Help! Dynamic IP + Port Forwarding

Hey I could use some major assistance with this stuff. Just to start off, I've googled this and can't really find anything that I can use. I've read through portforward.com as well. I'm not a complete waste; I've set up my home wireless network with WPA. But I just can't get this, it's over my head.

System Info:
Comcast internet
Netgear wrg614v6
XP machine with the router, Vista on the wireless computer

Reason - online game on the wireless computer

So the easiest thing seems to be to get a static IP. But from reading around, Comcast doesn't like to give out static IP to residential customers unless you want to pay more (I don't really). Assuming this is not an option...

That leaves me with a dynamic IP from DHCP. I tried to just use my dynamic address to set up a port to see if it works, but my router keeps giving me errors. I used google to find my current IP address but the router won't accept it. The router says the "server ip address must be a lan ip address". But it won't let me use the router address either - "server ip cannot be router ip". I also looked in the network connection properties TCP/IP panel but the IP is set to automatic and there are no values present. So I'm thoroughly confused at this point.

Questions (long intro I know )
1. How do I find out my current dynamic IP?
2. Using this dynamic IP, I can open ports correct? And I would have to monitor my IP address to make sure it hasn't changed. If it has, can I just redo the port settings using the new dynamic IP and it would work?
3. I've seen that I can also try a DMZ, but have seen others warn against it for security. In settings, the router wants an IP - can I even use DMZ (should I?) with a dynamic IP?
4. If a DMZ removes the firewall, would disabling my firewall be the same thing - basically opening up my computer? Could I disable firewall, go online for a game session, then enable it again? Or is this very bad?
5. Any other options for me?

Thanks for any help. I've toiled with this before a few times and have been left a broken, bitter man. I need to beat this!

 

I've had problems with this sort of thing before. So just to confirm, the XP computer is connected directly to the router with ethernet or USB? The dynamic IP should be reported by the router, look for a diagnostics section or something. Ports are related to the firewall, nothing to do with static or dynamic IP. DMZ forwards all ports to your computer so the DMZ IP will be the LAN IP of the computer you are playing games from. Its not quite the same as disabling the firewall, the firewall is equipped with other features like attack detection, all DMZ does is open all ports and forward them to your computer which can be risky. But once you actually get it to work you can narrow down which ports you actually need open and just open these selectively.

EDIT: Just a note I think the DHCP setting on the router refers to the local network, not the internet. Generally there is a separate option in the configuration for your router to get an internet IP automatically or use a manually set one.

Grand Admiral

 

comcast i believe is a DSL provider...from my experience DSL provides a modem/router...you'll have to get into the config page of the DSL modem/router...using a single computer...not through a router...set the DSL modem/router in VC Bridge mode...this disables the DSL modem/router from assigning DHCP addresses...after doing this bench set up your router (cat5 from pc to LAN port on router) up in PPPoE mode using the same user name and password that is configured in the DSL modem/router...should be good to go

Edit: while the single pc is connected to the DSL modem/router and after you've set VC Bridge mode...do a command prompt ipconfig/all. doing this gives you all the network info you'll need for your router...default gateway...starting IP address...DNS servers...your real world IP will change...but your modem will always broadcast its same LAN address...example 192.168.1.1...but if you run an IP check through an online IP check service you'll see your real public IP and not the LAN IP the modem is now putting out in bridge mode...anyway in short it's similar to a static IP but only on the LAN side of the modem not the WAN side...hope this is not to confusing to you

 

Comcast has cable, as far as I know. They may also offer DSL, but I'm sure they primarily serve cable/FIOS.

1) www.whatsmyip.org
5) Switch providers? I really dislike the way Comcast is starting to deal with things, and the path they're headed down.

 

Are you going through the provided router as well as your router? Comcast is a cable provider, not dsl. But they do use MAC FILTERING to control access. If you using a different router you need to clone your mac address of the mode/router used to setup the account into your routers WAN/Internet port.

comcast modem/router ---> your router --> your local lan (wired and wireless).

If this is the case you need to set comcast router to bridge mode so it will pass things through to your router.

 

Thanks for the replies so far. Just to clarify: I have Comcast cable using a Motorola Surfboard SB5101 (I don't think it is a router?). The Netgear router is set as DHCP server. My setup is as blue68 stated: Motorola modem --> Netgear router --> wired and wireless computers.

In response to above questions:
The computer directly connected to the router via ethernet has XP on it. I was planning on gaming on the wireless pc (with Vista).
I hate Comcast and would gladly switch but it's not an option now. (waiting impatiently for FIOS)

OK, I used ipconfig/all and was given an IPv4 address. When I check the router under attached devices, I see the same IP address. This value also falls into the range of values that is set in the router for IP addresses.

However, when I check my IP on the web I get an address that is completely different from start to finish. This is the address that I attempted to use initially but the router would not accept it during the set up of ports. Also, this address is listed in the main menu of the router as the IP address.

