaced/at the cost of download speed being lower?

The reson being"BUT" i might be wrong!.. I use a second System
with/os server 2003 /2x10.000 rpm s-raid hard drives. and i lunch
multiplayer game servers,,only 4-6 players very low ping.

Would a faster upload speed improve performance when lunching a game server?

If my thinking is wrong, dont laugh to hard! lol

But would like to know if it is poss'or would it work

please let me Know prv.Joker


cor - 23.04.05 9:34 pm

Good questions..

prv.joker..
Is There a way to config your bandwidth so as your upload speeds could be increaced/at the cost of download speed being lower?
No.

I've asked BT about this, even implied that I would be willing to pay extra and have a reduced download speed into the bargain. no dice. there simply isn't a package available, and the limits are hard-wired, no amount of configuration at our end will make any difference.

Please email BT and ask yourself; the more of us that do, the more likely they are to take notice, and at least begin investigating whether such a thing is technically possible, or feasible. Currently BT offers one of the fastest ADSL upload speeds around! No, really! It may be a joke, but it's a fairly widespread one..

http://www.uk-bug.net/Article727.html

prv.joker..
Would a faster upload speed improve performance when lunching a game server?
That depends. I don't know how much difference there would be with launching the server, and folk connecting to it, good ping times matter more here. But for continued gameplay, yes, a faster upload will help greatly, and also proof you against other network traffic interfering with your game server.

BT do an SDSL service, but the price doesn't appear to be earth money. Maybe one day.

;o) Cor


prv.joker - 24.04.05 1:09 am

Thanks cor.

At least i was thinking along the right track.

And will email BT as soon as im done here.

As customers,it would be a great if bt or Others,came up with
a package that alowes users to config there bandwidth to suit
there needs!

Nice thought.After all we pay for what we use up or down stream.

Tanks for your time,,,Joker


prv.joker - 24.04.05 1:15 am

lol,,http://www.uk-bug.net/eusty/uploaddetail.htm

Very Well Done lol lol lol,I though i was onto a winner there
nice 1 will cath a few more with that lol c-ya!lol,,,joker lol
nite cor.


Mick - 24.04.05 8:07 am

Funy - I think you need to directly hook your pc and xbox up via like a lan card yo use xlink and xbc so im told, i used to use it :P

Cor, ur a dam genious but like genious' their nvr understood :P lol. Im kinda a newb at this whole port thing so can u give me a rule or something to help me xbox work and me download similtaniously?
Xbox ip: 192.168.1.35
Pc ip: 192.168.1.3
Im not sure wat ports or what the xbox needs :S but when i created a nat rule without telneting making the xbox a dmz it works althought afterwords when im downloading i think its affecting it because the face is yellow r blue. :S
Thx and apreciate help so far smiley for :D


Simon - 24.04.05 1:12 pm

Thanks Cor for the site!

Great info, well laid out on nice looking pages - good job!
Tried all your advice to get bit torrents working but no joy until I read the roubleshooting page and then got me-self a nic. So if I was to make a suggestion it would be to have that info on your home or recipe page.

On the Quick Start page of the router can you rely on the Data Received info, is it reliable? Also now I've got a nic in task manager (XP) under the networking tab the link speed is 100mbs but my connection is 1mb, anyway you know of changing this?

Thanks again.
Simon


mub - 24.04.05 2:03 pm

Thank cor, your right I didn't look closely enough. :)

Fixing it now :)

mub - Duely Disected



cor - 24.04.05 2:21 pm

Damn! I did it again! rebooted before posting my comment! ( bangs head off desk ) I'm testing stuff today, installing things, as I have replaced my final Maxtor (crap) with a nice Seagate (yum). AAARRRGGHHH! It was a corker as well! Och well, C'est la Vie!

/cor composes himself, deep breaths..

Yeah joker, it's a beauty! got me going, that's for sure! Maybe I should put it up with the "useful links", just for fun! smiley for :lol:

Mick, to cut a long (though witty and highly enjoyable) story short, use my "xbox stealth" rules from above. I've been running like this since I came up with it yesterday. Works great! You don't need an xbox to do xbox stealth!

DMZ's are usually a last resort, because they create an "either/or" situation for your LAN servers. With the "xbox stealth" (I give these things cute names just so we're all on the same page!) you have the best of both worlds; regular server/p2p/torrent rules work as normal, being numerically earlier, and anything that isn't specifically covered by a port-forwarding rule gets directed to the xbox. TADA! Just like a DMZ, but better.

In theory, this is an excellent way to setup a LAN+xbox, even if you don't have an xbox! But I'd like some feedback from someone who's put it into practice before I do an "xbox recipe"; something I'd love to do, asap! I'd also like to know if putting the xbox stealth rule before the NAPT rule changes things for the xbox, just curious.

The real beauty of this setup is (apart from the "perfect stealth" thing), once the xbox stealth is in place, you won't have to consider port-forwarding for new xbox games, or even existing xbox games, they'll just work!

Essentially we are using the xbox as a sort of "lightening rod" for incoming connexions. All requests/attacks/whatever get routed to the xbox, safely avoiding our user machines. A firewall catch-all!


Simon, You're Welcome!

Yeah, I guess I could put that information somewhere more obvious, but it would kinda spoil the punchline a bit, I get a perverse kick whenever someone clicks the troubleshooting link that goes "My router keeps disconnecting all the time!". smiley for :lol:

"USB" and "Networking" don't really belong in the same sentence, and I do drop quite a few hints elsewhere in these pages.

I mean, you'd think folk would know that anything BT tells them is probably rubbish!?!

It's obvious innit? innit?

OH FECK! OKAY THEN! I'll add it to the main page!
(consider it done, it is. see above)

You drive a hard bargain dude! smiley for :lol:

for now..

;o) Cor

ps..mub.. SWOOSH! smiley for :D


Simon - 24.04.05 2:37 pm

Hey I was only suggesting. You're the boss an image




cor - 24.04.05 2:48 pm

The "Simon Says" gag was too good to miss! smiley for :D

;o) Cor


prv.joker - 24.04.05 4:11 pm

Yeah Cor!

I think you shuold put it up with "useful Links"lol
Go on, see how meny Gotcha! Hits you get.
Hee! Hee!.c-ya! cor...../....joker


nemesis101 - 25.04.05 12:04 am

I have a Belkin wireles access unit hooked into the router's Ethernet port... for a while all was well but now two different computers - in both XP (Yuk) and Linux, keep dropping out... it's odd that "repair" will often fix the problem and it seems like a dhcp thing failing to deliver an IP every time? I tried giving the pc a static IP and allocating dns and gateway to the default router address (192.168.1.1) but this still remains unreliable, When connected directly or via a hub using Cat 5 hardwire no problems, yet the wireless access unit works flawlessly in other networks, and appears to activate the ethernet port on the router? This is my second Voyager in a month, and BT have suggested that BT Communicator is the cause (lol) but their patch to firmware 1.6 has not worked, and as I told them the same faults crop up in Linux this came as no surprise to ONE of us! Any thoughts? Ta!


cor - 25.04.05 9:40 am

Perhaps we need more information for the diagnosis. If it's communicator causing the router to lock-up, all the lights will be on. Are all the lights on when the connexion drops out?

You might want to open a telnet session to the router and leave it open, see if any unusual messages appear (the congestion messages are normal!)

You'll definitely want to tweak the "MaxIPSessions" from the default of 192, to the maximum of 512. See the Essential Tweaks section above these comments for more details.

;o) Cor


Mick - 25.04.05 3:10 pm

Cheers cor lol, wel if ur interested in the whole "let my xbox take the hackers" mite interest you to know that what i was told by the dudes on the help line is.. "xbox live needs ports udp 88, udp 3074 and tcp 3074" im gona look now were u wrote those rules and try it out, thx a bunch. smiley for :D


Mick - 25.04.05 3:19 pm

P.s. Cor, what i did was deleted me previous 500000 firewall rule i used on your stealth page and replaced it and added the following:
create ipf rule entry ruleid 500000 ifname public dir in act accept transprot eq tcp seclevel high medium low

create ipf rule entry ruleid 500002 ifname public dir in act accept transprot eq udp seclevel high medium low

create nat rule entry ruleid 500000 rdr lcladdrfrom 192.168.1.35 lcladdrto 192.168.1.35

Hope this works, il let ya know and if it doesnt ul hear from my lawyer lol :P


Tom - 25.04.05 8:37 pm

I have SANS Dns Server running on my server. The router is pratically as is out of the box. On the server there are 2 POP Servers, 2 SMTP Servers, A HTTP Server and A FTP Server amongst other things. How do I configure both SANS and the router so:

mail.tom.m.net
ftp.tom.m.net
www.tom.m.net
(and possibly more)

all point to my server from anywhere on the internet.

I want everything to be running on my server without using DynDNS or similar.

Please Help,
Tom


Bael - 25.04.05 8:42 pm

Hey Man,

Did they introduce the usage restriction already??? cus 2day my internet started goin REALLY slow xD, im struggling 2 get a DL speed over 20kbps on any torrent =S

Thanx,
Bael


puremind - 26.04.05 12:14 am

I have followed the instructions with great care and I don't have problems to open ports and get p2p applications to work on my computer.

My "only" problem is that the router keeps disconntecting. This happens after I have added Firewall and NAT rules on non- standard ports AND the corresponding application is using the ports. If I have the p2p application running, then web pages are sluggish to load and eventually the connection with the internet is interuppted (the p2p application initialises server connections and the web pages don't load anymore). Eventually, after a few seconds the connection resumes.

I have checked everything on the checklist. I have tried different sets of Firewall and NAT rules and even tried to change the properties of the PPP interface!

I have a second probem: I am trying to use a remote control program on my computer (netobserve). The program is web-based and uses port 80. The programme interface can be accessed via Internet Explorer by typing in the addresse of the remote computer on which the server application is running. Although I can reach my computer from my own computer using my LAN IP (via the router), I can't access my computer from another PC outside the LAN even though the server application is configured to run on the external IP. When I am typing the external IP in the Internet Explorer of the remote PC, I just get the Router configuration page instead of the remote management tool. Do you have an idea what is happening and how I can solve this? I have tried so many things already (both 80 and non standard port, set the corresponding Firewall and NAT rules.

I have the same problem using Radmin (Remote Administator).

I would be grateful for your help!

puremind


cor - 26.04.05 3:37 am

Mick, my legal team awaits! smiley for :lol:

Tom, what you want isn't possible. To set yourself up as an A-Class DNS server, you need a static IP. Do you have a static IP?

A domain's registration records contain the IP of the two validated nameservers for that particular domian. Those numbers must be fixed. And once they are, it can take days, even weeks for them to propagate through the entire DNS system. By the time this is fully accomplished, your IP may have changed. You see ther difficulty? Certainly makes products like this rather intriguing.

In the real world, there are services out there that will do all this for you, all the major DDNS players do a "real" domain service, providing dynamic DNS services for TLD's (yours are fictional, I hope!) Google around a bit, save yourself the wasted effort!

Bael, not for me! Even if they had, for you, you'd get a warning email from BT long before any speed reductions were implememnted. Try one of the top-five torrents at The Bay, as a wee test. But only if you own the original media, etc, etc..

puremind, I'm presuming you're all connected up with ethernet. These sound like the kind of crazy issues USB users face!

Next I'm thinking "MaxIPSessions Tweak", but I'll assume you've done that, too. Hmm. Open a telnet session and leave it open, watch for any unusual messages.

As to the second problem, it sounds like the Web Administration interface is enabled on the WAN side. If not, perhaps you've left in the "automatic" rules that are inserted after a reboot. If so, use my "rad" script to delete them quickly. Those rules will mess with incoming connections on all the major serving ports!

Feel free to get back with more info/errors/messages/etc.

for now..

;o) Cor


Mick - 26.04.05 1:13 pm

Cor, it half worked lol, i cant still download torrents and play on xbox live but... i cant join certain people online and i had this problem before i was told its due to my router and to make my xbox a DMZ which worked so somethings wrong :S lol. Ill c u in court :P


cor - 26.04.05 2:27 pm

Mick, those changes won't affect your torrents at all, ergo, something else must wrong with your setup.

Do you have port-forwarding rules setup for torrents? And is the xbox DNS setup correctly? Feel free to send me your router config, I could take a look. (SAVE (or "commit") first)

By the way, almost every config file I've looked at so far had fairly obvious "issues". Sometimes it just takes a fresh pair of eyes to spot them.

for now..

;o) Cor


Mick - 26.04.05 10:49 pm

Yea i know wat u mean after seeing how u did those port forwards it makes understanding it ALLOT easier lol. Well, i have ports 42910 open for azureus and its working great (thank you). I made the changes u suggested for a guy called funy which are delete the previous 500000 firewall rule i used on your stealth page and replace it and added the following:

create ipf rule entry ruleid 500000 ifname public dir in act accept transprot eq tcp seclevel high medium low

create ipf rule entry ruleid 500002 ifname public dir in act accept transprot eq udp seclevel high medium low

create nat rule entry ruleid 500000 rdr lcladdrfrom 192.168.1.35 lcladdrto 192.168.1.35

Which worked good but had problems connecting with one person, so i made the xbox (whichs ip is 102.168.1.35 and DNS stuff is right i think) a DMZ now wierdly xbox is working perfect and so is torrents. Misson acomplished Cor tyvm smiley for :D

And if u need help with ur xbox page im ur man.



cor - 27.04.05 12:55 am

Wi(ked! smiley for :D

In our stumbling way, I think we've hit the Jackpot!

The voyager must be executing the NAT rules before the DMZ, which seems fairly sensible, so the 205's default rules, and also our regular stealth rules would prevent that mechanism from working correctly.

With "Console Stealth"(that's a better name!) + DMZ the 205 is in no doubt about where to send those stray incoming packets! Just like my dog, needs to be told twice! smiley for :lol:

About the xbox section, definitely! Start by sending me your exported configuration file, I can get most of the juicy stuff from that. Screencaps of your xbox DNS setup screen (even a shaky webcam-type shot) would also be cool. And a rough list of the games that work well for you. I'll likely think of something else!

for now..

;o) Cor


Foz - 27.04.05 1:44 pm

Im playing counterstrike source, when I first set this up and I searched for servers, it only brought back 50-60. Then i found a page on your web site telling me how to sort my voyager 205. Then i got min 400. I have just updated my firmware (v1.6) and its gone back to only finding 50-60 but now i cant find the page telling me how to sort this.
Please help


Mick - 27.04.05 5:16 pm

Cor, cant get on that page its asking for some sorta password lol. What u need to do in essence is..

In the xbox dashboard make your xbox ip manual and put it to 35 or more (so i was told) E.g. 192.168.1.35 (or more)then open router section in the configuration page, go to the nat\dmz part, create a nat rule which makes your xbox ip a Dmz which is what ive done and i can also run fast torrents now thx 2 u smiley for :D cheers


Mick - 27.04.05 5:17 pm

Also xbox live help line told me that the xbox needs ports udp 88, tcp 3074 and udp 3074 if thats any help to u.


cor - 27.04.05 7:07 pm

Foz did you keep a backup of the old configuration? Those commands will still work. Export your new config, and add the commands you need. Upload it again (FTP) and it will reboot with the new settings.

If you don't have a backup (*sigh*), it's probably best to go through this page and apply all the tweaks again, then create a port-forwarding rule for the game and its ports. See the recipes page for more details (all links at the very top).

l*rz..

;o) Cor


cor - 27.04.05 7:10 pm

oops, missed you there Mick, thanks for that. The "35" is to get past the DHCP pool, but I generally recommend folk disable that anyway.

The good thing about this approach is, once its setup, it doesn't matter what ports the xbox needs now or at any time in the future; it's getting them all!

cheers dude!

;o) Cor


Foz - 27.04.05 7:13 pm

No stupid me didnt, i will go through as you say.
you did have a page just for css though didnt you?
Thanks



Uncle Bob - 27.04.05 10:02 pm

Just a quick question. How do I enable FTP downloads. I'm trying to download drivers from HP, but are not able to. An example URL is http://h18007.www1.hp.com/support/files/handheldiPAQ/us/download/22570.html Normal downloads are fine, its just the FTP ones that does not work.


mub - 27.04.05 10:22 pm

Hi cor

This is an obscure one for you. I play a game called netKar and I'm having trouble connecting to outside hosts. I've made sure all the correct ports are open and the port forwards work fine coz I can host OK, which is strange. Anyway Here are the ports netKar uses. Is there anything about these ranges the voyager won't like? Maybe something in the alg rules.

6000 TCP and UDP
1000 to 2000 UDP only
32766 to 32767 TCP and UDP

mub - Vrrroooom....no!


mub - 27.04.05 10:24 pm

netKar problem continued...

Here is a clearer account of the problem, if it helps.
netKar. It's a very good racing sim.
1. I can host a netKar server with a problem.
2. I race using my main PC and can connect to my own server no probs.
3. My main PC and Server are on the same subnet so it connects on the servers' internal ip address. So it's not going through the voyager in any way.
4. When I try connecting to a server on the internet somewhere, it successfully joins the server but then it won't "sync" (something netKar does when u actually join the track)
5. I had no problems on NTL with my Linksys, but now I'm with BT and using a Voyager. (not a dig at the voyager which has been cool up until now)

IT's a weird one realy. I've had lots of experience fixing other peoples netKar connection troubles, but this one has me stumped.
I've looked through a backup of the routers config. There are some ALG entries that look like they might clash with the netKar port ranges, but I could be just guessing. My other guess is the Voyager doesn't like the way netKar formats it's udp packets, or something along those lines.

