NAT / DMZ and port forwarding problems

[Antagonistix]

Hi All,

I have just been upgraded to an 8MB/576 DSL line. It seems for me that now, unless I assign my Internet public IP to my PC, ie if I put it in my DMZ completely open, I cant get utorrent to run properly.

I had a DSL modem before which I guess gave me a direct Internet IP anyway. But I was hoping I could keep my private 192.168.x.y address and apply PAT only, and forward a port.

The other problem I have is that even in the DMZ, I have to configure my router to port forward, and even then I HAVE to use port 6881 or the port forward test fails and I get a yellow triangle.

Anyone seen this before ? Anything I can do to keep my private address and not be so open on the internet ?

Many thanks in advance. I only got my new 8MB connection yesterday and am yet to see the benefits !

:-)

[jewelisheaven]

... If your modem has router functionality you should already have a Private reserved IP. Start->run->cmd /k ipconfig /all What does it say for your IP address there? DMZ is bad, in most implementations of routers.

[Antagonistix]

Hi,

My IP is the internet address my ISP has given to my DSL router/modem.

I dont want to type what it is here but its a class B IP from my ISP.

I used to have a cable modem plugged into my USB. Now I have a standard dsl router.

I am fairly IP aware and I have set up a static IP on a private address (192.168.x.y) with DG and DNS set to my DSL router.

I have tried portforward.com suggestions and tried a private IP with only port forwarding set up and I get a yellow triangle and fail the port forward test unless I set the port to 6881 and make a port filter on my router for that port.

Higher order ports do not work for some reason, I tried TCP and UDP both on several ports.

The only way it works succesfully is if I tell my router to put my PC in the DMZ and it then assigns my HA (host adapter or NIC) with the IP of the public internet address (Class . Oh AND if i set up a PAT to forward port 6881 on TCP only.

I really dont like being this naked on the internet - what can I do ? I have followed all instruction on portforward.com and a fixed private address with a PAT on any address gives me a yellow triangle and the trackers are "actively refused" - you know that familiar error ?

Thanks

Help !!!!!

[jewelisheaven]

If you can forward the port in your modem+router for 6881, what stops it from using the higher port like 50000?

If you're setting a rule and you still don't connect unless you go DMZ it's possible that rule is not affected at all. Does the How-To help at all?

Additionally I use http://www.canyouseeme.org and http://www.utorrent.com/testport.php?port=YOURPORTNUMBER and https://www.grc.com/x/portprobe=YOURPORTNUMBER to test open ports.

Also a nice easy way to test your connection is with OpenOffice Torrents which will verify whether or not your ISP shapes bittorent traffic. You can start running it as is right now and it will likely maximize your connection. If not, you can try changing the Ctrl-P -> BitTorrent settings and starting the torrent again. The setting that helps most people is "Forced" encryption and untick "allow legacy"... this puts you in fully encrypted connections between peers so that the network hardware ISPs have to sniff your packets cannot tell whether it's encrypted HTTP or VPN traffic or BitTorrent traffic.

[Antagonistix]

Thanks for your response Jewelish.

I will try the links you gave me.

I have tried the slackware torrent to test my connection, and it only moves when Im in the DMZ.

I cannot for the life of me understand why any other ports, other than 6881 dont work when I set an application sharing filter in my Thomson speedtouch router. That is the way ports are forwarded - you create an "application sharing instant".

6881 - was a predefined port called ABCtorrent client - ie i did not make it. filter. When I make a new one by cloning it and changing the port number to a higher order port - say 32768 for example, the port forward test fails and i get a yellow triangle.Same happens if I try to modify the ABCTorrent.

My firewall is open for utorrent.exe inbound packets. That has never changed since before I got the router. I have tried putting the firewall on the router to block nothing but IDS attacks - no joy.

Basically I need to use the ABC torrent entry to get a green triangle - DMZ or not.

Just that when its NOT in the DMZ - I get 0kb/sec downloads and all trackers actively refuse me.

I will try your encryption settings.

Basically I hate my PC being in the DMZ ! Although it does work for uTorrent when it is in the DMZ.

Packetshaping from my ISP occurs at peak hours. 6PM to 11PM every day - my speeds go down to 11 to 15kb/sec - but they do this on purpose - at all other times when in the DMZ and using port 6881 I get really fast speeds.

Have you got yours to work on a private IP ? Perhaps I need a more configurable router ?

Thanks for any help.

[Switeck]

Does your upload speeds suffer equally during peak hours?

Are you using the xx/512k setting in Speed Guide (CTRL+G)?

You may want to use Scheduler to change uTorrent's speeds during peak hours.

[Antagonistix]

Hi Switeck

Yep U/L suffers also during peak hours. Definately throttled by Tiscali's Fair Usage Policy

I started suffering a while ago with the FUP. I posted here for some help: -

http://forum.utorrent.com/viewtopic.php?pid=293575#p293575

I am actually using the xx/384 setting on uTorrent as when I run b/w speed tests they are rarely over 400. Supposed to be 512. Peak hours its more like 192. My 8Meg at worst in peak hours is 1.43 meg and 6.61 at best at those times.

I spoke with Tiscali about having the FUP removed since I am now supposed to be on an unlimited 8Meg service - they said they will see if I dont thrash downloads for 2 weeks at peak hours they will take me off the heavy (ab)user subnet.

;-)

The above problems still stand though - I need to be in the DMZ with port 6881 forwarded to get good speeds.

Well at least I have a way round. I will try using scheduler to pause UT for 2 week at peak hours and see what happens.

Also I think I need a better router. This one is like a toy honestly - hardly configurable manually.

(Thomson speedtouch 585)