I moved into my dorm last night and everything seems to work fine. The problem is, the school has a super-strength firewall that blocks everything but internet explorer and AIM. This includes FFXI. Someone suggested I scan and see what ports are open and switch FFXI to that. Another person suggested the use of tunneling software.
So my questions:
1.) If I follow the "port sniffer" option, does anyone have a rec. of a program to use? Also, does anyone know how I can change the ports on FFXI?
2.) If I follow the "tunneling software" option, does anyone know a form I can use?
- Forums
- FFXI Servers
- Shiva
- Getting around University Firewall...
Getting around University Firewall...Follow
If you're really interested in port sniffing, nmap is by and far my favorite utility.
IIRC, The FFXI servers dictate which port you're FFXI client is going to use, and the ports jump regularly. So basically, you can't really changes the ports your FFXI client uses.
For example, when you zone and it requires you to connect to a [logically] different server, your game client sends a request via a dedicated connection asking (along the lines of) "how do I connect to the <zone name>." The server resonds, "connect to server <ip address> and port <number>."
To go the tunnel route (in this case it'll most likely be a VPN), you'll need an endpoint [VPN Server] that is on the "far" side of your firewall (you are located on the near side).
If you're not familiar with VPNs, you might want to check out: http://computer.howstuffworks.com/vpn.htm
The quick and dirty route is to find an ISP the provides unix shell access, for cheap or free, and install a port forwarding service on that account. For example, Zebedee ( http://www.winton.org.uk/zebedee/index.html ) might be a perfect utility for this.
(typically this is frowned upon, and you'll find your shell account quickly disabled)
The best solution is to use a full on VPN. Unfortunately I don't know of any public+anonymous VPN servers; this means you'll probably have to set up the VPN server on your own. The easiest to set up would probably be a PPTP server since windows has a robust PPTP client built into it.
Once you have the server set-up and accepting/forwarding connections, you can use your built in Windows PPTP client to sign into the PPTP server, and all your networking will be tunneled through a connection between the PPTP server and your computer.
If your parents or an off campus friend has a DSL connection with a static IP address, your best bet is to install a PPTP server at their house. If you go with a free *nix as your PPTP server, this will only require a low end computer (think 200Mhz CPU, 64MB memory, 500MB (yes MB) hard disc). For the software portion, you'll need PoPToP ( http://www.poptop.org/ ) and PPPd.
How to set-up a Debian GNU/Linux PPTP server: http://poptop.sourceforge.net/dox/debian-howto.phtml
OpenVPN is a completely diffent VPN solution that works with Windows ( http://openvpn.net/ ). If have no experience with them, but they might be a better route to take.
For other ways to get around such irritations, I recommend this for reading:
http://www.zensur.freerk.com/
http://sebsauvage.net/punching/index.html
http://www.buzzsurf.com/surfatwork/
(edit: overhauled the VPN discussion to hopefully be a little clearer)
(edit<n>: speeling and grammar )
Edited, Sun Jan 8 21:41:19 2006 by Unixium
Edited, Sun Jan 8 21:44:54 2006 by Unixium
IIRC, The FFXI servers dictate which port you're FFXI client is going to use, and the ports jump regularly. So basically, you can't really changes the ports your FFXI client uses.
For example, when you zone and it requires you to connect to a [logically] different server, your game client sends a request via a dedicated connection asking (along the lines of) "how do I connect to the <zone name>." The server resonds, "connect to server <ip address> and port <number>."
To go the tunnel route (in this case it'll most likely be a VPN), you'll need an endpoint [VPN Server] that is on the "far" side of your firewall (you are located on the near side).
If you're not familiar with VPNs, you might want to check out: http://computer.howstuffworks.com/vpn.htm
The quick and dirty route is to find an ISP the provides unix shell access, for cheap or free, and install a port forwarding service on that account. For example, Zebedee ( http://www.winton.org.uk/zebedee/index.html ) might be a perfect utility for this.