A#1, that is a bit confusing Could you explain a little, or do you know of a reference I could check? Thanks guys.

 

I'm a bit confused about what it is you're trying to accomplish, but from the looks of it, you seem to be attempting to open certain ports or even completely Demilitarize your Public IP address assigned to you by Comcast. The latter is not possible, you cannot open ports to a Public IP address (ranges from 11.0.0.0-172.15.255.255, 192.169.0.0-255.255.255). None of the aforementioned address can be assigned nor configured in a LAN. If you need to open ports or demilitarize and IP, you need to do so on the Local IP address given to that PC; this address will usually start with a 192.168.x.x. Use that IP as the host to open ports on and you should be fine.
If anyone else has networking questions, feel free to ask.

 

Thanks amoney. Yes, I would like to open specific ports. I have local IP addresses that begin 192.168.x.x. I guess my question now: I have separate local IP on my network. Which IP address should I use? I tried the router IP, 192.168.1.1, but the router wouldn't let me use it. That leaves me with the local IP for the wired computer and the wireless computer. When I open the ports, do I only open them to the wireless computer? Or do I have to open the ports to both computers? Thanks a lot


Oh and 1 more thing: If I get this sorted out with the router, will I have to open the ports in Windows Firewall as well?

 

If you're trying to set your Netgear router up for portforwarding, what you'll be doing is telling the router to forward network packets that come in addressed to a specific port on to a particular machine on your local network (i.e., a machine that sits behind the router, with the router between it and the internet).

Specifically, if you go to the portforwarding section of the router's administrative webpage, you should see something that looks like the attached image (which I clipped from the Netgear Reference Manual).


With reference to that image, first you should click the radio button named "port forwarding," next, you should choose from the drop-down menu the particular service that will be using the forwarded port (i.e., what's going to be coming in from outside), finally, in the four form fields under the (misleading) heading "Server IP Address" you should type in the local IP Address of the particular computer to which packets coming in for the service you've chosen should be sent.

So, let's assume for illustration that you were running a private webserver on one of your machines to which the local IP address of 192.168.1.99 had been assigned (which IP address should also be "reserved" to that machine, see below). What you would do is, from the pull-down menu, find an entry like "HTTP" (I think that's what Netgear uses to refer to incoming web requests), next you would type 192.168.1.99 into the four form fields under the heading "Server IP Address" and, finally, you would click on the "Edit Service" button if you needed to change any of the default settings.

For example, the default port number for HTTP is 80, so once you set up port forwarding to forward HTTP requests to IP 192.168.1.99, the router would fill in the blocks in the table at the bottom so it would look something like this:

#	Service Name	Start Port	End Port	Server IP Address
1	HTTP	80	80	192.168.1.99

If, however, you were running your webserver on port 7854 (I dunno, maybe because you wanted to limit the number of "accidental" tourists ), you would click on the "Edit Service" button, which would bring up another page that would allow you to change the start and end port numbers to 7854, so that afterwards, the table above would look like this:

#	Service Name	Start Port	End Port	Server IP Address
1	HTTP	7854	7854	192.168.1.99

And, if you wanted a range of ports forwarded to that machine, say ports 7854 through 7902, you would put those numbers in as the start and end ports, respectively, and the table would then look like this:

#	Service Name	Start Port	End Port	Server IP Address
1	HTTP	7854	7902	192.168.1.99

Finally, if you want to add a service that isn't described on the drop-down menu, you would click the button "Add Custom Service" which will bring up a page that should look like this:


Based on my discussion above, hopefully this part should be more or less self-explanatory at this point. Let me know if it's not.

Now, the only fly in the ointment is that I cannot tell for sure whether or not your Comcast modem/router, which sits between the Netgear router and the Internet, is going to cause any problems with this - basically, you'll need to check with the users manual for the Comcast modem/router to see if it filters out incoming requests to certain ports - some ISPs do that in order to reduce the amount of incoming bandwidth that gets used (basically, they don't want you running a commercial or public website from behind a private, residential internet account).

Provided that the Comcast modem/router doesn't present any issues, to get back to my example, let's also assume that the public IP Address Comcast assigns to your account is currently set as 74.73.201.109 (I'm just making it up), and that you've used a dynamic DNS service to relate the URL hereiam.nobody.org to your public IP address, including all sub-sub-domains such as www.hereiam.nobody.org. If someone whom you wanted to access your private webserver were to type in http://www.hereiam.nobody.org/, that person's browser would obtain the IP 74.73.201.109 (I'm ignoring ISP subnetting issues here, of course), and the GET HTTP request would be sent to 74.73.201.109:80 (that is, to port 80 on your public IP address). alternatively, that person could type in hereiam.nobody.org:80/ and get the same result. Now, if you've changed the port numbers from the usual ones, as in the last part of my example, then a person attempting to access your private webserver would have to type in something like http://hereiam.nobody.org:7854/ (basically, if you're not using the standard port for, e.g., HTTP, you have to specify the port at the IP address you're attempting to make a connection with).

