STAR TREK 2d20
Page 1 of 37 12311 ... Last
  1. #1

    FG Knowledge Base - Firewalls

    I've had in my mind to make a community-driven knowledge database to help people to configure their firewalls for Fantasy Grounds. This is not a complete tutorial on networking for Fantasy Grounds, but it's a start. My hopes are that the devs make this thread sticky so that new users can find it easy, and that all other users in this community make similar entries about their firewalls. Also, please keep this thread as clean a possible, thank you!

    I'll start by making the first entry, to show what I had in mind and to set a template for other entries.

    Step 1: Setting a static IP-address

    **NOTE: The screenshots in this section are from a swedish OS. If someone could provide me with similar screenshots but from an english OS that would be greatly appreciated. Mail the screenshots to: crusader (a) harn (dot) se. Thanks!

    This is writen from the perspective of using a hardware firewall/router, and it is something that only the DM/GM need to do. The reason to set a static IP is that the firewall needs to know what IP it should forward the incoming requests from the players to.

    If you do not have a hardware firewall/router, or a xDSL- or cable-modem that also acts as a firewall, then you shouldn't set a static IP.

    Open a DOS-prompt and type

    ipconfig /all
    This will show you your current IP-configuration, and it will give you most of the information that you need:



    What you need to configure on your PC is:

    • IP-address
    • Subnet mask
    • Default gateway
    • DNS-server


    The ipconfig-command gives you all this information except the IP-address. To know what IP-address to use you need to look at the subnet mask. This shows which of the octets in the IP-address identifies the subnet, and those octets are fixed.

    So in the example above, the subnet mask is 255.255.255.0 which means that 192.168.1 is fixed and 3 is the part that we can change. To know what we can change to we need to find the DHCP-scope of the firewall. Find out how to do this in the firewall-tutorials below. The scope consists of those addresses that the firewall can hand out dynamically, so you shouldn't use any of those addresses.

    Example:

    The DHCP-scope of the firewall is 192.168.1.3 to 192.168.1.51. When we choose an address, given that the subnet mask is 255.255.255.0 and the default gateway (the IP-address of the firewall) is 192.168.1.1 - it means that we can use 192.168.1.2 or 192.168.1.52 to 192.168.1.254.

    Say for instance that we choose the address 192.168.1.200. Open up the setting for the network interface:



    Select the 'Internet Protocol (TCP/IP)' entry and click properties:



    Instead of assigning the address dynamically, configure the PC of using the IP-address that you have chosen as static IP. Make sure that the netmask, gateway and DNS-server is exactly the same as listed by the ipconfig-command above. Click OK and OK, and make sure that you still can connect to the Internet.

    Step 2: Configuring the firewall

    NOTE: If you don't find your particular brand of firewall below, look at the examples here and see if you can figure it out. Otherwise, post a new thread about it and we'll try to sort things out. If you have a working configuration, please add to this thread following the same format as below to show others how you configure that particular firewall.
    Last edited by Crusader; April 9th, 2006 at 11:50.
    Honor et Gloria

  2. #2
    Netgear WGT634U

    For the DM

    Finding out the DHCP-scope

    This information is to find what IP-addresses to avoid when you set a static IP-address in the step above.

    To find out the DHCP-scope on the WGT634U, click on LAN IP Setup in the menu to the left:



    In the screen above, we can see that the scope is 192.168.1.3 - 192.168.1.51. This means that you shouldn't use any of those addresses for your static IP-address.

    Configuring Portforwarding

    Under Advanced, there's a menu entry for Port Forwarding/Port Triggering, click it to get the following screen:



    Click 'Add Custom Service':



    The service name is just a name to make it easier for your reference, so a good idea is to name it FantasyGrounds. Service type is TCP, and both the starting port and the ending port should be 1802. The Server IP Address should be the same address as you chose as static IP for your PC earlier. For my example i chose 192.168.1.200, so that is why I've entered it in the screenshot above.

    You should end up with an entry looking like this:



    Time to start up Fantasy Grounds and have someone connect to you to see that it works. Note that the player should connect to the external IP of your firewall, which is shown under Basic Settings.

    For the player

    The WGT634U is open for all outgoing traffic, so there's no need to configure anything to use Fantasy Grounds as a player.
    Last edited by Crusader; April 9th, 2006 at 11:52.
    Honor et Gloria

  3. #3

    Join Date
    Apr 2007
    Location
    Mississippi, USA
    Posts
    1,073
    One thing that may come up is if you have a router/modem with a firewall connected to a router with a firewall which is then connected to your computer. In this case you would need to forward the router/modem to the IP of your router which can be gotten with start->run->cmd ipconfig (default gateway) on windows XP (not sure about vista). Then from there you go into your router and forward your port to the computer you are using. Which is the ip address from ipconfig.The port that is used by default is 1802.
    Last edited by lokiare; June 26th, 2008 at 06:38.
    Support:
    https://support.fantasygrounds.com/
    Have a suggestion for a feature? Go here https://fgapp.idea.informer.com

  4. #4
    Excellent post! I don't have the same router that you used in your example, but I configured mine without a problem. Thanks for the help!