Anyway, hope you can give me a clue or 2.

mub - Vrrrooooommmmmm....no!


Mick - 27.04.05 10:43 pm

No sweat cor least i could do, BUT i jus double checked its friggin recked lol. Im pretty sure ur way was perfect the 1st time and the reason it didnt work it cus the 1 guy i cudnt get in a game with just changed his router settings not me! So when i made the xbox a DMZ it messed up my torrents, so i deleted the rule and got my fingers crossed its gona work now. In essence what u did was make everything what im not doin on the pc is forwarded to my xbox? Does this mean my pc may miss stuff and my xbox will pick it up?

Yea and for ur site info, the only game really effected badly with ports and stuff is Halo 2 many people had the problem with connecting to users due to NAT problems, and uve solved it. Plus microsoft who made the game cant say how to fix it because its to do with routers and they cant really comment so not many can fix but soon will thx 2 u :)

Cheers m8.


cor - 28.04.05 2:10 am

nah Foz, not for any games. I've got an old ports list kicking around somewhere, but there's a better one in the useful links section.

Uncle Bob, FTP should just work, no problems (stealth rule one covers ALL outgoing communications). I suspect your browser's MIME-Types are incorrectly setup, or something like that. Installing dodgy download managers can sometimes do this, amongst other things.

That particular page has lots of JavaScript, too. Ensure you have javascript enabled in your browser. Maybe try another browser. I recommend Firefox almost exclusively these days.

well mub, I'm scratching my head too! I don't see any alg rules in my config that would intefere, but feel free to delete any you don't like the look of. You might also want to play around with the UDP timeouts (perhaps TCP, too). MIne are currently..
modify nat global tcpidletimeout 3600 tcpclosewait 45 tcptimeout 30 udptimeout 90 enable

but a very short timeout might be better for you. I can't think of anything else for now. mail me your cfg if you want a second opinion on it.

Hey Mick, fingers crossed!

With console stealth, ALL incoming requests, not specifically covered by a port-forwarding rule are routed to the xbox. The 205's NAT will run through the list and route anything it finds there; BitTorrent rules, web servers, whatever, just like with the regular stealth rules.

If the 205 doesn't find a match, the xbox gets it! The only possible issue is if some game happens to use the exact same port you have configured for your p2p app, but with 65,535 of them, this is fairly unlikely!

keep us posted!

;o) Cor


Uncle Bob - 28.04.05 5:39 am

Cor,

I use Firefox 1.0.3 and have all the required plugins/extensions. I tried with IE as well. When trying to download, after a short while the Broadband Health thingy pops up testing the connection, but all shows OK. The router firmware is the latest - v1.6


nige - 28.04.05 11:55 am

Hi, trying to get winmx running, followed your pages word for word, no luck, port tests shows ports refused. Using ethernet/static ip, everything. please help


cor - 28.04.05 3:25 pm

Uncle Bob, mail me your config, I'll be able to tell if it's the router causing you trouble, or not. I tried the link myself, and got an SPsomething.exe file in my usual download folder.

Another possibility, Firefox has automatically downloaded the file to your default download location. What does it say in the firefox download manager? Was there a particular error?

"Broadband Health" ??? Que?

nige did you run through the troubleshooter checklist?

Remember you can only test TCP with the probe! It was the TCP port you were testing, yeah?

Mmmm..

;o) Cor


Cal - 28.04.05 4:49 pm

Hey there, can someone E-mail me or find me the website to download the BT Voyager 205 ADSL Router drivers, iv looked everywhere my e-mail is yummyfakecake@hotmail.com

This would be very nice if someone could as i am very desperate for these drivers.


Sylver123 - 28.04.05 5:27 pm

Cal, here are the BT Voyager 205 ADSL Router drivers.

http://www.downloads.bt.com/btbroadband/drivers/BT_Voyager_205_driver_download.zip


Sylver123 - 28.04.05 5:29 pm

Cal, here are the BT Voyager 205 ADSL Router drivers.

http://www.downloads.bt.com/btbroadband/drivers/BT_Voyager_205_driver_download.zip


cor - 28.04.05 5:37 pm

aww, Sylver123, I was gonna wait for him to discover the link on this very page, maybe drop a clue, or something.

refresh = bad

(tip, click the "main 205 page" at the top twice!)
I gotta put that somewhere.

/me fires up ftp client..

;o) Cor


Uncle Bob - 28.04.05 6:24 pm

Cor, needless to say, today I'm able to download from the hp ftp site without a problem. I suppose that yesterday that particular file might not have been available...

Rergarding the "Broadband Health"; its that other needless stuff that also instralled from the cd which came with the cd. - BT Broadband Help. Hey, what could I do?! :( Could not get just the driver as no internet connection, had to install from cd before able to search for driver on net. that's how I found your site...

PS where to I get the "get fwl blacklist" from. when entering this on my router, it comes up error: no entry found?




Mick - 28.04.05 6:33 pm

I hear what ur sayin and it sounds flawless, i took the DMZ rule out, now torrents running smoothly and xbox live is running but with problems. I still cant connect to certain people and the only reason is because if a problem with NATs lol, Nothings ever easy.. especially with pcs. Mabey the problem jus cant be fixed or else its the people i cant joins fault :S


Uncle Bob - 28.04.05 7:35 pm

COR, U DA MAN!!! I followed some links and suggestions elsewhere on your site and this is the result: (PS feel free to edit if its too long)

1. Attempting connection to your computer. . .
Shields UP! is now attempting to contact the Hidden Internet Server within your PC. It is likely that no one has told you that your own personal computer may now be functioning as an Internet Server with neither your knowledge nor your permission. And that it may be serving up all or many of your personal files for reading, writing, modification and even deletion by anyone, anywhere, on the Internet!

Your Internet port 139 does not appear to exist!
One or more ports on this system are operating in FULL STEALTH MODE! Standard Internet behavior requires port connection attempts to be answered with a success or refusal response. Therefore, only an attempt to connect to a nonexistent computer results in no response of either kind. But YOUR computer has DELIBERATELY CHOSEN NOT TO RESPOND (that's very cool!) which represents advanced computer and port stealthing capabilities. A machine configured in this fashion is well hardened to Internet NetBIOS attack and intrusion.


Unable to connect with NetBIOS to your computer.
All attempts to get any information from your computer have FAILED. (This is very uncommon for a Windows networking-based PC.) Relative to vulnerabilities from Windows networking, this computer appears to be VERY SECURE since it is NOT exposing ANY of its internal NetBIOS networking protocol over the Internet.
__________________________
Checking the Most Common and Troublesome Internet Ports

This Internet Common Ports Probe attempts to establish standard TCP Internet connections with a collection of standard, well-known, and often vulnerable or troublesome Internet ports on YOUR computer. Since this is being done from our server, successful connections demonstrate which of your ports are "open" or visible and soliciting connections from passing Internet port scanners.

----------------------------------------------------------------------

GRC Port Authority Report created on UTC: 2005-04-28 at 19:06:27

Results from scan of ports: 0, 21-23, 25, 79, 80, 110, 113,
119, 135, 139, 143, 389, 443, 445,
1002, 1024-1030, 1720, 5000

0 Ports Open
0 Ports Closed
26 Ports Stealth
---------------------
26 Ports Tested

ALL PORTS tested were found to be: STEALTH.

TruStealth: PASSED - ALL tested ports were STEALTH,
- NO unsolicited packets were received,
- NO Ping reply (ICMP Echo) was received.

----------------------------------------------------------------------

GRC Port Authority Report created on UTC: 2005-04-28 at 19:09:30

Results from scan of ports: 0-1055

0 Ports Open
0 Ports Closed
1056 Ports Stealth
---------------------
1056 Ports Tested

ALL PORTS tested were found to be: STEALTH.

TruStealth: PASSED - ALL tested ports were STEALTH,
- NO unsolicited packets were received,
- NO Ping reply (ICMP Echo) was received.

----------------------------------------------------------------------



cor - 28.04.05 9:00 pm

yup, Uncle Bob, that's the one! Hey, this comment file's gonna be a meg soon, what's another few KiloBytes! smiley for :lol:

Stealth is the perfect start to any firewall. From here we can allow certain access as required. Feel free to keep on soaking up the text here, there's some juicy stuff, much of it really only making sense on a second reading!

By the way, the error isn't really an error, it simply means you haven't enabled blacklist protection. With full stealth, this is optional, anyway.

Aye, Mick, nothing's ever easy when you start to add "other users" into the equation (there would never be any road accidents if it weren't for "other drivers"!).

NAT problems are incredibly common, and it's very likely that the troubles you occasionally face are at their end. It follows, logically, that if you can do it once, you can do it. success is success.

I have four torrents open right now, only one has a green light, but still, I know that my setup works perfectly; a green light is a green light. ergo, it must be trackers/other torrenteers.

keep on rockin'!

;o) Cor


Uncle Bob - 28.04.05 10:36 pm

Me again!!!

How do I enable blacklist protection and what must I add etc. (What can I say, I believe in over-kill)smiley for :ken:


Uncle Bob - 28.04.05 10:41 pm

Me again!!!

How do I enable blacklist protection and what must I add etc. (What can I say, I believe in over-kill)smiley for :ken:


Bael - 28.04.05 10:52 pm

something is definetelt wrong with my setup xD for the past few days ive been downloading at crap speeds =( at first it was averagin around 20-30kbps and now i can't get it to even go over 10kbps with a torrent that has 45seeders and 46peers, i havent changed anything with my router config, and the only thing ive installed in the past few days is, games (half life 2, lineage 2) and i also updated from ad-aware 6 to SE, oh and microsoft antispyware, but that aint a firewall....is it?? heh i have no idea whats wrong you got any ideas man??? lol i need 2 get back2 full speed DLin before May xD

Thanx,
Bael

PS. Uncle Bob enable blacklist, tho it should already be anabled by default, check outt he stealth page for more info ;)



modify fwl global blistprotect enable




Bael - 28.04.05 10:59 pm

well due to my lack of faith in anything microsoft i unstalled there antispyware thing....an guess what lol.....it's fixed =D

can microsoft do anything right lol????

=D


cor - 28.04.05 11:22 pm

I'm glad I missed all that! smiley for :lol:

Is this part of the security centre thing? I don't use any of that stuff. Hmm, this may be of interest to you guys; the list of current running services on my XP box..

an image

And there's a couple there that could be disabled, too. Security is not something Microsoft have a reputation for doing well. The 205 does it better.

;o) Cor


Bael - 29.04.05 12:06 am

No it's not on the security centre thing, it's a new thing, i had a spyware problem recently, and after a guy helped me fix it on some other forums, he told me to download it, as it would help "protect" me lol xD

Take a Look

thanx,
Bael


Bael - 29.04.05 12:18 am

actually i'm not sure if everything is ok, cus its only on torrents with loads of seeds/peers i get good download rates, i mean i kno they wont be as good with torrents with less, but even this one has 10 seeds/14 peers and it is just stuck on "connecting to peers" with a yellow light (im just tryin to sort things out with Bit Tornado lol....atleast i understand everything with it =D soon as this is fixxed al work on gettin to grips with azzy again lol xD

thanx,
Bael

PS...soz lol....pretty much spammin ur Comments Board tonight lol xD


cor - 29.04.05 1:46 am

Interesting. I can't remember when I last checked for spyware, but I'm pretty sure I used SpyBot - Search & Destroy.

I think you probably just need to be more patient with your torrents. Often the initial connexion to the tracker can be slow, sometimes very slow. I've seen it take a half hour to get started. As for top speeds, yes, only very busy torrents will give you top speed.

The science bit; If a torrent has only thirty peers, and each is uploading to a dozen other peers, at a total of, say, 12kb/s per torrent, that's 1kb/s per peer. If you are connected to ALL the peers, you might reasonably expect around 30kb/s. At least, any more would be a bonus. I've had 120kb/s+ from only a dozen peers or less, but that's not the norm.

If you get a green light, ever, then it works! one hundred percent! Any trouble from then on is someone else's troubleshoot!

Here's a torrent you can use to test your connexion..
http://azureus.sourceforge.net/index_CVS.php

have fun!

;o) Cor


Bael - 29.04.05 2:39 am

Yeah i have spyware S&D, didn't fix it tho, i needed to use an app called HiJack This which pretty much gives the details of everythin runnin on your comp, then i got a pro to look at teh log file an he told me what to get rid of to fix the problem, but that same pro told me to instal the microsoft thing lol xD

well atm i got a torrent DLin, and i got the green light, but still my DL speed sucks, and from "the science" bit i figure i should be downloading faster lol, i've got 91 Peers/14 seeds an seeing 25.998 distributed copies which is the highest ive seen any of the numbers, apart from seeds, and i only have a download speed of 50-60kb, and i also i know some torrents take time connecting, like with some it used 2 take like 10-15mins before the light even turned green from yellow, but its doing it for all torrents, i even tried DLing something that i got the other day before it started playing up, cus i know i had a DL speed of over 200kbps on it, but when i tried it today it only just reached 100s xD

think anything on my computer could be slowing anything down other than spyware?? what about a disk defrag lol?? i dunno....its my mates answer to eveythin tho lol xD

Thanx,
Bael


Foz - 29.04.05 8:02 am

cor thanks for your site I now have a better understanding of routers. With the new firmware on the voyager (v1.6) you can open ports easily through the interface. I have opened ports 27000-27015 udp and 27030-27039 tcp and 1200 udp I have opened these for incoming and outgoing. do I need to open them for both outgoing and incoming as there are seperate rules for each( theses are the ports for counterstrike source)
Thanks again
Foz


cor - 29.04.05 9:22 am

Bael..
i dunno....its my mates answer to eveythin tho lol xD
I know that guy! smiley for :lol:

If you get green just once, it's working! Relax! Yes, you'll still want to keep an eye on the total upload speeds (24kb/s practical maximum on BT line) to prevent saturation (which will slow you down) and don't allow Azzy (or whatever torrent client) to use more than, say, 400 total connexions. Keep the TCP & UDP timeouts tight. Any other issues you face will be "out there".

I think perhaps we expect too much from our 50:1 contention ratio ADSL links. No way is anyone gonna get max speed all the time. Last night I was grabbing stuff as 220kb/s, today, my torrent crawls along at 33kb/s. I'm not in a hurry.

If you max out your bandwidth 24/7, you'll quickly hit your monthly limit!

Foz, I feel the force is strong in you! But worry not about outgoing connexions, if you've followed the recomendations here, "stealth rule one" allows everything to pass freely, only incoming connexions require special configuration, specifically, port-forwarding.

The links to the port-forwarding recipes, along with all the other pages in this wee corner of the site, are at the very top of the page.

for now..

;o) Cor

ps.. and RAM! LOTS OF RAM!!


Mick - 29.04.05 1:09 pm

Cool cor thanks, it probibaly is other people cusing the problems, main thing is i got my torrents rockin, cheeeers! smiley for :D PS. were u from cus "aye" is used in either ireland r scotland and im frm N.Ireland smiley for :D


Bael - 29.04.05 2:03 pm

I'm guessing he's from aberdeen. Scotland ;)


more than just for fun...

modify system contact "cor, http://corz.org"
modify system location "Aberdeen, Scotland"
modify system dname "corz.ath.cx"
modify system name "Starship Voyager 205"



prv.joker - 29.04.05 8:36 pm

Hi,Cor

Just a quicki! ( generic rules )single port rules. Nat, Ipf.

My Router IP: on all of my systems sits at: 192.168.1.5"

So all the rules i have created, I end in .1.5 insted of .1.3 or .1.4

Is this correct?.

Ta! Joker




bael - 29.04.05 9:46 pm

Yeah joker, you should direct all your rules to whatever you set your static IP as in Network connections, so if your static IP is 192.168.1.5 then all your NAT rules should read something like this:


create nat rule entry ruleid 1024 rdr lcladdrfrom 192.168.1.5 lcladdrto 192.168.1.5 destportfrom num 1024 destportto num 1024



cor - 29.04.05 10:42 pm

Aye! Aberdeen, Scotland it is!

quickie: prv.joker, you were talking about the IP of your private computer, not the IP of the router, right? The router is usually 192.168.1.1

Thanks bael! Glad to see someone making use of the [code] tag in their comments! (btw, there's pre and coderz, as well as regular <code> tags, too!)

I switched the IP of my own workstation to 192.168.1.3 (which was my now-dead iMac's IP) and I plan to use this for ALL examples from now on, most people have this IP, and it's what they'd get from the router's DHCP pool, too, although it's usually best to disable that.

My plan is to get on with a "basic setup" page, and have a config file ready-made, that folk can simply upload to their router. All the major p2p apps will be configured and ready-to-go, full stealth, etc. Maybe over the weekend, though probably not. Soon, though.

Uploading by FTP is the easiest and fastest way to get a whole new configuration into the router. If you haven't tried it yet, export your config, make a few choice tweaks, and upload it again. TADA!

okay, l*rz..

;o) Cor


prv.joker - 29.04.05 11:15 pm

bael - 29.04.05 9:46 pm

Thanks m8 thats what ive done,Im still A bit green lol,
just wanted to be shure.

thank for your time

cya!


Bael - 29.04.05 11:19 pm

Cor.....
(btw, there's pre and coderz, as well as regular code tags, too!)


ooooohhhh pretty smiley for :D lol

jus a quick question man, im thinking about buying a second xbox, my current one is modded witha really old chip that doesn't support xbox live, so i want a 2nd one for xbox live, but since my pc is using the ethernet slot on my router, how do i hook up the xbox to the router, i guess i could do it by unpluggint eh router from the pc right?? but i'm looking for a way that i could have both the xbox and the PC connected at the same time, would just a regular ethernet hub do teh trick??

