Getting past firewalls

[NicktheNorse]

I would suggest you email the network admin - i did last year - i asked him to allow upd and icmp protocols and he said ok

luckily no ports were actually blocked so most things were fine (of course, coudlnt ident properly on irc and has some other minor issues) except for FTP which was bandwidth limited (2.5k per client!).

[Enverex]

Originally posted by Agent
Got a machine at home on broadband ?

Could you set that up as a VPN server, VPN to it and play games like that. its only 1 extra hop, and aslong as nothing else is using the connection on the server, it should work ok.

Just a thought

It's not really one extra hop, it's quite a few, from my home ADSL account to the Uni JANET connection, there are 13 hops, so that could actually make gaming a complete mess as it would probably add about 150ms onto your ping.

NS

[TiG]

Why do you need to play on the internet when you've got a uni to play against?, i had the same problem when i was at uni. But it wasn't a problem we had a very active CS group back in the days and we always had at least 2 games of 16 ppl a side going on.

I wouldn't keep your hopes up myself.

TiG

[Sibu]

Because the CS community isnt hugely active within the uni.

Also, its slightly limiting to just have that game to play.

[wasabi]

You could, um, ASK THEM? You might find that net admins might let your games stuff through on a specific port by arrangement. Thry're probably just worrried about bandwidth-hog p2p stuff getting them in a world of 551t and slowing everything down.

I'm a school network admin and am happy to facilitate users with reasonable requests. They might not allow it though because of some edict from on-high.

[Sibu]

Nah, we have tried but the problem with the games is that you can free all the ports specified, but when you actually connect to the game, the port opened is random, so we can't resolve that issue.

So i was thinking the only other way to get around this is to completely by-pass the firewall

[wasabi]

I've not been online gaming in a couple of years so can't comment with authority on the random port bit - all I can say is its posible but unlikely.

What you could do is ask the admin to do is set up a static route between a couple of the external IPs and an internal address. That would make their security risk less and resolve a lot of the config probs users might have too. And buy him several pints after ...

[mr_roll]

http://www.http-tunnel.com may help

[Agent]

Originally posted by NightShade737
It's not really one extra hop, it's quite a few, from my home ADSL account to the Uni JANET connection, there are 13 hops, so that could actually make gaming a complete mess as it would probably add about 150ms onto your ping.

NS

I acctually have no idea what the hell i wrote that for
I think ive got confused with somthing else i was reading at the time

[Enverex]

You were probably thinking litteraly at the time, don't worry, I do it all the time. Can me quite funny some times ....

Doesn't sound like an easy way round this though...

NS

[Sibu]

Looks like buying usage of that proggie seems the best idea then...unless people have thought of a cheaper way?

[malfunction]

Basically I'm with the rest of the pessimists - unless there's a crap firewall and / or LAN admin at your uni you're unlikely to get out without having an external host re-route your traffic (which would probably introduce too much of a lag for games anyway). And if their 'firewall' solution also includes some proxies you're extra stuffed (i.e. HTTP - port 80 - might not be straight out through the firewall to the net from the LAN - you might have to go through a proxy which will only accept valid HTTP requests and only the proxy will be allowed to send out HTTP requests (or just packets) on port 80 and not just any old machine on the LAN). Plus the proxy can and will be blocking certain URL's and IP ranges. Same goes for any common protocol - you can get a proxy for it and if they're using a proxy you won't be able to pass any old packets out on that port. If you've got permission to install / run any old software on the machines you can still play games on the internal LAN. Or you could do some work at uni (I didn't but I hear it can help your career... Might explain why I'm feeling 0% job satisfaction these days!)

Just get pally with the LAN admins

[Sibu]

yea thats the thing, im not too sure i wanna fork out money for this software when it might not even work.

AND, it might not be quick so i would be paying for a redundant service.

As for work at uni, what are you talking about?

[killgORE]

DaBeeeenster... don't put yourself down there. You were spot on about UDP packets. They are connectionless. Which means that there is not a continuous stream between hosts (like tcp).

The addressing information is held in the udp header. But udp is not guaranteed to be reliable. Its like posting a letter with an address. It might get where it is supposed to. It might not. But postman pat sure as hell wont ask you to re-send it !

[killgORE]

err.... should have looked at the date of the last post.. Looks like this thread has gone a bit stale.

As for the bypassing uni firewall goes. Firewalls are the single most effective method for network security - if installed correctly. In my experience most people operating uni networks suck... Well, thats just a personal gripe really. I would always want more access than I could safely be given..

[td5]

Originally posted by DaBeeeenster
This may be a UDP issue. Games (unlike most other internet traffic like email and www) use UDP instead of TCP as it is a lot faster...

UDP isnt faster, its just raw and doesnt require ack packets :S