(typically this is frowned upon, and you'll find your shell account quickly disabled)
The best solution is to use a full on VPN. Unfortunately I don't know of any public+anonymous VPN servers; this means you'll probably have to set up the VPN server on your own. The easiest to set up would probably be a PPTP server since windows has a robust PPTP client built into it.
Once you have the server set-up and accepting/forwarding connections, you can use your built in Windows PPTP client to sign into the PPTP server, and all your networking will be tunneled through a connection between the PPTP server and your computer.
If your parents or an off campus friend has a DSL connection with a static IP address, your best bet is to install a PPTP server at their house. If you go with a free *nix as your PPTP server, this will only require a low end computer (think 200Mhz CPU, 64MB memory, 500MB (yes MB) hard disc). For the software portion, you'll need PoPToP ( http://www.poptop.org/ ) and PPPd.
How to set-up a Debian GNU/Linux PPTP server: http://poptop.sourceforge.net/dox/debian-howto.phtml
OpenVPN is a completely diffent VPN solution that works with Windows ( http://openvpn.net/ ). If have no experience with them, but they might be a better route to take.
For other ways to get around such irritations, I recommend this for reading:
http://www.zensur.freerk.com/
http://sebsauvage.net/punching/index.html
http://www.buzzsurf.com/surfatwork/
(edit: overhauled the VPN discussion to hopefully be a little clearer)
(edit<n>: speeling and grammar )
Edited, Sun Jan 8 21:41:19 2006 by Unixium
Edited, Sun Jan 8 21:44:54 2006 by Unixium
Unixium. i have no idea what you just said
O.o???
O.o???
*sigh* Sorry about that.
Tried to stuff too much information in that message, and it came out ... jumbled.
okay, lets see if take number two is any better.
> Someone suggested I scan and see what ports are
> open and switch FFXI to that.
I don't think you can do this, because FFXI servers determine which ports your client uses during the course of the game. To make matters worse, the ports being used get changed "a lot."
> Another person suggested the use of tunneling software.
That might work, but there are two complications.
Complication number one is the range of ports that FFXI wants to have available to it during a game session. TCP ports 50,000 thorugh 65,535. UDP ports 50,000 through 65,535. Because FFXI wants to be able to use any one of ~32,000 different ports split between TCP and UDP protocols, most simple tunneling software is excluded as a solution (i.e. SSH won't work)
For FFXI a full-on VPN is called for. A VPN basically takes *all* the network conections from your computer, and tunnels them to another network. In Shao's case, that other network is the internet. (for a way better description of VPNs, see the link to howstuffworks in my previous post)
Complication number two. A tunnel requires two openings - an entry and and exit. In networking terms, the entry point is called a client, and the exit point is called a server. The entry point (a.k.a. client) to the tunnel is your PC -- via a software client. The exit point of the tunnel is another computer, running network tunneling server software.
If you got Windows 98 or above, you've got the entry point because Microsoft provides a VPN client with it's Windows operating system. That VPN client uses a tunneling protocol calld "PPTP." (PPTP stands for Point-to-Point Tunneling Protocol). So if you're going to set up a VPN, and you're stuck using Windows, PPTP is the easiest way to to go.
So the last bit needed is the tunnel exit -- a.k.a. a VPN server -- and it has to be located outside of his University firewall. Shaolinz probably doesn't have this part, and ost likely he'll have to set-up his own VPN server. (probably at a friends or family members house with a DSL connection).
You can run a PPTP server on Windows, but the hardware requirements are more expensive. You can also run a PPTP server on UNIX (Solaris, HP/UX, AIX) and UNIX like operating systems (Linux, FreeBSD, NetBSD, OpenBSD), which can run on VERY low end hardware (spec'ed in my previous post).
If you go with a VPN server on a *nix OS, the VPN server software you probably want to choose is PoPToP. In my previous post you find a few links on how to set up PoPToP servers.
Tried to stuff too much information in that message, and it came out ... jumbled.
okay, lets see if take number two is any better.
> Someone suggested I scan and see what ports are
> open and switch FFXI to that.
I don't think you can do this, because FFXI servers determine which ports your client uses during the course of the game. To make matters worse, the ports being used get changed "a lot."