Thanx,
Bael


prv.joker - 29.04.05 11:23 pm

Hi Cor

sorry about mistake

were talking about the IP of your private computer, not the IP of the router, right? The router is usually 192.168.1.1"

yes sorry that is the ip of router 192.168.1.1

but the pvt ip 192.168.1.5

again sorry ,,,,,Joker



cor - 29.04.05 11:59 pm

no worries prv.joker, just wanted to be 100%. My router used to live at a weird address, so anything's possible!

hey Bael, check out the bbtags page!

As to your xbox question, the answer is simple..

GET A SWITCH! smiley for :D

for now..

;o) Cor


bael - 30.04.05 1:44 am

ok I'm not completely sure what that is lol....but done a quick search on google, and found out what the difference is between a hub and a switch, and it makes slight sence lol :P just wanted to make sure iv'e found the right thing online for what i'd need :P Click Here
also how would this be set-up?? would i connect all my hardware directly to the switch and it does everything for me?? and would i be able 2 link more than one thing? and do they all neccasarily have to be linkied to the router network, what i mean is, i also occasionally use my ethernet port on my PC to FTP my modded xbox, for ripping games off of the xbox HDD/Disk drvie so that i can make "Back-ups" :P so with a switch would it be possible for me, to have say:

Modded XboxConnected WithPC
Live XboxConnected WithRouter
PCConnected WithRouter


My Mum is also thinking of getting a new computer for downstairs, which is probably gunna be in quite a few monthes lol, but hey it gives me a chace to play with teh tables lol :P so would this be possible as a full network using the switch thing??


Modded XboxConnected WithMy PC
Mum's PCConnected WithMy PC
Xbox LiveConnected WithRouter
My PcConnected WithRouter
Mum's PCConnected WithRouter


Not sure i'd need that last one right??? cus when setting up the "small or office network" in windows, i would just configure it so my Mum's pc connects to the internet through mine right?? sorry if all thats completely wrong lol, i've never set up a network before xD

Thanx,
Bael


cor - 30.04.05 11:40 am

It's a lot simpler than this.

The main difference between a switch and a hub is simply that a switch knows the address of every computer attached to it (including the router) and directs all the data to the correct place, whereas a hub just sprays it everywhere and we hope for the best. Switches are so cheap these days, there's no need to buy antiques like hubs.

As to setup, there isn't any. You plug the router into one port, and all the computers (including the xbox) into the other ports.

That's it! here's some nice ascii art to demonstrate..
[puter]\
        \
[puter]\ \
       [switch]---[205]---[the net]
[puter]/ /
        /
[x box]/

have fun!

;o) Cor

ps.. the switch in your URL is ideal, and a nice price, too. I'll probably replace my link (above) with that one. Anything to stop promoting PCWorld for free!


cor - 30.04.05 11:45 am

by the way, ten out of ten for the bbcode! smiley for :lol:

;o)
(or


Bael - 30.04.05 12:59 pm

kewl thanx for all your help again man =D

lol lovin teh bbcode on your site smiley for :D specially the turl tag :P

Thnx Again,
Bael

I'll be hanging round =) always learn something new when i come here lol :P
also i stumbbled upon this earlier, thought it might come in useful for all teh firefox users smiley for :D and it works great to, Click Here
and for those of you thinkin...i don't need it i use IE, you do need it....go get Firefox!!!! NOW!!! lol j/k but you really should lol =P

an image


Bael - 30.04.05 1:03 pm

also i would have to alter all my Router IPF rules right for it to work with two comps??? eg, have my static IP on one comp as 192.168.1.4 and on another have it as 192.168.1.5, and then modify all the IPF rules to be something like this??

create nat rule entry ruleid 1024 rdr lcladdrfrom 192.168.1.4 lcladdrto 192.168.1.5 destportfrom num 1024 destportto num 1024


is that right??

thnx,
Bael


Bael - 30.04.05 1:04 pm

NAT not IPF lol xD :P


cor - 30.04.05 1:32 pm

you'd only need to alter rules specifically for the other puter. all your old rules for your current puter will still work, unless you change its IP, of course. Leave them alone!

The rule you posted would create a "round-robbin" affect, not what you're after.

I assume you want to run the same server/p2p app on multiple puters. The way to do it is use different ports on each machine, and create proper rules for each one. eg, Azzy on your puter uses port 49300, your mum's uses port 49310, etc.

You're right about Firefox, though. I truly don't understand why anyone still uses IE, but they do! Probably just apathy.

;o) Cor


Bael - 30.04.05 4:05 pm

think it's only really geeks that use firefox lol....Yup i'm a geek smiley for :geek: and proud of it...... say firefox to a computer illeterate person...an they're like..... smiley for :erm: and proud of it...... say firefox to a computer illeterate person...an they're like..... smiley for :erm: and proud of it...... say firefox to a computer illeterate person...an they're like..... smiley for :erm.gif HuH?!?!?! lol :P

but theres a maximum of 20 rules right?? and if i had 2 seperate rules for each p2p/app and theres also games to consider also....won't that mean i will fast run out of rules??

EDIT:
kewl you added an edit function lol =P no more triple posts =D



cor - 30.04.05 4:40 pm

nah, that was just a bug! smiley for :lol:

I am, in fact, adding editing functions, but first for me! still some way to go yet, but the current live script is at least creating the entries my the new "editable" format, and pulling out the entries I ask for. it's all invisible to you guys, of course, apart from when wee pencils appear from out of nowhere!

For a second there, I thought you'd cracked my admin session somehow! but it was just a quick-hack I hadn't yet made "admin only" smiley for :roll:

I have some server issues to work out with the comment script editing, and the insertion code needs to be written, but yes, soon you will be able to edit your own most recent posts. smiley for :cool:

Back to the router, yes, 20 rules could become limiting, but if you arrange your port usage so that you can create rules with ranges of ports, you should have enough space.

There's nothing to stop you putting every single p2p application on your system into a range of, say, ten ports, even all on the same port! Then one wee rule would cover everything! TCP/IP is robust enough to work out where all the packets are supposed to go. For instance, simple tabbed web browsing can entail dozens of separate connexions to many different servers, all happening on port 80, and all happening in perfect order!

have fun!.

;o) Cor


Bael - 30.04.05 5:03 pm

right so say for instance i set limewire 2 run on port 7000 on my comp, 7001 on mums comp, and BT to run on 7003-7008 on mine, 7009-7014 on mums, set my static IP 2 192.168.1.4 and mums to 192.168.1.5, then i would just need the 2 rules on my server that would cover both apps for both comps??
teh rules... i think =P


create nat rule entry ruleid 7000 rdr lcladdrfrom 192.168.1.5 lcladdrto 192.168.1.5 destportfrom num 7000 destportto num 7014


and


create nat rule entry ruleid 7001 rdr lcladdrfrom 192.168.1.4 lcladdrto 192.168.1.4 destportfrom num 7000 destportto num 7014


so if i'm thinkin right that setup would allow both BT and Limewire to run on Both comps, just using the 2 rules???

where do you learn all this stuff lol =P

also i'm thinkin of creating my own website, but i dont wanna pay for it, i've done some searching on google for hosting a website from your own comp, but can only find stuff for something called IIS(internet information server) and was wondering if it was possible for me to host my own website using my internet connection?? is there any like web hosting program available to me, so i can set this up??? also if it is possible i'm not quite sure how it would work....would i just use my proper IP address as the address for the website or would i be able to register a doamin name??

Thanx,
Bael


Mick - 30.04.05 5:23 pm

Hey cor, after finaly getting my Xbox live and Torrents running i keep getin loged of msn every few minutes and i think my modem may be stoping every few minutes :'( Can u help plz?



Bael - 30.04.05 5:33 pm

well i did some more searching, and it turns out that microsoft are scammin me again lol xD
Windows XP Home Edition does not include or support any versions (1.0, 2.0, 4.0) of Microsoft Personal Web Server (PWS). Users that need Web server functionality in a desktop operating system should use Windows XP Professional

so looks like im installing a second HDD =P lol i have my modded xbox's original HDD somewhere =D a massive 8gb :P i replaced the one from my xbox with a 40gb 2 1/2inch hdd i had from a broken laptop :) so i'll install this lil crappy xbox hdd and install win xp pro on it jsut for the IIS thing xD

and Mick i had that problem when i 1st started coming here.....if i did to much demanding stuff on teh internet the router would just pack up and i would have 2 restart it or the comp to get it to work again xD but we found that it was teh fact that the router was connected to my comp by the crappy USB lol xD forgo what cors technical terms were tho lol =S


cor - 30.04.05 7:15 pm

First, importantly, DO NOT USE IIS!!! (or ANY microsoft web server! trust me on that one!)

okay, Bael, your rules won't work. They can't be allowed to overlap. The router has to know, definitively, where to send requests on a particular port. With your rules, if a request came in on port 7000, which machine would get it???

Better; Your puter; limewire 7000, Torrents 7002, WinMX 7004, etc. Mums puter, limewire 8000, torrents 8002, etc. see?

And YES! you sure can can run a web server at home! The best (by miles and miles and miles) is Apache, and you can get a nice windows installer (with php and mysql and all that jazz thrown in, setup, and ready to rock) right here.

Apache can be had in many forms, source packages, binaries, you name it; but easyphp is a great place to start if you're windows webserving n00b. Some folk say it's resource hungry, but that's nonsense; I have a (very old) Laptop (Pentium 133 - for kids!) running window98, with 16MB of ram, and Apache runs great on it!

For a domain, use a dynamic domain name, like corz.ath.cx is. Sign up with dyndns.org and get your 205 to do all that nasty DUC stuff automatically. No raw IP's required!

Even with these easy options, expect to spend a fair bit of time googling, and tweaking and whatnot. It's worth it, though.

By the way, what possesed you get XP home edition! smiley for :lol:

Mick, it sounds like you're overloading the thing! (I'm assuming you're using ethernet, otherwise this would be an easy call!) First, make sure your torrent client (azureus!!!) isn't using too many connexions for itself, especially if you have an intensive game running at the same time. You've tweaked the session to the max of 512, I presume.

Also tweak your TCP/UDP timeout settings as low as you can (so old connexions drop off more quickly), and do watch that upload total ( < 25kb/s or else!)

Games don't tend to use a huge amount of bandwidth, but they do tend to use a lot of connexions, so trim the time-outs, and test test test!

for now..

;o) Cor

ps.. basic admin editing functions now working! smiley for :D


Mick - 30.04.05 7:25 pm

Im not sure what im using lol, all i know is router hooks into my pcs USB port and my xbox uses the other, i never play games and download at the same time but could it just be me overloading because im seeding 1 torrent and downloading+uploading another so mabey im using 2 much upload. Also how would i "tweak my TCP/UDP timeout settings"? Thx a bunch.


Bael - 30.04.05 7:39 pm

Mick that's your problem right there then ;) dont use usb to connect to your router....causes lots of problems, purchase a switch, and connect both your xbox and pc to the ethernet port on your 205, theres a link further up the comment page to a switch in a post made by me, or there is also a link at the bottom of the main 205 page.

lol Cor i didnt choose Home....it came ready installed on my pc.....and back then i saw no reason to get Pro xD

I'll be checkin the Apache thing now then =D if i get stuck you know where i'll be comin lol smiley for :D your like my information database =D

Thanx,
Bael


Mick - 30.04.05 7:43 pm

Jus stoped seeding the other torrent, restarted pc and now downloading 1 torrent without seeding, im getin a decent speed now, i can browse the internet and use msn, very weird :S lol.


Mick - 30.04.05 7:48 pm

Pc is running thru usb for definate i checked beal, My last modem used usb also and i sotrive took out the Card in the back of the Pc with the 56k modem thing on it :S Xbox NEEDs ethernet so im stuck with usb for pc, if a switch is complicated to put in forget it lol ive broke this dam pc so many times it aint funny.


Bael - 30.04.05 7:54 pm

no the switch aint complicated Mick think all you would have to do is keep the exact same config you have now, purchase the ethernet switch, and also a couple more straight thru ethernet cables....not cross-over cables =D then just plug every cable into the switch and thenj the other ends into your, PC, Xbox and 25 and then you should be off......i had the exact same problem as you when i had the router connected by USB...switching to ethernet makes a MASSIVE difference =D

Bael


Mick - 30.04.05 7:58 pm

Cool bael, thanks, are u sure about the ethernet and not crossever cables for the xbox part because im not sure but its either u need crossover or ethernet for xbox and i aint sure which lol. Where would i buy 1 of these switches and how much would they set you back? Is the speed better with ethernet? THX a bunch.


Bael - 30.04.05 8:13 pm

well when your doing xbox system link, you do need a crossover cable, but imagine the witch as biengs one massive crossover cable....it like makes seperate connections to each thing connected to it, and makes a crossover cable effect inside of it....my explanation kinda sucks lol.....have a look here and you'll get it =D


cor - 30.04.05 8:22 pm

one of the great things about a switch is it doesn't matter what type of cable you use. It will sense the cable, and cross or uncross as required. (it's usually called "auto-sensing")

If in doubt.. GET A SWITCH!

yeah, Mick, it sounded like a Pure USB problem, an easy call! You're probably wasting your time with a lot of the other tweaks until you're running on ethernet.

And hey! Bael, you need webserver setup consulatation?
my fees are very reasonable! smiley for :D

early night tonight...

;o) Cor


Mick - 30.04.05 8:25 pm

Cool Thanks, so these are called "ethernet switches" and aer tehy avaiable from most comp stores? Roughly do either of u know the cost of one? Thanks for the help Both of ya smiley for :D


Bael - 30.04.05 8:35 pm

You can get em from PC world for Under a tenner =D i would post teh link i found but it went of this current page lol....an i'm to lazy to go sifting back =D

Click Here


Bael - 30.04.05 8:40 pm

Lol i'm having trouble with the easyPHP already xD it doesnt help that i dont undertsand a word of french lol xD not only that i dont know any php scripting at all lol, think i might just get plain apache and do it in html instead lol :P sure i can find somewhere that will offer ready made PHP scripts i can use =D

an no problem Mick lol helps me sleep at night knowin i can cum here 2 help people, not just leech info out of Cor lol =P


cor - 30.04.05 9:09 pm

switch the language setting to English!

(it was weeks before I realised you could do that!)

You don't need to know php to run easyphp, and you can switch the php part off if you're not using it (module configuration!) but I'd recommend sticking with the easyphp package until you learn a bit more about it; compared to regular apache, it's, well, easy.

The learning curve is steep at first, but you'll find your feet soon enough.

;o) Cor


Bael - 30.04.05 10:13 pm

K, I've been fiddling around with it, and i thought i was getting somewhere lol, i've edited the config file for apache httpd.conf, and i edited:

ServerName localhost

to

ServerName My IP

and i also setup a static domain name on the dyndns site and set it to the same IP as the one in httpd file, but when i try to connect to goto the domain name i set, i get sent to my Router Config Page =S what did i miss lol xD


Mick - 01.05.05 1:41 am

Cor, u prob pullin ur hair out over my xbox lol but still havin problems, all i know is... I replaced my 500000 rule i used for stealth with one u said would forward everything from pc to xbox, it stil aint working well, only thing that works for the xbox as far as i know is to make it a DMZ But when i do that... My torrents are slow on my pc and yellow lighted also ur p2p probe says no route to host where as when it is not a DMZ it says Success!!

Im fine with add and taking away rules from the router each time i wana turn pc of and play xbox but is there a simpler way?

Also Bael And Cor, thx im gona get an ethernet switch smiley for :D


Mick - 01.05.05 1:58 am

Cor, Also spoted what may be a mistake on the site, on the stealth page under the suh-heading "OK! Let's Stealth!" one command says:

create ipf rule entry ruleid 500000 ifname public dir in act deny log enable seclevel high medium low

And the picture of it rule on the configuration page says Log option Disabed, yet when i paste that rule i didnt notice to now but it leave the log option enabled, not sure what this means in the slightest jus thought u shud know lol :)


cor - 01.05.05 10:01 am

Mick nothing you do will work, until you get off the USB! So I'm looking forward to supporting your ethernet connexion, very soon! You will find that most, if not all of your troubles will instantly evaporate.

And hey! It's not a mistake! I didn't used to have logging enabled, now I do! There's a section about it in the tricks page. But yeah, all the images could probably do with an update, for instance the IP addresses of the private machines are mostly 192.168.0.1, etc, which I no longer use. But they're only for illustration.

Bael, this really isn't the place to discuss Apache Setup, but briefly..
Servername me.ath.cx

and when you test your own server, use http://localhost (or http://127.0.0.1). To test from outside, (using http://whatever.ath.cx go via a proxy!

Check out the webserver troubleshooter for some more tips! You may also want to check out the /serv/ part of corz.org, as well as the public archives. There are many php goodies strewn around the place, too.

Note: your copy of Apache came with a full manual, get into the habit of using it, it's quite superb!

for now..

