[ previous ] [ next ] [ threads ]
 From:  "Christopher M. Iarocci" <iarocci at eastendsc dot com>
 To:  Tim Kingman <tim dot kingman at gmail dot com>
 Cc:  M0n0wall Mailing List <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] Re: WII behind m0n0wall
 Date:  Mon, 15 Dec 2008 06:32:10 -0500

I appreciate your effort, and the info I got from it.  My config is 
considerably more complex than a default one and I make extensive use of 
IPSEC VPNs.  Nintendo does have inbound port requirements, I sniffed the 
line to determine so.  If you looked at your state table during the game 
you would see a single UDP connection directly from the person you are 
playing against.  I'm wondering if randomization is turned off due to 
you using a 1.2 config.  I'm waiting for an answer on how to do so 
myself.  My router is a 1.3B15 installed and configured from scratch.

I've also tried a PFSense box with a totally default config I had lying 
around and it to has the same exact issue.  I can only host if I put a 
1:1 mapping in place.  Wish I still had it because the instructions on 
how to disable port randomization are clear, but I just recently gave it 
away to a friend.  Hopefully someone will answer my question on how to 
do it on m0n0wall.


Tim Kingman wrote:
> Today, I successfully "hosted" a Mario Kart race with 1.3b15. I used 
> my existing 1.2 config, which has static DHCP defined for all devices 
> (including the Wii), and two NAT rules for two computers, but no other 
> settings specific to the Wii. I have no other NAT or 1:1 mappings 
> defined. I don't see anything in the log for the default deny rule, so 
> I can't confirm or deny the use of any unusual high-numbered ports.
> I'm not sure what more I can offer here, but it looks like 1.3b15 
> isn't itself incompatible with Mario Kart.. I had originally intended 
> to try a clean default config, but I had a 1.2 config handy and it 
> worked with no trouble. I can try again with a clean 1.3 config if you 
> think that would give us any more information.
> I was and still am under the assumption that Nintendo WFC doesn't have 
> any inbound-port requirements, and that the "Create a room" option is 
> more like creating an AIM chat room (everything happens server-side) 
> than hosting a game of Quake (many peers connecting to another peer). 
> While FPS players may be able to handle port forwarding, Nintendo is 
> marketing to families and non-"hardcore gamers", and none of their 
> games make any mention of requiring special settings on home networks.
> -tim
> On Dec 12, 2008, at 6:50 AM, Christopher M. Iarocci wrote:
>> Tim,
>> I am able to do everything you described.  It is when someone tries 
>> to connect to my room that it fails.  They cannot.  I can also play 
>> on Nintendo WFC and create rooms at will.  The failure is when 
>> someone tries to connect to that room.  Interestingly enough, if the 
>> someone connecting is behind a Linksys, they CAN connect, but if 
>> they're behind another m0n0wall, or behind a Cisco (only ones I've 
>> confirmed so far), they can not connect.  If I put in the Linksys, 
>> anyone can connect to me no matter what router they are behind.  All 
>> of this goes away if I put in a 1:1 mapping to the Wii.
>> Chris
>> Tim Kingman wrote:
>>> Sorry for not getting to this last week when I promised. I'm now 
>>> running
>>> 1.3b15 with the same config as my 1.2 box. I can connect to Nintendo 
>>> WFC,
>>> and I can "Create a Room" without problems, but none of my friends are
>>> online right now to actually try a race. Since my config upgraded 
>>> with no
>>> problem, I think I'll keep running 1.3b for a few days and try to catch
>>> somebody tomorrow night. I was able to join a worldwide Vs. race and 
>>> play it
>>> successfully. (Well, I didn't win, but the network was successful.)
>>> -tim
>>> On Wed, Dec 3, 2008 at 8:51 PM, Tim Kingman <tim dot kingman at gmail dot com> 
>>> wrote:
>>>> What games are you playing? I'm running 1.235 and have never set up 
>>>> any
>>>> forwarding to my Wii, and I don't have any problems "hosting" in 
>>>> Mario Kart
>>>> or Guitar Hero. I had assumed that the Wii connected to Nintendo's WFC
>>>> servers and all the communication happened there, rather than the 
>>>> PC games
>>>> style of having other players actually connecting to your PC. When 
>>>> I have
>>>> had problems, I would get disconnected after a minute or two of a 
>>>> kart race,
>>>> but we would see similar issues regardless of who first opened the 
>>>> room.
>>>> I guess I don't really have any useful suggestions or information 
>>>> here. I'm
>>>> sure there are other Wii owners on multiple firmware versions to 
>>>> chime in. I
>>>> have some spare hardware here and may try installing 1.3 over the 
>>>> weekend to
>>>> see if I get different results than 1.2.
>>>> -Tim
>>>> On Dec 3, 2008, at 7:02 PM, Christopher M. Iarocci wrote:
>>>> I have a WII behind my m0n0wall at home.  I'm running 1.3B15.  I am 
>>>> unable
>>>>> to host a room on the WII.  I can connect to a hosted room without 
>>>>> issue.  I
>>>>> found the ports used to host a game and port forwarded them to my 
>>>>> WII.
>>>>> However, even though they are not being blocked (checked the 
>>>>> logs), the
>>>>> connection still does not happen.  So, I dropped a Linksys in 
>>>>> place, bam,
>>>>> hosting works fine.  So I did a bit more experimenting with the 
>>>>> m0n0wall
>>>>> (borrowed a friend's WII and connected them both).  If I do a 1:1 NAT
>>>>> mapping to the WII from my outside IP and open the firewall ports,
>>>>> everything works fine.  If I simply port forward the ports and 
>>>>> open the
>>>>> firewall, it will not work.  So my question here is, what is the 
>>>>> major
>>>>> difference between port forwarding and 1:1, and is there a way to 
>>>>> get around
>>>>> this problem?  I would love to leave the 1:1 in place, but 
>>>>> unfortunately I
>>>>> only have a single IP and other services that run behind it that 
>>>>> get broken
>>>>> when the 1:1 is in place.  Thanks for any help you can offer.
>>>>> Chris
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch