Pest Control
05-13-00, 01:08 AM
I am trying to figure out if it is possible to run an ICQ ActiveList server behind the router. I am on static IP cable with one computer at this time on the router. I want to be able to keep the firewall aspect of the router. I have the 1.23 firmware for the router. I am struggling to understand the techno stuff I read at
http://www.icq.com/firewall/netadmin.html
From what I have read, port mapping is not an option for the router. Is the NAT function similar to saying you have a proxy server? My ICQ 2000a works fine in the basic connection setup. I thought the ActiveList server would use the same settings. The preferences in the AL server window have basic firewall/connection settings. There is "use static port" with a window for you to enter the port, and "use dynamic port". There is a box for the ICQ server at icq.mirabilis.com and a box for the port to use. You have the choice of choosing the connection type: "LAN user"..."I am not behind a firewall or proxy", or "I am behind a firewall or proxy", or "modem user" (obviously not applicable to me).
http://members.xoom.com/bdomin.1/images/ICQActiveListconnectionsetup.jpg
Here is what is said as requirements for ICQ to work as said from the above link:
Requirements:
ICQ must be able to communicate with the ICQ server:
This is done via port 4000 UDP to icq.mirabilis.com (please note - allow a bidirectional connection to the port for icq.mirabilis.com and not any specific IP address, since it stands for more than one IP address).
Client to client communication:
Client to client connection is done using the TCP protocol, using port range 1024 - 65535. this means that the client needs an open listening port within the mentioned range - 1024 to 65535.
IF your firewall settings meet the ICQ requirements, you do not need to configure ICQ to work behind a firewall.
In case you cannot meet the ICQ requirements
The TCP listening port range is too large
Minimize the range. you can open a smaller range on your firewall, and then you must configure ICQ to work through the specific port range you have dedicated.
In case you cannot open any TCP listening port
If you cannot open the TCP listening port but you can open a bidirectional TCP connection to the internet, configure ICQ to work with no listening port.
Note: Communication between your LAN users and any Internet user who cannot open a listening TCP port cannot be accomplished. To prevent this from occurring please use Socks4 or Socks5 compatible firewalls
In case you do not have any TCP connection to the internet at all
This requires the use of a Proxy server (Socks4/Socks5). The ICQ client must have access to the Socks4/Socks5 server, and the server must have full access to an internet connection, including opened listening TCP ports. The Socks server acts like a bridge to the internet, and ICQ is the pedestrian.
You cannot create a bidirectional connection to icq.mirabilis.com via port 4000 UDP
This requires the use of a Proxy server (Socks5). The ICQ client must have access to the Socks5 server, and the server must have full access to an internet connection, including opened listening TCP ports.
Your connection to the internet is done using IP-Masquerading
This means you cannot open any listening ports, and you need to use the Basic Firewall Configuration. Once again,using this option your users will not be able to communicate with any user who cannot open a TCP listening port. To solve this problem use Socks4 or Socks5 Proxy server.
ICQ 2000a connection tabs:
http://members.xoom.com/bdomin.1/images/ICQ2000aconnectionscreen.jpg
http://members.xoom.com/bdomin.1/images/ICQ2000aconnectionscreen2.jpg
http://members.xoom.com/bdomin.1/images/ICQ2000aConnectionScreen3.jpg
Supposedly ICQ 2000a has improved firewall support. I don't know what that consists of.
There are also these choices in the connections area:
·Click the Always use internal IP radio ¤ button to use your internal IP number.
·Click the ICQ will determine the IP automatically radio ¤ button to allow ICQ to choose whether to use your real IP or internal IP to establish best connection.
·Click the Always use external IP radio ¤ button to use your real (external) IP number.
· Click on the Not using Firewall radio ¤ button if you are not using a firewall.
Click on the Using Firewall radio ¤ button if you are using a firewall.
Click on the Not using proxy radio ¤ button if you are not using a proxy.
Click on the Using Proxy radio ¤ button if you are using a proxy and then use the pull-down menu to choose the proxy you are using.
There is more to see but I think that does it for now. I really would like to be able to have my ActiveLists to work behind the router. Anyone who has sent email the ICQ "tech" support knows you can't really get help.
[This message has been edited by Pest Control (edited 05-13-2000).]
[This message has been edited by Pest Control (edited 05-13-2000).]
[This message has been edited by Pest Control (edited 05-13-2000).]
[This message has been edited by Pest Control (edited 05-13-2000).]
[This message has been edited by Pest Control (edited 05-13-2000).]
[This message has been edited by Pest Control (edited 05-13-2000).]
[This message has been edited by Pest Control (edited 05-13-2000).]
[This message has been edited by Pest Control (edited 05-13-2000).]
[This message has been edited by Pest Control (edited 05-13-2000).]
http://www.icq.com/firewall/netadmin.html
From what I have read, port mapping is not an option for the router. Is the NAT function similar to saying you have a proxy server? My ICQ 2000a works fine in the basic connection setup. I thought the ActiveList server would use the same settings. The preferences in the AL server window have basic firewall/connection settings. There is "use static port" with a window for you to enter the port, and "use dynamic port". There is a box for the ICQ server at icq.mirabilis.com and a box for the port to use. You have the choice of choosing the connection type: "LAN user"..."I am not behind a firewall or proxy", or "I am behind a firewall or proxy", or "modem user" (obviously not applicable to me).
http://members.xoom.com/bdomin.1/images/ICQActiveListconnectionsetup.jpg
Here is what is said as requirements for ICQ to work as said from the above link:
Requirements:
ICQ must be able to communicate with the ICQ server:
This is done via port 4000 UDP to icq.mirabilis.com (please note - allow a bidirectional connection to the port for icq.mirabilis.com and not any specific IP address, since it stands for more than one IP address).
Client to client communication:
Client to client connection is done using the TCP protocol, using port range 1024 - 65535. this means that the client needs an open listening port within the mentioned range - 1024 to 65535.
IF your firewall settings meet the ICQ requirements, you do not need to configure ICQ to work behind a firewall.
In case you cannot meet the ICQ requirements
The TCP listening port range is too large
Minimize the range. you can open a smaller range on your firewall, and then you must configure ICQ to work through the specific port range you have dedicated.
In case you cannot open any TCP listening port
If you cannot open the TCP listening port but you can open a bidirectional TCP connection to the internet, configure ICQ to work with no listening port.
Note: Communication between your LAN users and any Internet user who cannot open a listening TCP port cannot be accomplished. To prevent this from occurring please use Socks4 or Socks5 compatible firewalls
In case you do not have any TCP connection to the internet at all
This requires the use of a Proxy server (Socks4/Socks5). The ICQ client must have access to the Socks4/Socks5 server, and the server must have full access to an internet connection, including opened listening TCP ports. The Socks server acts like a bridge to the internet, and ICQ is the pedestrian.
You cannot create a bidirectional connection to icq.mirabilis.com via port 4000 UDP
This requires the use of a Proxy server (Socks5). The ICQ client must have access to the Socks5 server, and the server must have full access to an internet connection, including opened listening TCP ports.
Your connection to the internet is done using IP-Masquerading
This means you cannot open any listening ports, and you need to use the Basic Firewall Configuration. Once again,using this option your users will not be able to communicate with any user who cannot open a TCP listening port. To solve this problem use Socks4 or Socks5 Proxy server.
ICQ 2000a connection tabs:
http://members.xoom.com/bdomin.1/images/ICQ2000aconnectionscreen.jpg
http://members.xoom.com/bdomin.1/images/ICQ2000aconnectionscreen2.jpg
http://members.xoom.com/bdomin.1/images/ICQ2000aConnectionScreen3.jpg
Supposedly ICQ 2000a has improved firewall support. I don't know what that consists of.
There are also these choices in the connections area:
·Click the Always use internal IP radio ¤ button to use your internal IP number.
·Click the ICQ will determine the IP automatically radio ¤ button to allow ICQ to choose whether to use your real IP or internal IP to establish best connection.
·Click the Always use external IP radio ¤ button to use your real (external) IP number.
· Click on the Not using Firewall radio ¤ button if you are not using a firewall.
Click on the Using Firewall radio ¤ button if you are using a firewall.
Click on the Not using proxy radio ¤ button if you are not using a proxy.
Click on the Using Proxy radio ¤ button if you are using a proxy and then use the pull-down menu to choose the proxy you are using.
There is more to see but I think that does it for now. I really would like to be able to have my ActiveLists to work behind the router. Anyone who has sent email the ICQ "tech" support knows you can't really get help.
[This message has been edited by Pest Control (edited 05-13-2000).]
[This message has been edited by Pest Control (edited 05-13-2000).]
[This message has been edited by Pest Control (edited 05-13-2000).]
[This message has been edited by Pest Control (edited 05-13-2000).]
[This message has been edited by Pest Control (edited 05-13-2000).]
[This message has been edited by Pest Control (edited 05-13-2000).]
[This message has been edited by Pest Control (edited 05-13-2000).]
[This message has been edited by Pest Control (edited 05-13-2000).]
[This message has been edited by Pest Control (edited 05-13-2000).]