  5. #5

    Networking help, please?

    I have an Actiontec MI424WR router from Verizon FiOS, and the screens are absolutely unlike anything in this thread. However, if I was able to follow the idea correctly, it seems my router has "occupied" the IP addresses 192.68.1.2 through 192.68.1.254, which would be all of the available ones. Any idea how to proceed, or any idea how any of this works with the Actiontec?

  6. #6

    Join Date
    Mar 2006
    Location
    Arkansas
    Posts
    7,376
    I have this router. If you are like me the manual doesn’t conform to the latest firmware so there are differences between it and the actual menus.

    This router is suppose to be “friendly” in you don’t need to change the range of dynamic addresses to make a local IP static - thus it is fine that all addresses are listed in the dynamic range. This is because you can check any assigned address and tell it to be static and the router does this even if you address falls in the dynamic address range. This is suppose to make it easy, but – of course – what it really does is make it confusing as hell until you realize the DNS server’s dynamic range doesn’t matter.

    To set up this (and any other router) to host FG you need to do three things - open the port, forward the port and make the local IP of the server static. On this router do the following:

    1) Make the local IP address of the computer that you are going to host the FG server a static IP. You want to do this so that local IP is never assigned to a different computer which will break port forwarding. You need to boot up the computer that is going to host so it is assigned a lease.

    Hopefully we have firmware that is about the same version so the steps are identical. The first thing to do is log into your router with your browser using the router’s local IP address. Click Advanced at the top and say yes to the “cover your butt” warning. Click “IP Address Distribution”. On the next screen you should see a button that says “Connection List”. Click the button. You should see a list of computers connected to the local network. Click on the name of the computer you want to run the FG server. This should open a window with the name, local IP and MAC address of the computer. At the bottom is a check box to make this a Static Lease Type. Check the box then click the Apply Button. That computer now has a static lease so it’s local IP address will never change.

    2) Next you need to port forward anything that comes in to your router’s external IP address on port 1802 to your computer that hosts FG. Because this is “friendly” router it will automatically handle the third step of opening the port too - once you set up the port forward.

    Click Firewall Settings, then say yes to the “cover your butt” warning. On the left side menu click Port Forwarding to go to the port forwarding screen. Underneath the Networked Computer / Device colum you should see “Add” in red. Click it. This will bring up the Add Port Forwarding Rule screen. On the Networked Computer / Device line click the Specify Address drop down and select the name of the computer you setup for the static lease. On the Protocol line next to the Specify Protocol dropdown is “Add” in red letters. Click Add. This brings up the Edit Service Screen. For the Service name Type in FG Server or something similar. Under server ports in the last column called “Action” click the graphic with the “New” tooltip.

    This should bring up the Edit Service Server Ports. On the Protocol line click the drop down and select TCP. This adds another line to the screen. For Source Ports click the drop down and select Single. Then fill in the empty box that appears on the same line with 1802 which is the port FG uses. Do the same thing to Destination Ports – selecting single and 1802 and then click the Apply button at the bottom. This brings you back to Edit service. Click that Apply Button. This will bring you to Add Port Forwarding Rule. Make sure the “When should this rule occur?” line says “Always” on the drop down. Click that Apply Button. This should take you to the Port Forwarding screen you started in. Make sure your new rule is checked. That should be it. Good luck.
    Last edited by Griogre; January 22nd, 2010 at 21:00.

  7. #7
    Valarian's Avatar
    Join Date
    Mar 2007
    Location
    Worcestershire, UK
    Posts
    2,567
    Quote Originally Posted by King Joey
    I have an Actiontec MI424WR router from Verizon FiOS, and the screens are absolutely unlike anything in this thread.
    The FAQ includes a link to a very good website on port forwarding, giving instructions for several routers.
    The link for your router is: https://www.portforward.com/english/...WR/default.htm
    Using Ultimate license - that means anyone can play.
    Valarian's Fantasy Grounds Rulesets

  8. #8
    This post got me up and running for the first time since I've owned the software. Thank you!

  9. #9
    Maybe that was just explained but I didn't get it straight...
    The problem is the following: I am using windows 7 64 bit but I am not able to connect, how do I do it?
    Shadowrun DM
    Shadowrun Magic-User
    Fantasy Grounds user
    D&D3.5 Mage

  10. #10

    Join Date
    Mar 2006
    Location
    Arkansas
    Posts
    7,376
    You need to be a player in a game to connect to a server. The GM of the game will normally tell you how to connect by giving you a server alias. You can only connect when the GM's server is up.

    Specifically you need to start FG, click the Join Game button, input your user name for the game and the alias or server's external IP address. If your GM is on the same local LAN as your computer then instead of an alias or external IP address, you need to connect to his server by using the server's *local* IP address which he will have to tell you.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
DICE PACKS BUNDLE

Log in

Log in