Incoming external IP addresses not parsing

[seriosbrad]

Hey guys,

I am running a game server locally, but is publicly open to external players. My problem is that anyone connecting from outside my network show up as having the IP address of my router (192.168.0.1) instead of their ISP provided IP. This becomes a problem when needing to ban a player by IP.

My network structure is as follows:

ISP Modem/Router acting as a transparent bridge
then
Netgear WNDR3700 Router (dd-wrt firmware)
then
1Gbps Switch
then
Game server

 

[JackMDS]

So, there are Billions of people around how many you are expecting to ban?

Even if it is free for "almost all" you should institute Login and Password arrangement in the gaming software.

Then you will be able to block the one that you donot want.

 

[seriosbrad]

The game is not developed by me, the game client itself has a log-in system but the server does not. This game in particular is suspect to stolen accounts because of it's popularity. It happens more often than you would think, a player will use 5-10 stolen accounts to re-login and harass staff or players because they do not agree with server rules, or hormones got to them. Or a staff member may be compromised and I can not check server or forum logs to see if the IP matches any previous players.

Anyways. Does it seem like there is a problem with my network somewhere, that causes incoming IPs to resolve to 192.168.0.1? Or is that just the nature of things?

Thanks.

 

[QuietDad]

Static IP the server and Port Forward the port the game is using or set up the server as the DMZ.

 

[JackMDS]

You have a Router and a Local Network (LAN) the traffic must be resolved to a private IP, i.e., 192.168.x.x

If a client software of the game is including Login and PW it usually done on behave of the server and Not the client.

Either your configuration of the server is Not the way it is intended to, or may be it some sort of opened (may pirated) version of the server's software.

 

[seriosbrad]

Static IP the server and Port Forward the port the game is using or set up the server as the DMZ.

Hi,

This is already how it it currently set up. The IP is set up as 192.168.0.147 for the game server and the port it forwarded correctly, external players connect fine, it's just their IP shows up wrong.

If you have few computer and a Router it must be resolved to a Local IP, i.e., 192.168.x.x

Besides when a Cleint program has a login and password it done on behave of the server.

My guess is that your implantation of the Server is incorret, or it is some sort of wide opened pirated version.

The IP of the game server is an internal IP of 192.168.0.147, normal. But external players inherit the internal IP of my router 192.168.0.1, is that normal for my networking configuration? Would there be any way to have them resolve to their real IP?. This client software for this game actually syncs to the games login servers via web, not the game server. Once the login details come back OK, the player is then allowed to join any game server. I do not pirate this game or run my server in a pirated "offline mode".

The game server is for Minecraft, this might help understand things.

 

[JackMDS]

Is your port forwarding configured correctly?

http://answers.yahoo.com/question/index?qid=20130325181002AAAhSGR

 

[seriosbrad]

Yes, the ports are forwarded and players can connect just fine

 

[QuietDad]

I responded too quickly. The issue is with NAT translation from the router. It's what routers do....

You can maybe get around this a few ways. Are more than on PC's going thought the router to the internet?

 

[seriosbrad]

I responded too quickly. The issue is with NAT translation from the router. It's what routers do....

You can maybe get around this a few ways. Are more than on PC's going thought the router to the internet?

Yep. 2 PC's, the game server, 1 SIP phone adapter and a few WiFi devices

 

[QuietDad]

I'm running an Actiontec Wireless router supplied by FIOS in my office. In my Lab I Have a Linksys WRT54GS running DD-WRT connected to the ActionTech Wirelessly. Internal addresses are 192.168.1.1 for the Actiontec, 192.168.1.6 for the Linksys (Static assigned at the Linksys router. First 5 addressis go to FIOS settops...). My server has a Static IP addresss of 192.168.1.106. I have the Actiontec AND the Linksys point to 192.168.1.6 (The PC) as the DMZ ans my server sees the external addresses. I'm running an antique BBS system for educational reasons and it's mostly telnet, but it has an early HTTP server on it. Both telnet and HTTP see the external addresses.

 

[QuietDad]

There is also 2 iPhones, Two wireless and three other PCs using this without issue for simple browsing and email type things. Games like Starcraft and such only work on the server...

 

[seriosbrad]

My ISP provided modem is also an Actiontec (VDSL2), but I configured it to be a transparent bridge because I was double NAT'd and originally thought that was causing my problem. So for now I don't think my Actiontec is any problem, it's technically invisible.

I'll try putting my Netgear router on a DMZ to my game server, but that would expose all the other devices, unless I rely on Windows firewall for the PC's?

 

[QuietDad]

If anything, it removes exposure from all the other PC's because in DMZ mode EVERYTHING will get forwarded to the server. Nothing externally will be able to reach anything else.

 

[seriosbrad]

If anything, it removes exposure from all the other PC's because in DMZ mode EVERYTHING will get forwarded to the server. Nothing externally will be able to reach anything else.

Ah, I get ya.

Unfortunately the DMZ idea didn't work, external players still connect as 192.168.0.1 :hmm:

 

[QuietDad]

Out of curiosity, I checked my routers. The Actiontec has my server set as the DMZ AND I have ports 80 (HTTP)), 21 (FTP), 23 (Telnet), 60 (TFTP) Port Forwarded to the server. I have the Actiontec setup as a wireless router. Basically as it came with port forwarding ond DMZ to my server. The Linksys (DD-WRT) is set to Client Bridge mode with the same port forwarding and DMZ. which seems exactly backwards from what your doing and it works here.

The issue is NAT and getting around it. Disabling NAT Translation and hardcoding EVERYTHING will solve your server problem but screw up everything else. What's the model of your 1Gb switch. Maybe thats playing games and it's the only additional element in your setup versus mine.

 

[seriosbrad]

It worked directly connected to the Actiontec since my ISP provides me with 2 IPs, but then it's "outside" of my network and difficult to manage.

I know at one point I did have the Actiontec set up stock on a DMZ to my Netgear router so that the Netgear would handle ports, it worked but I still had the IP problem. When my brother is done with his online gaming I'll try to set it up as you described, with the Actiontec on a DMZ to the game server and Netgear router as a bridge.

The switch is just a basic D-Link, DGS-1005G. Before finishing this post I tried without the switch, no change. Thanks for helping out, nobody in the Minecraft server scene has even come close, everyone rents their servers but I have the power and bandwidth to do it myself heh.

BTW, I used to run a WRT54GL with DD-WRT then Tomato, good little routers.