;o) Cor

ps.. Bloody hell! HOW many comments?


crusti - 01.05.05 12:05 pm

hi its me back again

i guess ive been getting it right from the first few visits to this page (so thanks cor),tried it a different way, because using port checking allways gave me the times out error.
People can now join my game server, but only through using my ip, i dont appear in the public servers

let me explain a bit more, been afew weeks since ive been on here

the game needs ports 11001 to 11020 tcp and udp,
and for gamespy 27900 and 28900 udp

so i entered theese rules along with the stealth rules

create ipf rule entry ruleid 11001 ifname public dir in act accept transprot eq num 17 destport range 11001 11020 seclevel high medium low

create ipf rule entry ruleid 27900 ifname public dir in act accept transprot eq num 6 destport eq num 27900 seclevel high medium low

create ipf rule entry ruleid 28900 ifname public dir in act accept transprot eq num 6 destport eq num 28900 seclevel high medium low

so they can join if i give them ip addy, but i dont show up on thier list, is it a stealth problem??

ill send you full commited file if you want

so if you have any suggestiond on why i dont show up id be grateful

thanks for all the advice previous, at least now i can host games

cheers crusti


crusti - 01.05.05 12:26 pm

hi Cor
ive sent you a copy anyway
i know how much you must love looking at other ppls files LOL

cheers crusti



Mick - 01.05.05 2:39 pm

Lol k cheers cor, So when i get the ethernet switch (soon hopefully) What kinda cable do i need to connect my pc to it? A rj-45 or sumfin? Also were in the pc do i hook it up lol, cus i took out my 56k modem card but i do have a LAN card in the back of the pc still can that be used?


mik - 01.05.05 5:04 pm

Hey, Im currently having problem's and am unsure about my router.. I've read through most of the stuff here and find it difficult to concentrate, As i don't know what i'm looking for first.. The problem im having is with game program's (e.g- Counter strike).. And would love a step by step guide!, Thanks in advance

MSN- m33k@tsxclan.net
AIM- mikskater15 (rarely used)


Bael - 01.05.05 6:02 pm

Crusti soz man i'm not as smart as Cor an can't help you lol :P

MickYup you use standard RJ45 cables to connect everything together, straight-thru or cross-over =D You jus connect the switch to your pc With the ethernet port on the back of your comp, if you don't have one you need to also buy a Network adapter for your PC

Mik.....
I've read through most of the stuff here


Read through all of it lol...even if you don't need what your reading at this present time you probably will in the future...an if not.....it's always handy to know =D what exactly are you having a problem with?? i mean with the games??? setting up rules for them??? well the first thing you need to do is find out the port the game is using, so for example, Counter strike source uses ports,
TCP - 27030-27039
UDP - 1200,27000-27015
So you would make rules for each of those ports/port ranges,

TCP Ports:
create ipf rule entry ruleid 27030 ifname public dir in act accept transprot eq tcp destport range 27030 27039 seclevel high medium low

create nat rule entry ruleid 27030 rdr lcladdrfrom 192.168.1.4 lcladdrto 192.168.1.4 destportfrom num 27030 destportto num 27039


UDP Ports:
create ipf rule entry ruleid 27000 ifname public dir in act accept transprot eq udp destport range 27000 27015 seclevel high medium low

create nat rule entry ruleid 27000 rdr lcladdrfrom 192.168.1.4 lcladdrto 192.168.1.4 destportfrom num 27000 destportto num 27015

create ipf rule entry ruleid 1200 ifname public dir in act accept transprot eq udp destport eq num 1200 seclevel high medium low

create nat rule entry ruleid 1200 rdr lcladdrfrom 192.168.1.4 lcladdrto 192.168.1.4 destportfrom num 1200 destportto num 1024


thats all there is to it =D if you ever get stuck creating rules, just goto the "NAT Recpies Page of this site, and look for the Generic Rules section, it has all you need to know, part from the ports but you can find your ports on the link i provided further up =D you have to define whether its UDP or TCP in the IPF rule =D and always remember to go into the advanced page of your router config page to save any changes you make using telnet :)

Bael


Bael - 01.05.05 6:38 pm

Correction, It's just regular couter striek that uses those ports not source, strangely cs:s aint on that site, it probably uses the same pots as "half-life 2 steam server"

also Cor, i went back to easyPHP, and i am still havin major troubles lol, i've ran through you webserver troubleshooter like 4 times lol xD i have no idea why it ain't working lol, i have set up the htpd.conf correctly telling it to use mydynDNS.ath.cx domain as the server name, i have also added all the rules to my router that are on your troubleshooter, i can connect to it fine through http://localhost but whne i try to proxy to it, i get error 404, and ive tried connecting to it from a friends house incase i was doin teh proxy connect wrong, but i get the same there :(

BUT lol, i've DLed lots of apache books, an am gunna read through one of em over the next couple of days, "Sam's tech yourself apache in 24 hours" sounds most promising lol so ill give that a thorough read through =D

I also think i found another package like the easyPHP one, and was thinkin of givin it a try but thought i'd get your verification 1st lol,since i have no idea WTF am doin lol =P

XAMMP


Bael - 01.05.05 8:49 pm

I think i must be doing something wrong somewhere with the config of the router, cus in apache, servername is set to mydynDNS.ath.cx, and i have the dynDNS updater that updates my dynDNS domain with my current IP address, I've also checked this with the DNS tools link you provided in your webserver troubleshooter. i can access my site, using localhost, but no-one else can access it and i can't using a Proxy, i have used the NAT and IPF rules on your webserver troubleshooter, so i have absolutely no clue what it could be, i have no other firewalls installed xD I'm currenty using XAMMP now, it's actually pretty good, and the forums aren't french so if i ever need help with i can go there....but at teh min this prog is workin fine.....It's my router config =(

Thanx,
Bael


cor - 01.05.05 9:29 pm

yeah, I knox XAMMP, it comes as standard on SOHO Linux (which I've put on a few machines), but it's more complex for n00bs than easyphp. Also, it's Apache2 now, yeah? Apache2 rocks, but the config is slightly different.

Forget the dns, for now, (and you don't need ANY tools, DUC, etc, the 205 can do it all!!!) can you connect at your raw IP? (normally you NEVER have to even consider your raw IP, but it's a useful check) I can't, I just tried, so it looks like you haven't got the rules in place at all. send me your config file!

I got yours crusti, will have a wee look later (have to go out again right now *sigh*)

Everyone's sorted for now methinks (ta Bael!) oh, Mick, that card you already have is just what you need, I think. try plugging a cat-5 cable into it! (like the one that came with the 205). does it fit?

for now..

;o) Cor


brian - 01.05.05 10:10 pm

hi cor, i've been reading your pages for a couple of days and i'm glad someone has a site dedicated to the voyager 205. i thought it was a crap little thing until i saw what it was potentialy capable of on you site....

however i have seen no one write about the same problem i am experiencing, therefore i have decided to submit it.

my brother is using the usb port and does not appear to have any problems running emule, i have left him the default ports 4662 and 4672 and we both have our own firewall until we can sort out the complexities of this problem.

i have used a static ip of 192.168.1.4 and i have forwarded ports 40001 and 40002 to my computer for emule. i am able to get high id on edonkey servers and an open connection on kad when i start up emule. at first i get a few links for each of the files i have and sometimes they even start downloading, but for some reason after running for a short time the links do not increase any more and the number of new connections goes down to zero and any files that have started to download grind down to zero. my computer starts to slow down and i have had this same problem on a fresh load of winxp and winme. i have tried increasing the number of tcp connections the router can take to 512 but this makes no difference. when i run a tcp scan using tcpview it seems that when the program starts a huge number of links builds up until the computer grinds to a halt...a lot of these links apppear to have a tcp/ip address of 0.0.0.0. i am lost as to what to try next, any help much appreciated.....

is this the problems caused by the use of the usb port that you mention? even though my brother (the one using the usb port) has no problems?

thanks.....brian.


Bael - 01.05.05 10:20 pm

K man i sent you my Router config, and i cant connect to myself with my raw IP either, for the Webserver IPF rule, ive tried directing it to both 192.168.1.1(which is on the troubleshooter) and 192.168.1.4(my static IP). I was wondering if it might be the fact that i do use static IP, because on dynDNS.org they offer both Dynamic DNS and Static DNS, i have dynamic DNS, but thouhg i might need static DNS seen as tho i use a static IP??? i know i gathered that the 205 could update my current IP from the rules:

create ddns hostname ifname ppp-0 name corz.ath.cx
create ddns intf ifname ppp-0 srvcname dyndns username "corz" passwd MyPaSSwORd system dynamic wildcard enable


But just wanted to make sure that it wasnt that rule that i had done wrong by getting the prog that does it also :P but it aint that, taht wasnt workin lol, so i guess i can uninstall it smiley for :D

btw Mic i made a mistake on the last UDP rule for counter strike, it's actually:

create nat rule entry ruleid 1200 rdr lcladdrfrom 192.168.1.4 lcladdrto 192.168.1.4 destportfrom num 1200 destportto num 1200


Thanx,
Bael

PS as soon as i convince my mum to setup paypal, ill be donating lol....I'd do it myself, but my paypal went crazy =S i forgot my password cus i ant used it in ages, and then went to verify it by answerin questions, and apparently i got my own security questions wrong xD so now if i wanna verify i have to fax them some form of photo ID and i dont have a fax machine lol xD


Bael - 01.05.05 10:26 pm

Brian it is almost definetely the fact your connected with USB, your bro might not have problems because he is just runnign emule....USB can handle one p2p at a time lol i had your exact problem when i was connected with USB, if i wanted to DL stuff i could only have one P2P open, if i used a few internet using appz while using the P2P my connection would just pack-up....i couldnt even go on msn while using limewire xD

MAKE THE SWITCH TO ETHERNET!!!!!! since doing it i have had absolutely no problems with speed at all, i now use multple P2Ps and bit torrent at the same time and have msn....and dont suffer either with page load times....an if i do its only slightly...not noticable :P

So find out you ethernet cable...an sort it out =P

Bael


brian - 01.05.05 11:06 pm

thanks Bael, i thought it might have something to do with the usb....

does anyone know a shop in the uk where i can get a 2 port ethernet hub (london) or do i have to order off the internet.

thanks again


Bael - 01.05.05 11:25 pm

well Brian you are much batter of with a switch than a Hub =D and you can pick a switch up really cheap and they are far superior to hubs :)
You can read about the difference here
You can pick switches up almost anywhere =P i always do my computer component shopping online, as things tend to be alot cheaper than they are in the shops, but you can pick up a switch at PC world for under a tenner =D Take a look =D

Bael


brian - 01.05.05 11:48 pm

thanks again bael,

one last point, if i want to be sure that buying a switch will put things right could i not ask my brother to unplug his computer from the router and i can then reboot.
we could also reboot the router to be sure.
if i then restart emule should i then be able to run normally as my brothers usb connection is no longer plugged in?

i just want to be sure a switch will fix the problem otherwise the alternative solution would be to get a second bt connection and we can then both plug in independently, admitedly this would be the more expensive option?

??????

thanks brian


cor - 02.05.05 2:24 am

brian this confuses me slightly. let me get this right..

You both share one voyager 205 router, you are plugged in to the ethernet port by CAT-5, and your brother is plugged into the USB. He has no problems whatsoever running eMule, and you DO?

Strange! But like you say, we haven't had this before. We know well that a single advanced user plugged into the USB will have many problems, and we know that switching (pun intended) to ethernet fixes these problems. The next logical step is to add an ethernet switch into the mix and have multiple private machines using the internet.

All that stuff is well tried and tested. Your situation interests me. Normally when both ports are used, it's a console on the ethernet port, and in that case, it's the games that are usually suffering, very similar to yourself. very interesting.

Your brother really has no problems at all? Not even with Kad open? This astonishes me. I tell ya, if it's possible to get a machine to run limitlessly by using USB and plugging a second (unused) puter into the ethernet port, then I'm switching to USB! (just kiddin, I'm real happy with the setup here!)

It's about perception, perhaps, check his settings, are yours the same (apart from the ports) his usage, is it like yours? eMule uses plain text .ini file. use a copy of your brothers, altering only the ports. yeah, try again with him unplugged. reboot everything and test different things.

Anyway, remember, there are limits. One single BT package has speed limits and a GB/month limit. One voyager 205 is capable of exceeding both these limits easily. Adding loads of machines to this side of the router doesn't change those limits. If you and your brother need 60GB/month between you, you would probably be cheaper getting a second BT line than paying the top-dollar BT are gonna charge for those over-the-limit GB's they expect you to pay for.

Final thought. You share your living space with your brother and you aren't on a LAN together???. Incredible! How do you share files and stuff?

Right, back to work! oh.. I'm gonna be up all night!

;o) Cor

ps.. Bael, copy-and-pasted the rule? and did you alter the IP? smiley for :D


Roger - 02.05.05 4:32 am

Hello,
What a fantastic site! Congratulations and THANKS!
Anybody using iVisit (www.ivisit.com) with a Viking chipset based router? I have a D-LINK DSL-502G and have already tried everything - nothing makes iVisit work...
I've read this site 100%, tried all settings very carefully and got no success: iVisit keeps saying that port UDP 9940 is closed.
Any help?
TIA, Roger


bael - 02.05.05 5:53 am

Yeah i copied and pasted the rules:

create ipf rule entry ruleid 808 ifname public dir in act accept transprot eq num 6 destport eq num 80 seclevel high medium low

create nat rule entry ruleid 808 rdr prot num 6 lcladdrfrom 192.168.1.100 lcladdrto 192.168.1.100 destportfrom num 80 destportto num 80


and what do you mean change the IP of what, I'm thinkin you mean the static IP to 192.168.1.100??? right??? but that would have made a difference surely, as i tried the above rules twice, once as they are, and once with 192.168.1.4 in place of the IP

Roger
I'm not familiar with your router, but i'm guessin with the same chipset they are pretty much the same, so did you disable DHCP mode in your router config?? and give yourself a static IP ion your local machine?? you can find out how to do these on this site if not, if yes, put these rules in your router to open udp port 9940:

firewall:
create ipf rule entry ruleid 9940 ifname public dir in act accept transprot eq udp destport eq num 9940 seclevel high medium low


nat:
create nat rule entry ruleid 9940 rdr lcladdrfrom 192.168.1.4 lcladdrto 192.168.1.4 destportfrom num 9940 destportto num 9940


then if you want to check if the port is open use Cors p2p port probe....

NOTE: for you to get success on the port probe, you must have the program that need the port running/listening on the port =D


Bael - 02.05.05 6:28 am

OMG lol i've got it.....I know what i was doing wrong xD

well in the logfile the thing wrong was that i jad the rule set at IP 192.168.1.100, i needed to make it 192.168.1.4 like you said, but i didn't think that would work, as i'd tried it before, proxied and got no connection xD.....BUT when i had the rule setup right, i was proxyin wrong lol....for some reason the proxy server was connecting on port 8080 not 80 so i couldnt connect lol xD should i make NAT/IPF rules for port 8080??

Now just to make a site lol =P Gunna be some long photoshop/imageready sessions in the next couple of days lol =P

Thanx for your help man =D
Bael


cor - 02.05.05 9:52 am

yeah dude, it's my Linux server that lives at 192.168.1.100! Hey! You got there! And every troubleshoot teaches you something!

No, you don't need a rule for 8080, although we often connect to proxies on port 8080, they won't connect to the website (in this case, also you) on port 8080 unless specifically asked to do so, like this.. http://my.ath.cx:8080/, I'm guessing something was up with the proxy, note this: whenever you load a new proxy, HIT GOOGLE!

Roger, if you've been all through the checklist (ethernet, static IP, removed old firewall rules, addded stealth rules, created port-forwarding rule (pair), etc, etc) the only other possibility I can think of is you're working over too many hops. Trans-Atlantic UDP isn't always completely reliable, for instance.

All Bael's advice is good, apart from, my port probe doesn't probe UDP, only TCP. It's very handy, though; you only need one working port-forward to verify that no other factors are interfering with incoming connexions. If you can configure one port, you can configure any port. success is success, after that it's just twiddling with the numbers.

happy holiday!

;o) Cor


Bael - 02.05.05 2:02 pm

I love bank holidays lol =P just put in a 8hour shift at work :P double time, so that's my new Nvidia 6800LE payed for at teh end of the month for one days work =D

Now to learn how to do stuff like security wise so i don't get hacked lol =P any sites you know of that will help me in learning hoe to apply security settings to all the modules that come with XAMMP?? MySQL, PHPadmin etc.....

also i tried that extension for Firefox, the proxyswitch one, and it worked great, but the porblem was is it caused firefox to take like 10x(maybe a lil exageration lol =P ) longer to open after been completely closed, a new window opens fine when i already have firefox open tho.....so maybe ill just have to leave a firefox window open at all times lol xD

Happy Holiday,
Bael


Roger - 02.05.05 4:17 pm

Hi Cor
Four hours ago I posted a reply (to Bael's message) but I cannot find it here anymore...

Yes, Cor, I did everything you mentioned. I created rules for iVisit, eMule and Azureus. I have port forwarding working 100% for eMule and Azureus. No problems for these two programs. But when I start iVisit, it still says that port 9940 UDP is closed. Besides, there are no statistics (all zeroes) for the corresponding RDR rule. The rule is never invoked.

I would love if somebody could try installing the free version of iVisit (www.ivisit.com) to reproduce the problem.
Roger


Roger - 02.05.05 4:21 pm

Hi Cor
Four hours ago I posted a reply (to Bael's message) but I cannot find it here anymore...

Yes, Cor, I did everything you mentioned. I created rules for iVisit, eMule and Azureus. I have port forwarding working 100% for eMule and Azureus. No problems for these two programs. But when I start iVisit, it still says that port 9940 UDP is closed. Besides, there are no statistics (all zeroes) for the corresponding RDR rule. The rule is never invoked.

I would love if somebody could try installing the free version of iVisit (www.ivisit.com) to reproduce the problem.
Roger


Bael - 02.05.05 4:38 pm

you might have hit preview rather than add my comment earlier Roger, are you sure you created the corret IPF rule??? as it is quite easy to miss if you don't look carefully, but you have to specify what type of port you want top open, and the generic ports on the NAT Recipe list open TCP ports, so if you just edited the port number and added the rule with telnet the ruple will be openin port 9940 on TCP, you this rule:
create ipf rule entry ruleid 9940 ifname public dir in act accept transprot eq udp destport eq num 9940 seclevel high medium low


notice the UDP in bold??

K cor, lol =P i'm currently designing my site, figure it's best to get something ready before i start hostin it lol xD and i have a few PHP appz i wanna install on my site/server =S sympoll (a poll thing) and floodbox(a shoutbox) but the readmes tell of how to install on a web based hired server, using ftp, like changing properties to 0666 to make it writable....how do i do this when the file is actually on my comp???or do i just right click it and makesure read-only etc arnt checked?? also when trying to install sympoll using either proxy or localhost i get an eror message...i havn't tried floodbox yet...i get the message "could not connect to the server database" when i try to add my admin priveleges =S

I'll get some screens of it later...i gotta head out now xD

Thanx

Bael


Roger - 02.05.05 5:05 pm

Bael,
Yes, I created the ipf rule correctly. I did it very carefully. Yet, I checked it again now. It's OK. I even tried disabling the Firewall. No success.
Roger


Roger - 02.05.05 5:07 pm

I mean: I even tried with the firewall disabled. iVisit still says the port is closed.
Roger


Bael - 02.05.05 5:27 pm

are you sure you don't have another firewall installed on your comp then??? it seems something other than the router is blocking the port, as if you disabled the router firewall it should have worked, make sure you have disabled windows firewall, andalso microsoft anti-spyware causes soem troubles aswell.....stopped my Bit Torrent from working properly xD

i'll download this ivisit thing and see if i can get in alright, i need a break from XAMMP it's givin me a headache lol =P

Bael


Bael - 02.05.05 5:53 pm

It is definately something on your computer preventing you from accesing the ivisit....i downloaded/installed/registered on ivisit......then entered the 2 rules i gave you into my router.....and everything works fine on my comp =D

Bael



Mick - 02.05.05 7:03 pm

Bael dude, instead of a network adaptor i have a LAN card in my pc can i plug the ethernet cable into it for my interent, would that work?


Roger - 02.05.05 8:49 pm

Bael,
Thanks a lot for installing and testing iVisit. When you start it and log on, don't you get an error message about the port 9940? If not, try taking the RDR rule out and you'll see the same error I get.

I have Windows XP SP2, but I turned OFF its Firewall.
I don't have any anti-spyware, but I have Norton Antivirus.
I will disable everything I find and see what happens.

This is very strange... three friends of mine have the same error and our computers are different. Only thing in commom is Win XP SP2 and the D-LINK router.
Thanks again!
Roger


brian - 02.05.05 9:26 pm

hi cor, thanks for the reply, sorry i'm replying so late but i thought everybody had gone to bed....

i'm waiting for my brother to come back home so we can run some more test's, but in the mean time i have one or two bit's of information that you may be able to make more sense of than me.

i have also asked for help at the emule-project hardware forum and it was suggested to me there that the 205 cannot cope with the work load that two computers running KAD puts on it...i don't think they are refering to the number of connections but in some way the CPU load.

i have disabled KAD and as long as i do not have too many items in the download list it seems i can get reasonable results...but again the system will grind to a halt if i add more and more files....even if i keep the number of connections setting down to 50.

when i use a utility called tcpview to see all the open tcp links it seems that when the system becomes overloaded a large number of links with local address 0.0.0.0 and remote address 0.0.0.0 and port numbers between 1000-4000 builds up. it must be this huge number of links that is causing the computer to grind to a halt but i have no idea why this is happening.

as well as these links there are what appears to be healthy links to port 40001 which i have set up as the edonkey port and some other links local address 192.168.1.4(my computer) and various remote addresses and port numbers between about 1000-2000(do these ports not have to be forwarded as well?)

like i say i have no idea what is happening but in view of the interest you showed above i thought i'd pass this over to you.

shortly my brother will disconnect his usb connection and i will run my computer on its own to see if these problems are solved, i will write back the result of this when its down (thats my brother comming in now!).

thanks....

brian


Bael - 02.05.05 9:26 pm

Mick if the LAN card has an ethernet port....Knock yourself out =D teah ya can use it....as long as it has an ethernet port it's fine =D

Roger I didn't get an error when i started Ivisit the first time, i applied my rules before running it the first time, then when i did start it....I got a *warning*
A connection-orientated NAT rule router has been detected. In order for iVisit to function fully, you may need to configure your router/firewall to establish and inbound port mapping rule for UDP port 9940. Otherwise, you might not be able to connect to other users who are behind similar devices. For more information, see http://www.ivisit.com/client/help/routers.html


but like i said this is just a *warning*, and i already knew that i had setup a NAT rule for allowing UDP port 9940 so i just continued and everything was great =D

what you mean, try taking out the RDR Rule??? you mean NAT/IPF right??

Bael


Trace - 02.05.05 10:52 pm

Hi Cor,

This really is a great site. Thanks for all the advice. I do have one question though... is it really necessary to stealth the router before you enter the rules to open ports for WinMX? I used a BT newsgroup to get advice on this earlier and was told that I just need to type in the rules in your recipe, but when I read the recipe page you say the assumption is the router has been stealthed. I was also told I would have to connect with USB to configure the router??? I don't want to make a pigs ear of this cos i'm not too confident with this stuff.... some of it is like Chinese lol. Any help you can offer would be great.


Roger - 03.05.05 12:03 am

Bael,
1 - Thanks for the tests and the report. It happens exactly the same here. I always get the "warning". And iVisit experts told me that if I get the "warning" then my port forwarding is not working. The consequence is: despite succeeding at logon, there will be several users that I will not be able to see.

2 - Answering your question ("what you mean, try taking out the RDR Rule??? you mean NAT/IPF right??")
Sorry for my poor English. I mean: try to delete just the NAT RDR rule that you created for iVisit, port 9940 UDP (no need to delete the IPF rule) in order to force the "warning" to show up - but now I understand that you (too) got the "warning" even having the NAT RDR rule active. You are at the vary same point as I am.

Roger


Bael - 03.05.05 12:43 am

No, you are perfectly fine, that warning will come up automatically to anyone using a "connection-orientated NAT rule router"....whether they have the port open or not, if you read the warning carefully, you will notice that its not saying the port is closed....it's saying because of your router type you may have to open the port....and you've done that =D I've looked around or a UDP port scanner, so you can see for yourself that the port is indeed open,

download and install WUPS

start iVisit so you have a program actually listening on the port, run WUPS...and lok at the folowing pic, to see my results and how to setup up WUPS before you scan =D

an image


brian - 03.05.05 2:32 am

hi cor again,

me and my brother have just finished our tests so i'm letting you know the end result....

basically you premise that the usb port appears to put some drain on the voyager seems to be correct.

when both me and my brother were plugged in (him on usb me on ethernet) neither of us was able to run a full system, we both had to leave KAD disabled in order for our systems not to lock up.

when my brother runs by himself he is able to run a full system with KAD running and getting a good number of connections and good searches.

when i try to run and my brother has no emule running it appears to make no difference to me, i still have to run a KAD free system.

however, if my brother completely unplugs the usb cable this seems to free up some recources and i am able to run a full emule session with KAD. it still seems a little slow but this may be more down to me runnin at 633mhz.

i now have a problem, does this indicate that the voyager can only run enough links for one emule, or if i buy a switch will me and my brother both be able to run emule through the ethernet?

an alternative would be to buy a router/adsl modem that is getting good reports on the emule-project site, the sureconnect 9105, according to reports on the emule site this modem has been proved to run two emule sessions on two separate computers over ethernet. according to the reports it runs these sessions at a good speed to. i hesitate to do this because i wonder if there is a limit at bt's end of things and i may find even if my router can handle the number of connections bt will not let me.

as the switch is relatively cheap compared to the router, which is about 50-60 pounds, i may well try this first and see if we can run two emules through the voyager, unless you can tell me for sure if there is a limit on the voyager???????

brian.


Roger - 03.05.05 3:21 am

Bael,
Thanks a lot for your help. I really appreciate it.

I will install and run WUPS as soon as I finish this text. It will be a valuable tool for me, but I already know that port 9940 is indeed open: I believe in what you said, of course.

So, let me tell what I did in the last hours. I started iVisit and logged on to its server. I got the "warning". A friend of mine, running the same setup (XP, D-LINK 502G, iVisit, same ADSL ISP) also logged on. Then I started a packet capture with Ethereal. In iVisit, I clicked on my friend's name, asking for a connection. We couldn't connect. I always got timeouts and "user unreacheable".

Then I stopped the packet capture and examined it. I saw that the first thing my iVisit client does is to check something with the server (perhaps it is looking for my friend's IP, his listening port, etc). BUT, because I am starting an OUTGOING connection and because NAT RDR rules do not work for outgoing, this very packet (my query to the server) is treated by the NAT NAPT rule instead! This packet was created by iVisit with source port = 9940 but, after NAPT, it gets source port = Y (where Y is between 50000 and 51023). The iVisit server notices that my source port is Y, not 9940 and tells it to my friend's computer. His computer replies to me with destination port = Y. My router refuses the connection because there is no rule here for port Y.

Conclusion: iVisit is not working here because of the way my router does NAT redirect (RDR - only for outgoing traffic) and because of the implementation of the iVisit network. e-Mule and Bit Torrent do not have this bad design.

This was the best explanation I could find. What do you think? If you have a WEB cam, please try to connect to somebody. You will see that the "warning" is for real. You won't get connected.

Roger


cor - 03.05.05 6:46 am

Roger, I downloaded and installed the iVisit software, opened the port, tested with a remote NMap scanned, UDP incoming connexions AOK..
9937/udp   filtered    unknown
9938/udp   filtered    unknown
9939/udp   filtered    unknown
9940/udp   open        unknown
9941/udp   filtered    unknown
9942/udp   filtered    unknown
9943/udp   filtered    unknown 
iVisit gives me the alert, but everything seems fine. I'm 100% certain I can accept connexions on UDP port 9940. Ergo, iVisit is wrong, or too far away to be able to reliably know my connexion capabilities. Or something else..

Good work on the latest research, so iVIsit uses non-standard connexions? Hmm. Why not simply create an outgoing rule for 9940? Then it would never get to the NAPT rule. TADA!

About your comment, occasionally I have to edit the file over the FTP (I'm working on live editing capabilities) and perhaps I uploaded over the top of it. I'm usually pretty quick, but there's a few risky seconds there!

thanks for the info brian. And Yes, KAD is a no-no with the 205! It does have a limit, 512 maximum IP sessions at once. that's it! I think you missed what I said earlier about self-imposed limits. Yes, you can purchase a heavy-duty router, then Yes, you could have many machines all KADding away, but YES, you'd use up all your BT monthly limit in three days! What's the point?

Trace, no, stealthing the router is not essential, but then, neither are computers, really. the stealthing is important for many reasons, mainly a) security, obviously, you really don't want the "factory standard" ruleset in place! b) it gives us all the same starting point from which to build simple rulesets as needed, and c) makes my life easier!

Goan and just stealth it! Don't worry about messing things up, there's always that wee hole in the back, you can just poke it, and you're back where you started. It's easy once you know how, though. Start with the uber-friendly admin pop-up pages above these very comments. Then open a telnet session (links all over the place) and try a few commands, before you know it you'll be a router wizz-kid, like Bael!

Fact: USB will give you troubles. Please read through the pages here a couple of times, you'll gain a deeper understanding of what's going on, and increase your confidence. Hit the troubleshooter page if you run into difficulties, and feel free to keep asking questions here. We live to help!

;o) Cor

ps.. keep up the good work Bael!


Bael - 03.05.05 10:57 am

Roger..
If you have a WEB cam, please try to connect to somebody. You will see that the "warning" is for real. You won't get connected


K man i actually joined a room to test your theory...which was task in itself lol....it's pretty hard to find a room with someone actually in lol xD i eventually joined a french room and here what i got =P don't mind ma hair lol av only jus got up xD

an image

have you only tryed connecting to your friends?? as they you said they have D-Link routers also.....are you sure thay have theirs configured correctly??

Will do Cor =P

I'm having troubles with XAMPP lol xD i'm tryin to secure everything, and i managed to get it to say secure on everythin on the the security tab of xammp apart from ftp server as i dont plabn on using it.....but when i have everything "secure" and i goto the status tab, it tells me that MySQGL and PHP aren't running, even tho i know for definite MySQL is, and PHP should be all i did was put it into safe-mode xD

Thanx,
Bael


meeza - 03.05.05 11:48 am

This is a great site! Very helpuful! I have run through all the tweaks you suggested but I noticed something strange that now happens. It seems when I run a P2P (Shareazza, Kazza lite) I am then uable to surf the web with Firefox! ?

Sorry I am a bit green at this.

PS Shareazza itself seems much slower witht he BT 205 as opposed to the BT 105 :( any thoughts?


Bael - 03.05.05 12:18 pm

Meeza how are you connecting your router to your PC?? ethernet or USB?? if you're using USB switch to Ethernet, That'll probably fix your problem, and if you're already using ethernet, have you created NAT/IPF rules for the ports shareazza/kazaa lite use??

Bael


meeza - 03.05.05 12:49 pm

hey bael, using ethernet.

I tried to create NAT/IPF rules for shareazza but am not too sure of myself. am using the following port default (6346) for Shareazza:

create nat rule entry ruleid 6346 rdr lcladdrfrom 192.168.1.4 lcladdrto 192.168.1.4 destportfrom num 6346 destportto num 6346

now what I dont really know is if the IP i entered (192.168.1.4) would be correct. I ran through all the rules on this web page as well :)



meeza - 03.05.05 1:17 pm

I got the Shareaza problem fixed by fixing my Nat rules (was an issue of typing the correct IP) However, there still seems a conflict between surfing and P2P use (though MSN Mess. seems ok) Thus if I am using Shareaza, Firefox will time out - any thoughts?


cor - 03.05.05 2:52 pm

meeza, this definitely sound like a max IP Session thing. Did you apply that rweak? If not, do that now. If you have already, ensure your p2p apps are using a reasonable amount of connexions. you have 512 max simultaneous connexions to play with, after you apply the tweak (192 before rweaking).

The NAT rule looks fine, I'm presuming you also applied the corresponding "ipf" part of the port-forward. 192.168.1.whatever, is the IP of your peecee, whatever you set it to. I use 192.168.1.3 these days.

Bael, I've seen XAMPP do that, I don't use, nor support it, the "integration" seems like a good thing, at first, but it looses it's shine pretty quick. Easyphp put in a fairly standard setup, similar to what you get if you installed the servers from scratch. I pretty much put everything in from source these days, so I don't know where XAMPP is at these days, though I know easyphp hasn't moved much, and that's not a bad thing.

Maybe you could delete everything (keep a backup of your conf directory, of course) and go grab the Apache binary installers from apache.org. The win32 build comes as a windows .msi package, and they've put a lot of thought into the installation, it even has a handy system tray thingie you can start and stop your server with. If you run Apache and Apache2, both servers will be configurable from there. handy.

Then you could do the same with php and mysql, they all have good windows installers these days. You seem like a quick learner, so this may be a better approach, and will give you a more solid understanding of the way these three servers interact with each other.

Read the notes inside your httpd.conf file, they are gold dust! If you have a linux rig, read the httpd man page, in fact, if you're serious about serving up contect, I definitely recommend you get yourself a cheap intel box and chuck linux or bsd on it, after a while, you'll wonder how you lived without it.

Non-Linux users can't check out the man page here, but the version running here on my workshop server works fine *wink* en-joy!

for now..

;o) Cor


meeza - 03.05.05 3:05 pm

d'oh! sounds about right! cheers


Bael - 03.05.05 9:34 pm

well over the next few monthes, i'm going to be totally upgrading my current system, startin with teh graphics next payday =D and in maybe 2-3 monthes i will have upgraded everything bar the motherboard, so rather than sell my current components....I'll buy another mobo and learn Linux =P a guy in my CS:S clan is curently trying to install linux on one of his machines....so i won't be continually botherin you all teh time lol =P

yeah i'll take it step by step lol =P i'll go from XAMMP back to easyPHP and when i'm feelin more confident i'll make the grab the apache binaries =D and install everything myself :)

Meeza
I know you said you had it sorted in a post after this...but:
now what I dont really know is if the IP i entered (192.168.1.4) would be correct.


well that IP would be correct if that's what you set your local machines static IP to =D you did set a static IP right?? and did you disable DHCP mode on your router??

Bael


brian - 03.05.05 11:47 pm

hi bael, or cor, i'm not sure who's replying at the moment....

i understand now that KAD's connections must be on top of the edonkey connections and this is what takes you to the 512 limit.
i take on board your point about using up your bt allocation of download, but my problem is that a lot of the files i search for are rare and although each file does not have many sources sometimes because the files can be in the list for so long they build up and add up to a lot of sources....i therefor wonder if you know if bt also have a limit on the number of tcp connections you can make, if not i would be quite happy to invest in a more powerful router.

(alternatively i could try to edit the binary upgrade file to artificialy increase the 512 connection limit!!!!)

thanks again.......brian


cor - 04.05.05 2:16 pm

oh, it's a free-for-all here brian! when the host is working smiley for :erm:

as far as I know, BT do not limit the total number of connexions, apart from by supplying us with the 205! I don't think it will possible to increse it above 512, the limit is simply the size of the table required to store all the information, and max ram is max ram!

But if you figure out a way, let us know!

Sounds great Bael, I'm considering a new Linux rig myself, it's the future man! best to get to know it now, before Microsoft goes bust and leaves all the Billy Goats out in the cold! (I wish!). It's certainly more robust, and when you've got multiple servers running on one machine, that's important.

The KDE desktop rocks, too. It used to be that Linux was an amazing server but sucked on the desktop, that's no longer the case. many would argue that it's surpassed XP.

anyways..

;o) Cor


cor - 04.05.05 2:26 pm

hey! I edited that last comment live! in-situ!, you know what this means? apart from no more lost comments (there was only one I know of, but still), it means next, you guys will get to edit your own posts, at least your most recent one.

The plan is, you can edit the post for a specified window of time, or until someone else posts, whichever comes sooner. wadda ye think?

Hopefully I'll get a php session in tonight, and "user editing of comments" is on my list!

;o) Cor

ps... note to self, and double-posting check!


Roger - 04.05.05 5:19 pm

Corz and Bael,

Guys, thanks again for all the help... Well, after a LOT of further testing and reading, I think I figured out where is the failure: for routers based on the Viking chipset, RDR rules are only invoked for incoming traffic... and the iVisit system is incompatible with this kind of port forwarding!

Despite having port 9940 indeed open by that RDR rule for incoming packets, it is not enough. Such "incoming-only" RDR rule allows me to log on to the iVisit server and even join the rooms, but I will never connect to a user if he is also using a router that only does the mapping for incoming traffic (which is the case for all our routers here, based on the Viking).

This is why Bael succeeded in joining the iVisit room. I guess you did not try to actually connect to any particular user. Probably you would connect only to users which are not using a router like ours. You would not connect to users running a router that does the port forwarding for incoming packets only.

Please, do the following:
Access your router via the WEB or CLI interface.
Reset the statistics of the RDR rule that you created for iVisit.
Launch iVisit, play around for a while and close it.
Go back to the statistics and check: you will see that that RDR rule was never invoked during the entire iVisit session (Sessions=0, Packets=0).

So, you'll see that the port forwarding rule thet you created for iVisit does not make any difference.

Corz:
Good work on the latest research, so iVIsit uses non-standard connexions? Hmm. Why not simply create an outgoing rule for 9940? Then it would never get to the NAPT rule. TADA!


Please, help: HOW do I create an RDR rule that works for outgoing traffic?

Note1 - I tested the BIMAP rule. It does the trick, but it opens ALL ports... BIMAP is unsecure and is not the solution here.

Note2 - I've read about some newest models that implement a thing called "Virtual Server". I've been told that Virtual Server maps specific ports both ways, being a perfect solution. Unfortunatelly my (our) router(s) does not have this feature.

Bael:
have you only tryed connecting to your friends?? as you said they have D-Link routers also.....are you sure thay have theirs configured correctly??


I did several tests with just one friend. His router is the same as mine. We did all testing talking over the telephone, so I know that his router is configured accordingly.

Roger


cor - 04.05.05 6:02 pm

Actually, Roger, your best bet might be to employ an ALG rule, this is just what these things were invented for!

Which one, however, is anyone's guess (or research project!) The cuseeme, h323_ras, and h323_q931 algs might be a good start, though.

Have fun! and thanks for the info, nothing goes to waste.

;o) Cor


crusti - 04.05.05 6:36 pm

cor: did you forget me?



cor - 04.05.05 7:38 pm

no man, my inbox is just a bit snowed under atm. and I think there's at least another two configs in there older than your one! smiley for :ehh:

;o) Cor

ps.. You get a quicker reply if you explain the problem in the email, with the config file! Saves me oodles of time raking around trying to find what the problem was, what's happened since, etc, etc.


Roger - 04.05.05 7:55 pm

Cor,
Glad that you liked the info I brought. And thanks for the hint (ALGs). I will study about Application Level Gateways for the Viking chipset and will post if I find the solution. I would like to hear from Bael about the statistics of his router.
Roger

P.S.1: Excuse me for having spelled "Corz" in my last post instead of Cor. Perhaps I am getting older than I think...

P.S.2: This page was unavailable last night - this morning :(
(BTW, I'm UTC -3). I couldn't open it, but my pings to corz.org were replied 100%.


Frustrated - 04.05.05 8:08 pm

Hi,

Is there a way to disable the router features of this modem so I can use it with my Netgear WGR614 wireless router. As you know, the eth out from the 205 is a local address by default.

I really hope there is a way because my Netgear router is useless at the moment.

I hope someone can help me.

MiD


Frustrated - 04.05.05 8:10 pm

Just a bit more info... when I plug the 205 into my WAN port of my Netgear Rtr, the Gear detects the Static local address and I cant surf at all!...

Many thanks.


BobR - 04.05.05 10:20 pm

You've probably had a zillion replies on this already, but.. oh well..!

The reason why a telnet session from a Windows box allows editing on the Command Line is the "Terminal Emulation" mode used.

Windows telnet sessions default to "vt100" mode, which used to be the "default standard" in telecommunications. It was developed by the Digital Equipment Corp. (DEC) for its video terminals, with one of the most popular models being the "VT100". The command keys used for editing the screen have been adopted by most of the world as a default standard (del, backspace, cursor left/right, etc.).

Most of the world that is, except for Apple, apparently.

Quite likely Apple is using ANSI, which doesn't work on a VT100 enabled session.

Depending on the server, it's sometimes possible to issue a command which will change the "emulation mode" into something else, which might allow an Apple to use whatever mode it defaults to, on a router.

Of course, since most routers are operating out of ROM, it's not likely such a command will "stick" (unless you can write it into a session config file), so you'd likely have to issue that command every time you connect from an Apple.

In a Windows telnet session, if you drop down the menu that says 'Connect" and choose "Remote System", a box will open allowing you to enter the IP of the remote system you want to connect to, AND allowing you to change the "Term type" of the session from the default of "vt100" to ANSI, so your Windows session can feel exactly like a Mac session... umm.. well, maybe you wouldn't want to do that. But you could.

(The video terminals you see in a lot of old "computer movies" like Colossus: The Forbin Project are DEC VT100s... trivia for the day.)




Stuart Maskery - 04.05.05 10:50 pm

Thanks for the excellent site it really helped me setting up my Voyager 205.

However this has had me baffled for the best part of 2 weeks, I am running Azureus and defined the NAT rules as per your site's instructions and Ports Forward everything works fine for about 2-3 minutes Bit Torrents Conect and Run perfectly then they stop and Azureus reports a connection error.

The reason for this I cant find anywhere but I can find a fix which is a complete bodge job, if I go into the NAT rules and change the rules for ports 6881,6969 & 7000 to NAT to those ports but only define the local port number but leave the destination port blank the tracker status stays yellow (NAT Error) but everythign runs fine Torrents Connect and nothing stops. I know this has to be somthing really simple but I am baffled as to what exactly is causing this to happen so any suggestions would be appreciated.


Roger - 04.05.05 11:39 pm

Frustrated, what you need is a bridge. Assuming that the BT Voyager is similar to my D-LINK DSL-502G (same chipset), probably there is an item on the configuration page that will permit the transformation from router to bridge. However, I don't have any further info on how to configure it after the transformation. I suggest you carefully read the manual.
Hope this helps.
Roger


Roger - 05.05.05 5:01 am

Hi, Cor
I just finished reading the manual of my D-LINK and also some manuals for other Vicking-based routers. Here is an excerpt from the "Advanced Reference Guide for the Solwise SAR-110 ADSL router":
-----------
"Section 13.1.8 - Configuring ALGs
You will need to configure an Application Level Gateway (ALG) if you want to use certain applications such as FTP, SNMP, Real Audio, and a few others across the unit. For instance, if you want to ftp a file from some outside host, or you are providing an ftp server that has to be accessible to outside users, you will need to configure an ALG for FTP."

"An ALG enables the unit to carry out address translations in the entire packet instead of just the packet headers. The mentioned applications need ALGs since they use IP addresses in their payloads also. Most other applications do not."

"The actual translation occurs in accordance with the corresponding NAT rules. The ALG just enables NAT to translate inside the payloads of these specific applcations."
------------

So, it seems that ALGs will not be of any use for me. I think I reached a dead end. I will never be able to create a redirect NAT rule that works for outgoing packets.

Roger


Trace - 05.05.05 1:34 pm

Hi Cor,

Just spent two days working on this router. Got it stealthed and all seems well except one thing. The p2p port probe is indicating that no port specified. I added the firewall and nat rules for WinMX from the recipe page, checked them on the web interface and they are all there. I've been through the troubleshooter over and over and settings are all fine. Checked the settings on WinMX. These are definitely ok. WinMX is now uploading which is an improvement, but no sign of downloads. Any ideas on what the problem might be?


Bael - 05.05.05 1:42 pm

Trace it says no port specified??? did you actually enter a port for it to probe first lol xD enter the port that winMX uses and click probe me ;)

I'm in abit of a hurry so don't have time to reply to everyone xD

Sorry,
Bael


Frustrated - 05.05.05 1:58 pm

Hi,

Thanks for the info Roger... but I just cant seem to make the 205 work in 'Bridge mode'. No manual with the modem either... *sigh*

Any ideas anyone?


phil - 05.05.05 10:01 pm

Hey Cor

I've got a strage problem which you may be able to help with - BT certainly appear not to be able to sort it anyway. I have BT 1Mb connection through a BT Voyager 205 ADSL modem. All set up properly in terms of connections and filters and works fine most of the time - connected to my network via D-Link 10-100M Fast Ethernet Switch - no USB connection to pc or anything - no BT software on pc either. My router is connected to the BT socket via a standard extension lead which i have tried swapping out with a decent RJ11 lead during the problem times to no effect - router upstairs with pc - bt socket downstairs. When working ok, if i go to network connection, there is no Internet Gateway configured. At about 1600hrs each day, through to about 1830-1930hrs the DSL drops out and can't use the internet - sometimes the light goes solid again, but as soon as i try any activity - e-mail download or IE, just drops out again. At the problem times, there is an internet gateway automatically configured in network connections!! I have used the set-up hints on your site for the router and have mapped ports for WinMX but that's all. I run (updated) NIS Pro 2004 and regularly run Spybot, Adaware SE and HiJackthis for finding and removing malware. If you could give any hints i'd be really, really grateful.

Hopefully yours

Phil


brian - 05.05.05 11:08 pm

hi cor and bael,

just thought i'd drop a note that since entering the command:-

modify nat global udptimeout 120

as found in the solwise sar110 manual, i have been able to run a full emule session through the ethernet connection of my voyager even with my brothers usb still plugged in....its a little slow but that is more to do with the limits of my pc (633mhz) i think.

just in case no one else has tried this (i haven't read all 57 pages, any chance of a search?)

brian.


Roger - 06.05.05 4:08 am

Cor and Bael,
I had a topic about my problem with iVisit (RDR rule being only for incoming packets) on their forum, but it seems that the Administrators did not like me talking about this over there... They asked me not to post anymore and closed my topic !!!

Could you please verify the statistics of the rule that you created for port 9940 (please, see my comment of 04.05.05 5:19 pm)? Thanks in advance!


cor - 06.05.05 5:19 am

hey hey! thanks for giving the new comment code a thorough work-out in my absence! smiley for :D okayz..

First, thanks BobR, I figured it might be something like that, but after a bad experience with a termcap file some years ago, I just didn't want to go there! After reading your post, I had another look through my Putty emulation prefs, and found a control for Backspace, I switched it from Ctrl-? (Ctrl-127) to Ctrl-H, TADA! cool! I'd better amend the main article now.

I use putty still for other connexions, but it's been useful for me, here, to try and replicate the setup that "most users" will have, same IP, same tools, etc, and windows telnet works extremely well for this purpose, the idea that I could put a link on the page that would open the same telnet session in every windows machine, is a good idea! But I'll likely go back to using Putty again myself, now that I know! ta m8!
I am offering a reward for any information leading to the successful removal of the voyager's "built-in" rules.
Bloody messin' with my mailserver!

Roger, I'm still a bit shakey, and not quite with it this morning, but that excerpt looks to be exactly what you want, no? Perhaps not. Keep us posted with your continued explorations, though!

It sounds to me like iVisit are a bunch of cowboys! You might want to consider a different webcam application! There's loads of them around, and most coded with at least a vague awareness of current broadband technologies!

Trace, well done! As to the downloading, try a few different files, sometimes that's really the way it is, even with a perfect setup!

Frustrated, check the public archive, there's loads of manuals! (links above these comments) I remember seeing..
modify autodetect cfg mode bridge
, but you'd likely need to do a bit more than that! If you get it working, send me your config, labelled "working bridge mode", and I'll make an example of you! (there's at least one other person looking for this)

Lastly, that's an interesting result, brian, almost the opposite of what we'd expect! Keep us posted with your findings!

back l8r..

;o) Cor

ps.. there *is* a search (see my toolbar), and a damn fine one! but for finding information inside the comments, simply load the page with all comments and use ctrl-F (or better still, "type-to-find" in firefox, camino, etc)

I've been thinking about a "chunk search", something that would return a paragraph of text around a keyword, specifically for long articles (like these comments have become!), but I'm still at the "thinking about it" stage...


phil - 06.05.05 5:43 am

Cor

Just to add to my post above - now noted today that i have an 'internet connection/internet gateway' configured (automatically by XP??) in my network connections. But it says that it is 'disconnected' and my modem and all internet activities seem to work fine?

Regards

Phil :-(


Trace - 06.05.05 9:25 am

Hi folks,

Bael, thanks for the tip yesterday. You were right, I hadn't specified a port for the probe! doh! Glad you couldn't see my red face lol. Wanted to ask about port 6257. Tests say the port is stealthed. It cant send or receive packets. WinMX wont download anything. I even tried files that had over 200 users but no luck. Anybody know of anything I can do about this?


graham - 06.05.05 9:55 am

Just checked out the BT firmware dowloads, but do not know which one to get. Current version on my 205 is v1.1. Is there a later version? Which BT file should I grab?


cor - 06.05.05 1:04 pm

phil, that'll be XP doing some funky UPnP stuff with the router. I usually disable all XP's built-in UPnP services (run "services.exe"), in the meantime, ignore it!

Yeah Trace, you're definitely stealthed on port 6257, TCP, but that's the UDP port, and the probe doesn't do UDP. On the WinMX TCP port 6699, you are accepting connexions just fine, success!

So it's not your router causing the trouble! Maybe you just have to wait in the queue a bit for your downloads. I've only used it twice (to test for this page), and both times I downloaded really quickly. Hmm, you might want to try this in a telnet session, it will make you "pingable"..
create ipf rule entry ruleid 13 ifname public dir in transprot eq icmp icmptype eq num 11 act accept seclevel high medium low

graham, I usually recommend v1.6, the one I'm using is available in the public archive (links above comments)

for now..

;o) Cor


Roger - 06.05.05 6:55 pm

Cor,
"that excerpt looks to be exactly what you want, no? Perhaps not."

No... As I said on my post of 05.05.05 5:01 am, it seems that ALGs will not be of any use for me. They can't do the trick... I think I've reached a dead end. With this Viking chipset, perhaps I will never be able to create a redirect NAT rule that works for outgoing packets. Unless somebody enlighten me.

I agree with you that I should find another webcam application, and that's what I'll do. But, before that, I have to finish this issue - if not, I won't really learn how my router behaves. This is the reason for my research. So, I kindly ask you please (and Bael, if he's reading me) to check your statistics of the rule that you created for port 9940 (please, see my comment of 04.05.05 5:19 pm).

Your reply (and Bael's) will be much appreciated.
Roger


grandad - 06.05.05 7:08 pm

Reading the various messages on the "how to" page hasn't helped me much. I can't access the other 50 pages as the hyperlink doesn't work! As an ancient of 70+ who has been working with computers since 1959 I can still get lost. My LAN was a simple crossover patch from PC to PC when on dial-up until BT invented the USB broadband access. I purchased an auto sensing 5 port switch but have failed to get access for both PCs via ethernet. If I can, I'd like to try some of the tips and tricks on this page. Can someone take me through the simple bits to get the LAN set up to talk to my router in the state I got it from BT. I daren't **** my wife's connection


heeeeeellllllppp - 06.05.05 7:13 pm

Sorry 'bout this Cor

But in answering "Just to add to my post above - now noted today that i have an 'internet connection/internet gateway' configured (automatically by XP??) in my network connections. But it says that it is 'disconnected' and my modem and all internet activities seem to work fine?" question, we seem to have missed my previous question - also, how do you disable all the XP UPnP stuff? And.... I've got a strange problem which you may be able to help with - BT certainly appear not to be able to sort it anyway. I have BT 1Mb connection through a BT Voyager 205 ADSL modem. All set up properly in terms of connections and filters and works fine most of the time - connected to my network via D-Link 10-100M Fast Ethernet Switch - no USB connection to pc or anything - no BT software on pc either. My router is connected to the BT socket via a standard extension lead which i have tried swapping out with a decent RJ11 lead during the problem times to no effect - router upstairs with pc - bt socket downstairs. When working ok, if i go to network connection, there is no Internet Gateway configured. At about 1600hrs each day, through to about 1830-1930hrs the DSL drops out and can't use the internet - sometimes the light goes solid again, but as soon as i try any activity - e-mail download or IE, just drops out again. At the problem times, there is an internet gateway automatically configured in network connections!! I have used the set-up hints on your site for the router and have mapped ports for WinMX but that's all. I run (updated) NIS Pro 2004 and regularly run Spybot, Adaware SE and HiJackthis for finding and removing malware. If you could give any hints i'd be really, really grateful.

