Just for the record, I have solved this problem and know what causes 
it.  In the outbound NAT section, you have to enable advanced outbound 
nat and check off the option to disable port mapping.  I have confirmed 
by enabling and disabling this option multiple times that it was 
definitely the cause of the problem.  With this option disabled, I have 
to do nothing else in order to host games with the WII.  No additional 
firewall or NAT rules are needed.  HTH someone in the future.

Chris


Paul Rae wrote:
> I'm back at home in a few days but will do some testing for you.
>
> I have 1.3B15 installed at home and have hosted rooms in the past without
> issues - and I'm pretty sure I have done it since upgrading to 1.3B15.
>
> I also have a number of ipsec tunnels in place and this never caused an
> issue. 
>
>
> On 15/12/2008 11:32, "Christopher M. Iarocci" <iarocci at eastendsc dot com> wrote:
>
>   
>> Tim,
>>
>> I appreciate your effort, and the info I got from it.  My config is
>> considerably more complex than a default one and I make extensive use of
>> IPSEC VPNs.  Nintendo does have inbound port requirements, I sniffed the
>> line to determine so.  If you looked at your state table during the game
>> you would see a single UDP connection directly from the person you are
>> playing against.  I'm wondering if randomization is turned off due to
>> you using a 1.2 config.  I'm waiting for an answer on how to do so
>> myself.  My router is a 1.3B15 installed and configured from scratch.
>>
>> I've also tried a PFSense box with a totally default config I had lying
>> around and it to has the same exact issue.  I can only host if I put a
>> 1:1 mapping in place.  Wish I still had it because the instructions on
>> how to disable port randomization are clear, but I just recently gave it
>> away to a friend.  Hopefully someone will answer my question on how to
>> do it on m0n0wall.
>>
>> Chris
>>
>> Tim Kingman wrote:
>>     
>>> Today, I successfully "hosted" a Mario Kart race with 1.3b15. I used
>>> my existing 1.2 config, which has static DHCP defined for all devices
>>> (including the Wii), and two NAT rules for two computers, but no other
>>> settings specific to the Wii. I have no other NAT or 1:1 mappings
>>> defined. I don't see anything in the log for the default deny rule, so
>>> I can't confirm or deny the use of any unusual high-numbered ports.
>>>
>>> I'm not sure what more I can offer here, but it looks like 1.3b15
>>> isn't itself incompatible with Mario Kart.. I had originally intended
>>> to try a clean default config, but I had a 1.2 config handy and it
>>> worked with no trouble. I can try again with a clean 1.3 config if you
>>> think that would give us any more information.
>>>
>>> I was and still am under the assumption that Nintendo WFC doesn't have
>>> any inbound-port requirements, and that the "Create a room" option is
>>> more like creating an AIM chat room (everything happens server-side)
>>> than hosting a game of Quake (many peers connecting to another peer).
>>> While FPS players may be able to handle port forwarding, Nintendo is
>>> marketing to families and non-"hardcore gamers", and none of their
>>> games make any mention of requiring special settings on home networks.
>>>
>>> -tim
>>>
>>> On Dec 12, 2008, at 6:50 AM, Christopher M. Iarocci wrote:
>>>
>>>       
>>>> Tim,
>>>>
>>>> I am able to do everything you described.  It is when someone tries
>>>> to connect to my room that it fails.  They cannot.  I can also play
>>>> on Nintendo WFC and create rooms at will.  The failure is when
>>>> someone tries to connect to that room.  Interestingly enough, if the
>>>> someone connecting is behind a Linksys, they CAN connect, but if
>>>> they're behind another m0n0wall, or behind a Cisco (only ones I've
>>>> confirmed so far), they can not connect.  If I put in the Linksys,
>>>> anyone can connect to me no matter what router they are behind.  All
>>>> of this goes away if I put in a 1:1 mapping to the Wii.
>>>>
>>>> Chris
>>>>
>>>> Tim Kingman wrote:
>>>>         
>>>>> Sorry for not getting to this last week when I promised. I'm now
>>>>> running
>>>>> 1.3b15 with the same config as my 1.2 box. I can connect to Nintendo
>>>>> WFC,
>>>>> and I can "Create a Room" without problems, but none of my friends are
>>>>> online right now to actually try a race. Since my config upgraded
>>>>> with no
>>>>> problem, I think I'll keep running 1.3b for a few days and try to catch
>>>>> somebody tomorrow night. I was able to join a worldwide Vs. race and
>>>>> play it
>>>>> successfully. (Well, I didn't win, but the network was successful.)
>>>>>
>>>>> -tim
>>>>>
>>>>> On Wed, Dec 3, 2008 at 8:51 PM, Tim Kingman <tim dot kingman at gmail dot com>
>>>>> wrote:
>>>>>
>>>>>
>>>>>           
>>>>>> What games are you playing? I'm running 1.235 and have never set up
>>>>>> any
>>>>>> forwarding to my Wii, and I don't have any problems "hosting" in
>>>>>> Mario Kart
>>>>>> or Guitar Hero. I had assumed that the Wii connected to Nintendo's WFC
>>>>>> servers and all the communication happened there, rather than the
>>>>>> PC games
>>>>>> style of having other players actually connecting to your PC. When
>>>>>> I have
>>>>>> had problems, I would get disconnected after a minute or two of a
>>>>>> kart race,
>>>>>> but we would see similar issues regardless of who first opened the
>>>>>> room.
>>>>>>
>>>>>> I guess I don't really have any useful suggestions or information
>>>>>> here. I'm
>>>>>> sure there are other Wii owners on multiple firmware versions to
>>>>>> chime in. I
>>>>>> have some spare hardware here and may try installing 1.3 over the
>>>>>> weekend to
>>>>>> see if I get different results than 1.2.
>>>>>>
>>>>>> -Tim
>>>>>>
>>>>>>
>>>>>> On Dec 3, 2008, at 7:02 PM, Christopher M. Iarocci wrote:
>>>>>>
>>>>>> I have a WII behind my m0n0wall at home.  I'm running 1.3B15.  I am
>>>>>> unable
>>>>>>
>>>>>>             
>>>>>>> to host a room on the WII.  I can connect to a hosted room without
>>>>>>> issue.  I
>>>>>>> found the ports used to host a game and port forwarded them to my
>>>>>>> WII.
>>>>>>> However, even though they are not being blocked (checked the
>>>>>>> logs), the
>>>>>>> connection still does not happen.  So, I dropped a Linksys in
>>>>>>> place, bam,
>>>>>>> hosting works fine.  So I did a bit more experimenting with the
>>>>>>> m0n0wall
>>>>>>> (borrowed a friend's WII and connected them both).  If I do a 1:1 NAT
>>>>>>> mapping to the WII from my outside IP and open the firewall ports,
>>>>>>> everything works fine.  If I simply port forward the ports and
>>>>>>> open the
>>>>>>> firewall, it will not work.  So my question here is, what is the
>>>>>>> major
>>>>>>> difference between port forwarding and 1:1, and is there a way to
>>>>>>> get around
>>>>>>> this problem?  I would love to leave the 1:1 in place, but
>>>>>>> unfortunately I
>>>>>>> only have a single IP and other services that run behind it that
>>>>>>> get broken
>>>>>>> when the 1:1 is in place.  Thanks for any help you can offer.
>>>>>>>
>>>>>>> Chris
>>>>>>>
>>>>>>>
>>>>>>>               
>>>>>           
>>>>         
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>>> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>>>
>>>       
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>>
>>     
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>