Lastly, as to "reserving" an IP address: the Netgear router can reserve a particular IP address for a given MAC address so that the same IP address gets assigned to the same machine each time; you should do this with whatever computer you want the ports to be forwarded to so that they always get forwarded to the same computer; otherwise, you'll be at the mercy of the DHCP server on the router, which will assign IP addresses willy-nilly, and will cause big headaches with your port forwarding scheme.

 

You would only open it on the local IP of the PC you're running the game on. I would advise that you DO NOT DMZ this IP, as it is a computer IP is susceptible to attacks, unlike game consoles which are less like to suffer any of the latter.
And yes, you will need to adjust Windows Firewall accordingly, unless it asks you to unblock initially since that would configure the settings automatically.
Also, what exactly is the issue you're having with the game? Is it joining certain people?

 

Alright, I think I have this setup properly but I'm not sure if it's working. I DLed a program to test ports but it says they have all failed.

Thanks shyster, I don't have the manual so that was useful. I followed the steps you outlined. I also reserved the local IP for the pc in question and when I restarted the router, the pc's IP address changed! I tried it three times, but the settings won't stick.

As for port forwarding, I don't know what's wrong now. I've used the local IP address (192.168.x.x) at the screen shyster posted. I even unblocked the ports on Windows Firewall, and of course I unblocked the program application.

I also did some more searching on the Motorola; it seems to only be a modem with no user configurable settings. I was able to pull up the status information page, but there isn't anything I can change besides a system reset. I hope Comcast isn't blocking traffic - I know they were and still are blocking torrent traffic.

Is there a way to test the ports and make sure that they are open?

EDIT: amoney, I'm having trouble finding servers that I can connect to. Very high ping across the board. Then, once I find an acceptable server, the performance slowly worsens until I either have to leave or I get booted on map/level changes.

EDIT2: Just to note, I have never had an issue with online performance. The solution for this games MP issues includes port forwarding.

 

@billiam:

The IP Address may be changing because the computer in question is continuing to request a new lease on its old IP Address, and the router is simply granting the new lease - in other words, just because an IP Address is reserved to a machine, doesn't mean that it has to be assigned to the machine under all circumstances.

There should be two solutions (at least) to the problem:
1) just go with the currently assigned IP and make that the reserved IP; that way, the computer will keep requesting the same IP and will always get it; or

2) with the reservation set in the router, flush all of the IP configuration data from the computer's network adapter. That should force the computer to request a new IP address from the router instead of asking for its lease on the old IP address to be renewed, and the router will then, graciously, assign it the reserved IP address.

 

As the above poster said, make the current IP the reserved IP.
You can do this with netgear routers by navigating to the page that allows you to reserve a given IP address by inputting the devices MAC and the desired IP along with a "Nickname". On this page, instead manually typing in the information, there should be a list of devices that are already connected, simply pick the corresponding mac address to the PC you're on and it will auto-fill the fields. Now hit add/apply/save. From here on out, the device should hold the same IP.
As for not being able to connect, somethings to verify include, but are no limited to: MTU Size (make sure its >1365), any other firewall software (trying disabling all firewalls to rule them out, make sure you forward the UDP ports, see to it the UPNP is enabled, etc.
To test if certain ports are opened and functioning, use the built in windows telnet command to ping your local 127.0.0.1 ip followed by a colon and the port so "telnet 127.0.0.0:80" is what you type in CMD>
If you're on vista you will need to enable this under Windows features in the control panel.

 

Or you can use Microsoft Network Monitor 3.1.

One reminder regarding port forwarding, though. Only one machine can use a specific forwarded port at the time.

One question, is this just for gaming, or you are getting ready to access your network remotely? No, that I can add anything beyond of what the other guys have said already, but I was just curious.

 

I have a netgear router and sometimes experience the same thing when Using DHCP. I can reserve an IP address for a certain PC, identified by MAC address, yet the router sometimes assigns this PC a different IP address, although it will never give the reserved IP address to anyone else.

 

I would reset the router back to factory settings and start over. Setup the reserved IP first. Then setup the DynDNS for the dynamic IP. Then setup the port forward. Comcast blocks alot of ports, mostly torrent, and web hosting. There are several sites that scan your ports to check what is open, and scanner software for your local pc.

My Netgear router reserves IP very well and never causes an problem unless I do not have the range set large enough. I thought 20 would be large enough but guess not. In this case it will use a reserved IP if one is not being used.

 

Thanks for the solutions guys. I'll have some time at home tomorrow morning so I'll try to get the IP reserved. As for the ports, I ran telnet before and I received an error (can't remember it now). I'm beginning to think Comcast might be my problem now. Anyways, I really appreciate all the replies and I'll update tomorrow when I get the IP situation sorted.

EDIT: Woohoo! 300 posts!