Yours hopefully

Phil



Uncle Bob - 06.05.05 7:19 pm

Just a quickie smiley for :lol:

Has anyone got this same type of problem, or is it jus me? I have to reset my router at least 3 time a week on average as it gets disconnected and it will not connect at all. When clicking on connect, it just says that I have changed my f*&@ing password. smiley for :blank: It will not connect at all until I reset the bloody thing.

Obviously, I then afterwords have to do all the telnet stuff again... smiley for :aargh:


Bael - 06.05.05 11:24 pm

well sorry i ant been around much lately...been busy workin an gettin drunk lol.....this is just a quick reply to a few posts i've read through quickly...i need sleep lol xD

Roger well i've since uninstalled iVisit, but when i did have it i don't remember having any problems what so ever connecting to anyone, but like you said that may have been because i wasn't trying to connect to someone else using a Viking Chipset router =P but if you'd like i can get with ya on msn (bael666@gmail.com) an reinstall iVisit an try an connect to you so i can see what your experiencin lol =P

Uncle Bob I have no idea how to fix your actual problem lol, about teh restarting (Cor will figure it out tho lol =P) but as a temp fix, as apposed to continuosly inputting telnet cmds to add the rules everytime you restart, i would open Cor's windows shell script in note pad (the one that deletes the default router rules, and modify so that as well as deleting the default rules it adds my custom rules also (not sure if thats possible at min tho lol ant looked at the script in notepad =P but it sounds very do-able :) so that all you would have to do after your restart is run the shellscript =D

Thanx Bael

PS jus looked at the shellscript lol, rather than adding to it, i would make a copy of it, and have one for adding your custom rules, and the original for deleting default rules, that way, rather than adding to the shellscript, you could just locate all the "delete ifp rule....." parts of the script(use ctrl+f and search for delete ;) ) and replace them with "create ipf rule....." and "create nat rule....." hope this helps for now Bob =D


cor - 07.05.05 1:03 am

phil, oops, I meant to say run "services.msc", (hit Win key and R, then enter "services.msc") and disable EVERYTHING to do with UPnP, there's two different services, though mine are gone as well as disabled, so I can't check their exact names, one is called "SSDP discovery service" I think. google will sort you out.

Roger, I wasn't impressed with the app, so I uninstalled and deleted it immediately after testing it out for you, so I can't check anything! Try cuseeme! But first, maybe just try an alg!

Uncle Bob, if you commit in a telnet session (or "save" from the web advanced pages) you don't have to enter in your custom rules ever again, the are FIXED! But the dozen or so "automatic" rules (inserted on router reboot) are easily dealt with by the "rad" script, recommended!

By the way, my connexion has been up for weeks, no problem.

grandad, the links work fine! (what browser are you using?) but the main pages have most everything you need. I did a nice wee ascii drawing of your exact network setup on the last page (or maybe two or three pages ago), so you might want to try those links again!

The switch should be fairly transparent, you simply insert it between the peecees and the router. follow this page slowly, branching off to the static IP and stealth pages when those links come up, run through the checklist at the bottom of the troubleshooter when you think you're done. There's nothing to lose except sleep!

which is what I should be doing..

;o) Cor


Roger - 07.05.05 2:57 am

Cor,
That's OK. I understand you.

About ALGs: As I said before, ALGs are for translating IPs *inside* the payload. They do not translate addresses nor ports on level 4 (UDP or TCP). Besides, they are ready-made, pre-defined in the firmware. One can't create one, and there is no ALG for iVisit in the firmware of the router.
Roger


Roger - 07.05.05 3:22 am

Bael,
Thanks a lot for offering to meet me on MSN. I thought you still had iVisit on your machine, and I had already prepared a "recipe" for a test... But I cannot ask you to go through all this trouble again. Never mind.



I was going to delete the "recipe", but perhaps it might be of use to someone, so here it is:

------------------------------------------------------
- Install iVisit.
- Stop any application possibly accessing the Internet.
- Access your router's CLI interface via telnet.
- Create rules for port 9940 (firewall and NAT RDR).

create ipf rule entry ruleid ...
create nat rule entry ruleid ...

- Check your NAT and ipf rules, if you want:
get nat rule entry
get ipf rule entry

- Reset the statistics of all NAT rules:

reset nat rule stats

- Launch iVisit, play around for a while and close it.
- Go back to the telnet session and check:

get nat rule stats ruleid |number of your NAT RDR rule|

You will see that the NAT RDR rule was never invoked during the entire iVisit session (Inbound Packets:0, Outbound Packets: 0). All packets were translated by NAPT. Confirm this by issuing:

get nat rule stats ruleid |number of your NAPT rule|
------------------------------------------------------

Thanks guys, for all the help. I appreciated being in touch with you. This a very good and useful site. I'll return here eventually. Congrats to Cor and all others involved. (Maybe this Comments section should be transformed on a Forum?).
Bye,
Roger


grandad - 07.05.05 1:29 pm

thanks for your suggestion. unfortunately i was already at that point and had seen your diagrammatic which confirmed that i had set it up right. i think the problem is in how my pc's are seeing the ethernet. Do i have to set up the system as in your diag. and then run a network set up routine? i disabled dhcp on my router and the pcs and gave them IP addresses on the router subnet. with either pc connected straight to the router all works fine but it goes pear shape when i have them both on the switch. i'm running on XP Home (i know, smiley for :blank:)
but it seemed a good idea at the time! also, i ran all the BTYahoo set up routine. The extra page link was ok i just didn't look in the right place for the messages


Allen - 07.05.05 7:48 pm

Seriously useful site. Nice one!

Why oh why do BT hide the best features? dyndns !?!?!?!

Really would be nice to find a firmware solution to those annoying firewall rules that just keep coming back though.


cor - 07.05.05 7:56 pm

grandad, double-check your connexions into the switch, some units have a one special port that must be used for the upstream link (voyager), it will usually be marked on the rear, certainly in the manual.

Start with one single machine, switch, voyager, and when that's working 100%, add the other machine(s) After double-checking its network setup as per static IP page, especially checking that its IP doesn't coincide with the first machine.

Actually, start by removing every last trace of BT software, and THEN do the above paragraph!

The static IP page will keep you right. If you are all setup okay, IP 192.168.1.3,4,5,etc, mask 255.255.255.0, DNS server 192.168.1.1, etc, then perhaps the switch is really more than just a switch, and interfering in some way. Exactly what model is it? I'll look it up, see if maybe it's trying to be "intelligent".

Thanks for the info, Roger, I'm sure you'll find something more NAT-friendly for your video-chat needs, iVisit doesn't look to be worth persevering with. Remember, next time ask probing questions at their forum before you download the application, and if the posts get deleted, move on!

And wadda ye mean, Forum? This is forum enough! NO I WILL NOT INSTALL PHPBB!!! smiley for :lol: "corz comment thing.. create ad-hoc forums under your pages" will be the tagline, when I eventually release it.

This style suits me better than a full-blown forum, and keeps things in their place, or else you get mixed up with folks who came here not looking for info about routers, but about Karma, or music, or something else, all adds to the mystery, you see.

;o) Cor

ps.. Allen, Oh Man! I hear you! But my wee scripts (available for *nix and windows, in the public archive) do ease the pain somewhat!


Spans - 07.05.05 8:51 pm

Hi, Great site, helped me a lot, but I have one real problem if you could help point me in the right direction that would rule...

I have my 205 running on its normal address ie 192.168.1.1

I have this plugged in to my netgear router, running on 192.168.0.1
this has 4 lan rj45's and wireless too, no problems so far, but I want to open a port for emule, if I try to put the router to the same address range as the 205, I loose the internet, if I set the modem to get address from external dhcp server, it seams to lock as well, is there an answer, or am I just missing something really obvious?

any ideas would be great, as I would like to loose the low id


Spans - 07.05.05 8:52 pm

Hi, Great site, helped me a lot, but I have one real problem if you could help point me in the right direction that would rule...

I have my 205 running on its normal address ie 192.168.1.1

I have this plugged in to my netgear router, running on 192.168.0.1
this has 4 lan rj45's and wireless too, no problems so far, but I want to open a port for emule, if I try to put the router to the same address range as the 205, I loose the internet, if I set the modem to get address from external dhcp server, it seams to lock as well, is there an answer, or am I just missing something really obvious?

any ideas would be great, as I would like to loose the low id


Allen - 07.05.05 10:53 pm

cor - Yes indeed, and very nicely done. The rad script is already sat there in my /usr/bin directory and works like a charm. Just annoying to have to do it at all.


reboot - 08.05.05 8:33 am

Love all the tips. I recently looked at all my rules etc and they look like a right mess. Thus is there a way I can delete all the changes I have made (Nat and Otherwise) to restore the box to its original state and start again. I think I have a better nack for NT rules etc than I first did when orignially typing them in so I just want to start from scratch!
cheers
-re


Allen - 08.05.05 9:41 am

reboot
There is a reset switch on the back. It's labelled 'reset' strangely enough.

Stuff a little pin or bent paper clip down there to return to a virgin BT state.

Came in useful for me yesterday after deleting the allowed admin ip's in the wrong order!


CdBee - 08.05.05 11:23 am

Hi - I'm an admin at portforward.com, like most networking sites we get a lot of people with misbehaving Voyager 205s (primarily eMule and bittorrent users who are overloading their routers NAT tables, and also gaming users who can't forward enough ports to get their games working (limited to 20, I seem to recall))

What I'm wondering is if, rather than our standard recipe for Voyager 205 sucess which is to DMZ the PC and rely on software firewalling or an ethernet router, would it be possible to install the firmware from a more fully-featured Globespan Viking router such as a D-Link DSL-502 onto a Voyager 205?

Has anyone ever tried this?


BrD - 08.05.05 12:08 pm

Hi all,

I have a question. I have a 2Mbps connection with BT and I am wanting to connect two laptops to the internet at the same time. At the moment I have one connected via the ethernet port and the other via the USB (yes I know that this is a no no Cor). So I guess I need to get an ethernet switch. So this brings me to my question(s):

1. What switch do you recommend?

2. Will I need to set up additional port forwarding rules through the switch as well (i.e. is it another gateway?)

3. Would it be better to buy a different ADSL router with integrated switch and more ethernet ports?

3a. And if the answer to Q3 is yes which is a good one. I want to be able to push more than the 512 max simultaneous connections through when using eMule.

Thanks.

BTW I am a noob so pleas be gentle.




jamie - 08.05.05 12:41 pm

hi i ve been trying for weeks to get shareaza to run with my voyager 205.
i ve recently learnt that shareaza need more connections than the router can handle.im happy that my router is stealthed in this way.saves all the fuss of software firewalls.but im missing using shareaza.my port forwards r all correct,and my port tests r fine.does any1 know a way to fix this problem with shareaza,connects fine,just poor results really.tried lowering max connections on shzaza but still the same.hope some1 can help or does anyone know which software to use to connect to gnutella
thanx peeps


deroo - 08.05.05 3:05 pm

right, I've been reading the comments here for over an hour, and although I've learned a lot regarding my particular problem, I'd just like to clarify a few things, here goes....

I cannot get winmx working. I have stealthed the router, I have edded the 4 rules for winmx, I haven't disabled DHCP as I've only got my PC and the IP address is always 192.168.1.3, I am using USB (I know before you say it :-D) - still I can't get this working. I noticed a guy named Drifterman had the exact same prob as me, and although he hasn't posted to say whether his issues have been resolved, I can only assume that getting a NIC and a switch has sorted him out. My ethernet port is used by my Xbox and I've not got a NIC in my PC. Do you know if there are updates to get USB working with p2p programs? If not, I will at some point get a NIC/switch and hopefully all will be ok. Can I still leave DHCP on seeing as I don't have other devices on the LAN (the Xbox is static because it had to be seup as a DMZ otherwise I couldn't host any games) and the PC alway gets allocated the same ip address (192.168.1.3) ? Any help would be appreciated and thank for all your great input, you should contract for BTcos you could make a fortune!! None of their helpdesk numpties kow anything!!

Thanks


Buzz - 08.05.05 6:41 pm

hi. ive been reading your tips and they are great. but i still cant connect. can you please help me to connect to wanadoo broadband via my bt vayager 205? any help will be gr8. Thanx


Grandad - 08.05.05 7:15 pm

Thanks for your assistance cor, we is now cookin' wit gas. The problem seemed to be in the settings for my internet connection. I had clicked the radio button for "needs a password" instead of "always on". I was confusing the need for a password to access my own personal space at the ISP with logging on to the net! Anyway the glory of broadband via ethernet has now reached my hideaway in the wilds of Argyllshire. If you want one, I can let you have a nearly new blue USB patch cord! smiley for :lol: Moran taing agus chi mi a rihist thu!


cor - 09.05.05 1:39 am

Grandad, you're welcome! (I wish I understood everything you said, I really do. Here on the East Coast, schools don't bother with Gaelic, even when you repeatedly request it! Things may have changed now, I guess.)

Truth is, sometimes I have to read things three different ways from three different authors before I understand them, but generally, if folk hang around here long enough, just "soaking" in the all this router talk, it definitely sinks in! good work, man!

Buzz, most of the settings should be the same for wanadoo as they are for BT, (ie. standard UK settings) ..
DNS = auto
VPI = 0 (zero)
VCI = 38
Authentication = CHAP
Modulation = G.DMT
Encapsulation = VC MUX
Encapsulation Protocol = PPPoA
so in theory, you only need to change the login username/password, and you're in. But I'm presuming you've tried that, so go to the wanadoo site and get their broadband settings, just to check there isn't any difference from the above. It may not be PPoA, for instance, so you'd need to change that.

Anyway, didn't wanadoo give you a modem with their package?

deroo, you deserve a medal! I even had to upgrade my "integer to words" php routine to handle thousands of comments! Yikes! (what a waste of code! I mean, who hovers their mouse over the links anyway?)

Okay, my advice is simple; if you have, or plan to have more than one machine connecting to the internet, get a switch! USB is way more trouble than it's worth; even at minimum wage, a switch will be way cheaper than all those hours you'll waste! Switch = £10, NIC = £3. cat-5 cables = $5. These items are a sound investment.

I really don't know what the trouble is with USB, though I've a few hunches. My sticker is still over the port, and it never occured to me to use it in the first place, USB networking just seems rediculous.

As to the BT contracting, how do get into that? I'm effin broke, and this sounds like an interesting possiblility! They've a lot of Voyager 205's out there, and it doesn't take a lot to be more knowledgable than their support staff!

jamie, firstly, there's a tweak to increase the maximum connexions from 192 (the default) to 512, this will definitely make a difference. See the main article, above the comments.

Also ensure you aren't uploading more than 24kb/s, which will max out your connexiona and everything suffers, that's total for your whole LAN. For Gnutella clients, see here.

BrD..

1. any will do, so long as it's not something that pretends to be more than a switch, spend around £10, go for "N-Way" capabilities.

2. no, effectively it should be transdsparent.

3. Possibly. You'd remove the limits, yes, but you'd quickly run into your package limits, ie. 15 or 30GB/month. the 205, setup correctly, has ample capacity to get your 30GB/month, and then some. A better router means you could happily eat your monthly bandwidth allowance every week. whether that's "better" or not, is a matter of personal opinion.

3a. Linksys make some good units, and the remote tech I've done on them has been swift and logical. Many companies make good units, and it's worth googling around the world's networking forums whenever you make this kind of purchase, the landscape changes often.

CdBee, welcome to our humble wee router page!

There has been some experimentation with flashing foreign firmware. We know that solwise firmware definitely doesn't work. You might want to load this page with all comments and do a keyword search, Ian had some success with "rtaplus_2.1.040827a1.zip" on the dynalink.com.au web site (rta100+ firmware), but it seems unlikely that a new flash will remove the max sessions limit, isn't that limited by available memory? The voyager just doesn't have the memory.

As to fort-forwarding, there is a limit of twenty rules, but as you can cover ranges, in practice there in't really a limit, one rule could cover all 65536 ports!

BitTorrent works excellently, and I've been pulling in 60GB/month easily with Azureus, folk just need to be mindful of the limits when they set things up. Our bandwidth is metered as from around now, so it seems kinda pointless to get some monster router to work with a BT ADSL connexion.

Spans, I don't understand how this works in the first place, 205 at 1.1 and netgear at 0.1, I have to presume the netgear has been assigned a WAN-side address in the 1.1 subnet so that the 205 will talk to it. Why not set it manually to 192.168.1.254 or something and try again!

Better still, run the 205 in bridge mode, or somehow pass all connexions straight through to the netgear (place it in a DMZ, for instance), and use the netgear for all the firewalling/port-forwarding stuff, effectively turning the 205 into a plain old modem.

for now..

;o) Cor


deroo - 09.05.05 9:55 am

cheers cor!! I think I will at some point gofer a nic/switch. Once I get everything sorted (cos I _will_ get it sorted) I'll post to let your good readers know the outcome.

Thanks again mate. later
deroo


Bael - 10.05.05 9:47 am

Hey, sorry for the absence the past few days xD been busy with work and RL issues....but hopefully it's all sorted now =D

btw Cor, I'm lost as to what to do lol, with EasyPHP, no matter what i do it will not work lol xD....it should defo work...as i'm using the same httpd.conf file that i used with XAMMP, and it worked, and i still have all my router rules setup so there should be no reason why it won't work, I also keep checking my dynDNS to make sure it's directed to my current IP(which it always is thanx to the router =P), i can connect fine on localhost, it's when i go through a proxy i get "could not connect...." and i've tried multiple proxies and tried google first with all of em xD I'm sure i haven't missed anything, could it have anything to do with me putting PHP in safe-mode, cus thats what stopped XAMMP working right =S or that i gave My-SQL a password, rather than jus "root"???
any ideas??

Thanx,
Bael


Rob - 10.05.05 3:09 pm

I was wondering if you had any ideas on this problem...

I was supplied a BT Voyager 240 Router when I signed up for their Broadband Voice package.
Now I've upgraded to OSX 10.4 I cannot get the setup to connect. When I switch back to 10.3.9 (I upgraded a duplicated partition of 10.3.9 in case) It all works fine.

I've been trying out a Voyager 205 Router with 10.4 and can get it to work ok. But I need to use the 240's 4 Ethernet ports to hook up printers/computers etc.

I get green lights all over and auto setups put in right info and it says i am connected ok but no webpages will load. Again swap it back to 10.3.9 and all same hardware/software/settings contact ok.

Any Ideas at all?

I cant seem to find anywhere any mac software for the 240 or firmware updates for it.


Bael - 11.05.05 2:21 am

It's gotta be something with the router that's stopping it working =S xD i've tried loads of stuff, even tried switching completely to port 8080, and when i use your port probe, before i make the nat/ipf rules i get "connection timeout(probably stealthed)" but after i make the rules and i try to connect i get "Connection refused" and it can't be that apache isn't running/listeining on the port, cus it's running and set to that port, i have no other firewalls installed....so i have no idea whats wrong with it lol xD

Bael


bael - 11.05.05 2:47 am

well scratch that lol.....it took me all day up untill 3.30am but i got there in then end =D but now theres another problem, some php/mysql things i installed, worked fine on localhost but for some reason, they wont work for friends or me on proxy, any idea why?? incase your curious what they are, sympoll, a poll thing ;) and this stats thing im not to bothered about, just experimentin wi stuff at the minute, I'm guessin it's got something to do with MySQL cus they are the only things on my server using it, and niether of them work for people outside my comp/me on proxy.

Thanx,
Bael

btw =P what happened to the edit function :) lol ;)


cor - 11.05.05 3:21 am

Bael, yer site looks fine! I just got a sleek, black 404 page! The poll thing looks to be sending browsers to an absolute http://localhost/... address, i.e, to their own machine! <-- your clue, sir!

I can't remember what your dyndns is, but connecting on your raw IP works just fine. You'll probably want to change that! (think about it) It might be best if you mail me with the webserver stuff, this page's comments are getting outta hand as it is! Or use the corz.org secret comment thread! smiley for :cool:

btw, the edit function is still there! but only *I* see it!

Rob, I can't condone using USB, it simply sounds to me like you need another ethernet switch in your network.

My mac's effectively dead, so I know almost zero about Tiger, but a couple of friends of mine have installed it without hitch. If you insist on using USB, probably you're best bet would be to pester BT for updated drivers, or maybe check out some other mfr's website for same (ie. Viking chipset modem drivers for Tiger), maybe solwise, or dynalink. Better with a cheap switch, though.

;o) Cor

ps.. look forward to that deroo, and hey! what about the BT contracting!?! smiley for :D

pps.. Bael,
<form method="post" action="http://localhost/sympoll/dovote.php">
there ya go!


Bael - 11.05.05 3:49 am

Heh.....It's kewl when i can figure stuff out with clues rather than you just tellin me lol =P twas so simple to =P tho just need get a friedn to makesure it works lol, cus i could get it to work for me on both proxy/localhost, though i've fixed something with the poll seriously wrong xD can't believe i didn't see it before lol, although i still dont know whats wrong with the site stats things, its logging all the visits, but not unique visits, eg from different users, granted it would only be 5 lol, localhost, 2 proxies, u, and one of my mates =P buts thats 5x more than 1 lol =P

Yeah lol....i figured while I'm thinking of something to do for a debut site i'd better have a pretty error 404 page lol :P

Thanx for "teh clue" :P
Bael


Bael - 11.05.05 3:51 am

btw one day will we be able to edit posts lol :P

and also...how would i go about resticting my site so that it can only be accessed from the dynDNS rather than the IP aswell?


cor - 11.05.05 11:26 am

I knew you'd figure it out!

as to the "resticting my site so that it can only be accessed from the dynDNS rather than the IP aswell?", I can see you have considered this! Aye, any old p2p-er could know exactly who they have at the other end of the connexion by simply loading your IP in a web browser, not clever!

As to your answer..

navigate to corz.org/inc/ and load up the comments script by itself, and ask me again there! (this comment file is almost a MB as it is!) I'll tell you all you need to know.

This is in lieu of me putting up a "general web serving issues" page, with comments underneath! which YES, you will be able to edit, at some point, when my "list" gets under control!

;o) Cor

ps.. have you seen my 404 page?


Pottsy - 11.05.05 2:32 pm

I have a Voyager 205 connected to ADSL with a Buffalo VPN Airstation behind it for VPN access to the network.
How can I get the Airstation to be seen by VPN? the WAN ip.
Do I configure the voyager to be a bridge? if so exactly what do I do to do this?
Please help..................


Bael - 12.05.05 10:31 am

oooo ow'd you get it to redirect to the page that sounds like what you were looking for?? i saw the 404 page for a second and then it redirected me to a foodprocessing picture lol =P

and i'm propa pissed lol....a gas company was doing work onthe gas mains on our road, and one of the workers driled through the phone line, so now i gotta wait for BT to come and sort it out xD in the meantime im using internet at a friends, and dropped a full mb in speed and using IE =( i've told him to switch to firefox but he's to stupid lol xD

Thanx,
Bael


cor - 12.05.05 1:15 pm

Bael, just delete ie when he's not looking, he'll thank you for it, eventually!

The cool 404 is a FREE download from my php scripts area.. "404, the intelligent 404 handler", it's pretty neat, even if I do say so myself. The "auto-jump" feature, by the way, is optional!

Pottsy, there are a number of ways I've suggested, but no one's really come back with any concrete results for any of them! I don't have the facilities to test that here (another router), what the ref guide recommends is this..

  • create an EoA WAN interface without an IP address;
  • create the Ethernet LAN interface without an IP address;
  • configure the EoA and LAN interfaces as bridge ports; and
  • enable bridge mode.

Though quite how that will work over a PPPoA interface is beyond me!

Download the 205 reference guide (links above comments), it's 795k, and flick to page 43 (section 5.8) and follow these steps there. Your best bet would be to export your configuration, apply any tweaks to the text file, and upload back to the router via FTP.

If you try and do all this "live", you might find you lose connectivity with the router. If your uploaded cfg file doesn't work, reset the router and try again. And if that works, let me know!

There are alternative methods, but this one, if it works, would be the best, as you will bypass the router's NAT table limitations (max IP sessions, etc). Other possibilities include placing your wireless router into a DMZ (you can configure the physical ethernet port as a DMZ also).

Eventually I'm probably gonna end up buying a wireless router just to get a definite answer on this one! If anyone is reading this and has successfully achived "bridge mode", PLEASE mail me your config file!

have fun!

;o) Cor


milo - 12.05.05 6:01 pm

hi im havin a problem with my bt voyager 205 well i think it is that , im using bitTornado to download files whenever i download a file , i get download speeds of under 10k! and upload speeds of 5k. why do i get so slow download speeds? .The ports BitTornado uses are from port 10000 to port 60000 setting on randomise. i connect to my router via ethernet.how cn i make my BitTornado have faster downloads? downloads on the ineternet are fine it is just BitTornado.Iv tryed using a program called 'Azureus' i still get slow speeds.

Also when i log in to my router via telnet 'telnet 192.168.1.1' it keeps saying this message every couple of seconds :

'Thu May 12th 18:51:27 2005 :WARNING : ATM VC Congested : Interface -aa15-0 PortId=7, Vpi=0, Vci=38'

It keeps saying that over and over again whener i run BitTorando.
Any tips? Cheers


Jay - 12.05.05 6:20 pm

Hi,

Just read all this and it looks like you've got my problem with the dropping bittorrent connection sorted (I'll test it when I get home from work).

What I was wondering is if you know of any problems relating to using an old pc with smoothwall on as my firewall, and if this would be particularly awkward to set up?

Thanks in advance.


Bael - 12.05.05 6:28 pm

Milo well first make bit tornado use ports 6881-6889 and switch randomize off(actually you can use any ports, just so long as you adjust the following rules for you router, you can also leave randomize on, but turn it off for now, we'll need it off for when we probe port 6881 ;) ), make sure you have setup a static IP on your puter,then telnet into your router and create the following rules(adjust 192.168.1.3 to whatever you made your static IP):

create ipf rule entry ruleid 6881 ifname public dir in act accept transprot eq tcp destport range 6881 6889 seclevel high medium low

create nat rule entry ruleid 6881 rdr lcladdrfrom 192.168.1.3 lcladdrto 192.168.1.3 destportfrom num 6881 destportto num 6889


then start a torrent downloading, and goto the "port probe" page of this site, probe port 6881 if you get success!!!! it's sorted and you should be getting decent download speeds provided you dont have any other firewall software installed etc, as for the router warning you get in telnet, Cor will have to help ya with the lol =P

Cor well my connection is sorted...good ole BT =/ lol....think i might have to do that to him....he won't know what to do lol.....he's pretty simple....he'll be lost without IE

Jay if you plan on using the old computer with your voyager 205 you don't need a firewall installed at all.....in fact it's reccomended you don't have one installed when using the 205, the router does it all for you :)

Bael




Adan - 12.05.05 11:39 pm

After getting my new BT Voyager 205 Router, and following the helpful guide in here, my emule can now fully connect... but as soon as I do this... my internet connection is killed, ie: internet explorer stops working and anything else for that matter.
What am I doing wrong?
Please help!!!!

Adan.


Bael - 13.05.05 2:43 am

Adanthe most common cause of this is having your router connected to your puter using USB rather than ethernet, if this is the case, switch to ethernet!?!?!?!

Bael


cor - 13.05.05 6:13 am

Yeah, Jay, it's pretty boring having the voyager 205 as yer internet gateway, in the days before, there was always some interesting exploit or other in progress, some battle of kung-fu, but now it's all quiet in the LAN, nothing penetrates! Smoothwall is pretty good, but like Bael says, not really necessary.

milo, don't worry about the messages, we all get them. It's just part of the fun of "consumer" broadband, 50:1 contention ratios and all that.

for now..

;o) Cor

ps.. My host is playing funny-buggers just now, I can't load the "real" version of corz.org, remember there's a mirror here at corz.ath.cx, comments are synchronised hourly (currently corz.org comments replace corz.ath.cx comments, though I might yet get around to a "proper" sync, so that you can use either comment form, in the meantime, watch out!)


paul - 13.05.05 7:10 pm

hey, just recently bought a bt router and tried to get ftp running from out the box, no luck so went on the net found your site, solved my problems simply and clearly. Iv also noted my router is now stealthed and passes the 'shields up' test. Thanks :)


Richard - 13.05.05 10:48 pm

Automatic firewall removal no longer works with Firmware 1.6. The ability to connect to the router Via Telnet, or HHTP is lost after installing the update, and running the script. Funnily enough the router still works ok, though you can't talk to it anymore.

Thanks for all the tips on these pages BTW very usefull.

p.s.

Any chance of adding a way to add your own IP to the links to the hidden pages, as not everyone has the default config.


Idiot#1 - 13.05.05 11:17 pm

Wonder if you can help:

I did something really dumb. I was trying to set up port forwarding for my BitTorrents. I used the Telnet feature. I used the recipe that you have under Port Forwarding and then I pulled up the two recipes that you have under Bitorrents (Firewall and NAT).

One (or maybe two) of the recipes I just cut and pasted into the Telnet, without correcting the IP address to be that of my computer.

So now I have internet access without any problems except for my Bitorrents, which just sit there trying to connect. And you guessed it (this is the idiot part) I didn't save the configuration prior to messing about with it. I skipped right over the section where you clearly say to save your current configuration.

Anyway do you have any ideas on how I can fix it. I have tried to download the newer version of firmware. Tried to restore the defaults via the http://voyager.home and by pushing the pin hole button on the back, but no luck.

Any ideas, or am I going to the store to buy another router?




cor - 14.05.05 1:25 am

Idiot#1, you fixed it! you just don't realise you did! Think about it; first you had no BT (no incoming, at any rate, the default), then you applied the (wrong) rules, so you really had no BT, then you reset the router, so now you're back to regular no BT like all default users. You simply need to apply the hacks again, except with the correct IP address this time!

Richard, yeah it does! In fact, I wrote it after upgrading to v1.6 myself, so perhaps it doesn't work with earlier firmware (it does), but it definitely works with 1.6! Did you use the firmware from my public archive? BT have been known to alter firmwares but leave revision numbers the same, just to confuse us!

I don't know why you can't connect to the router by http or telnet, that seems very strange. Perhaps the flash wasn't 100% successful. Might be worth trying that again. What about FTP? Maybe grab the config and see what's up with the http/telnet access.

As to the pop-up pages, there's already a way! This is one of the main reasons I made the php source available (links below the selectors themselves) you only need to make one small edit (you'll spot where) and tada! All the choices are automatically updated.

If you don't have access to a webserver to run the php source (and these days, there's really no excuse for that!) let me know your router's IP and I'll chuck an altered copy somewhere here on corz.org for you to grab the HTML from.

for now..

;o) Cor


Idiot#1 - 14.05.05 9:49 am

OK,

Here is more of the history: It was working and downloading BT's at a decent speeed. I noticed however that other people were able to get the same file at a much greater speed ( 12 kb versus 50-60 kb) I had plenty of bandwidth, so I thought it must be something else causing me to be a bit slower then the other folks. Then I read something on the one of the BT sites about how firewalls/NATs do hender your ability to get/give torrents. It explained that even if you are getting some flow through them using the automatic port opening feature that BitComment (and others) have, you are not getting as much as you should. Made sense to me, so I attempted to open that port up in my Voyager, similar to how I opened it up in my Netgear wireless router.

So in an twist of irony, I went in to speed up the BT's and completely shut them down.

I tried reloading the rules, but no luck. I went to the GRC.com and tested the port in question (6881) which shows up as "Stealth". So they pinged it and my computer did not respond, which is what my problem is. Turned off the XP firewall (allready had that off). Turned off the Norton Internet Security firewall (but I already had my BitComet as one of the trusted programs that could open ports if it wanted to so that shouldn't be the problem).

Is there a way to turn the BT Voyager into just a modem and let my Netgear wireless router do the routing?

Or any other ideas you have would be greatly appreciated.




LJH2005 - 14.05.05 1:44 pm

Ok feel like I am banging my head against a brick wall here, BT Sent me a Voyager 205 to keep my custom ( Was going to switch to UKOnline no restrictions ).

My previously working FTP now doesnt work whilst using the 205. Here is a list of the rules I have applied to try and get somewhere alas to no avail.

Secret Admin Page Selector!

Reset

Advanced Security IP Filter

Set to high

Advanced System Backup Config

Config Saved

telnet 192.168.1.1

Logged in

Note :-
*******************
Welcome to Viking
*******************

GlobespanVirata Inc., Software Release V1.1
Copyright (c) 2001-2003 by GlobespanVirata, Inc.

My Router reports v1.1 which is a different Software release to yours which reports v1.6 (Now upgraded firmware to V1.6)

stealth and security

create ipf rule entry ruleid 5 dir out act accept storestate enable seclevel high medium low
create ipf rule entry ruleid 500000 ifname public dir in act deny seclevel high medium low

modify fwl global blistprotect enable attackprotect enable dosprotect enable

Static IP

Control Panel Network Connections Local Area Connection Properties TCP/IP Properties

Use the following IP Address

192.168.1.5
255.255.255.0
192.168.1.1

Use the following DNS server addresses

192.168.1.1
212.159.11.150

create nat rule entry ruleid 100000 napt

Stealth Checked and passed via GRC.com with Blacklist Disabled

create ipf rule entry ruleid 2121 ifname public dir in act accept transprot eq tcp destport range 20 21 seclevel high medium low

create nat rule entry ruleid 2121 rdr lcladdrfrom 192.168.1.5 lcladdrto 192.168.1.5 destportfrom num 20 destportto num 21

create ipf rule entry ruleid 50000 ifname public dir in act accept transprot eq tcp destport range 50000 50100 seclevel high

medium low

create nat rule entry ruleid 50000 rdr lcladdrfrom 192.168.1.5 lcladdrto 192.168.1.5 destportfrom num 50000 destportto num 50100

Using Bulletproof to run the server and it reports that it is connecting to 192.168.1.5 on port 21 and flashfxp to connect to server.

Flashfxp trys to login but fails reporting 530 Not Logged In.

Using Dyndns.org & its DUC Program.

GRC reports all ports stealthed.

When attempting to connect to the server through a browser all it does is connect to the router .

Now thanks for reading this far sorry its so long but trying to be as comprehensive as possible :) any assistance you can offer would be more than appreciated and maybe then I could get all this techno babble out of my head.

Cheers


Blacksheep - 14.05.05 2:43 pm

Hi i'm running DC++ 0.668 and have opened up the relevant ports that i'm using. However when it comes to searching i get the message

Your direct connect client has supplied an invalid IP address in a connection request (client sent Missing, you have xxx.xx.xxx.xxx)

there were square brackets round the 'Missing' but post got upset if i left that in.

where xxx.xx.xxx.xxx is my ip. I