> Another person suggested the use of tunneling software.
That might work, but there are two complications.
Complication number one is the range of ports that FFXI wants to have available to it during a game session. TCP ports 50,000 thorugh 65,535. UDP ports 50,000 through 65,535. Because FFXI wants to be able to use any one of ~32,000 different ports split between TCP and UDP protocols, most simple tunneling software is excluded as a solution (i.e. SSH won't work)
For FFXI a full-on VPN is called for. A VPN basically takes *all* the network conections from your computer, and tunnels them to another network. In Shao's case, that other network is the internet. (for a way better description of VPNs, see the link to howstuffworks in my previous post)
Complication number two. A tunnel requires two openings - an entry and and exit. In networking terms, the entry point is called a client, and the exit point is called a server. The entry point (a.k.a. client) to the tunnel is your PC -- via a software client. The exit point of the tunnel is another computer, running network tunneling server software.
If you got Windows 98 or above, you've got the entry point because Microsoft provides a VPN client with it's Windows operating system. That VPN client uses a tunneling protocol calld "PPTP." (PPTP stands for Point-to-Point Tunneling Protocol). So if you're going to set up a VPN, and you're stuck using Windows, PPTP is the easiest way to to go.
So the last bit needed is the tunnel exit -- a.k.a. a VPN server -- and it has to be located outside of his University firewall. Shaolinz probably doesn't have this part, and ost likely he'll have to set-up his own VPN server. (probably at a friends or family members house with a DSL connection).
You can run a PPTP server on Windows, but the hardware requirements are more expensive. You can also run a PPTP server on UNIX (Solaris, HP/UX, AIX) and UNIX like operating systems (Linux, FreeBSD, NetBSD, OpenBSD), which can run on VERY low end hardware (spec'ed in my previous post).
If you go with a VPN server on a *nix OS, the VPN server software you probably want to choose is PoPToP. In my previous post you find a few links on how to set up PoPToP servers.
Scholar
18 posts
I personally am against internet censorship and blocking >.> I hope you can find a way through ; ;
Edited, Tue Jan 10 16:54:05 2006 by Sincentius
Edited, Tue Jan 10 16:54:05 2006 by Sincentius
Quote:
just use dial up
*.*
It's beautiful in it's simplicity.
To wander a bit off topic:
I obviously couldn't see the forest for the trees. I kept trying to answer the questions, but not solve the problem.
I love it when someone comes up with a lateral solution like this, and reminds me to quit thinking inside the box.
Scholar
37 posts
Unfortunetely atm there is no way (that I have found) to open up the needed ports to play FFXI with a tunneler, as there aren't any programs out there that I've found that will unblock UDP ports 50000-65535. A VPN connection however, "should" work, however here at my campus it doesn't for some reason. Dial-up would definitely work though.
P.S. You might wanna check out http://http-tunnel.com/phpbb2/viewtopic.php?t=551&highlight=final+fantasy for some further information.
Edited, Wed Jan 11 20:12:51 2006 by Aetius
P.S. You might wanna check out http://http-tunnel.com/phpbb2/viewtopic.php?t=551&highlight=final+fantasy for some further information.
Edited, Wed Jan 11 20:12:51 2006 by Aetius
Quote:
A VPN connection however, "should" work, however here at my campus it doesn't for some reason.
Depends on which VPN protocol you're using. Microsoft PPTP, for example, tunnels connections through port 1723 (sometimes 1725), and uses the GRE protocol.
Your campus firewall may not be allowing port 1723 outbound, might be looking for (and disallowing) GRE.
You might simply need to pick a different tunneling protocol, or (if possible) move which port your VPN connection uses.
Quote:
Unfortunetely atm there is no way (that I have found) to open up the needed ports to play FFXI with a tunneler, as there aren't any programs out there that I've found that will unblock UDP ports 50000-65535.
A tunneler doesn't "unblock" the ports, it just proxies them, and the "UDP Proxy" project (http://sourceforge.net/projects/udpproxy/) can do that. I suspect you could also set up an effective UDP proxy using netcat.
Wow, nice, I've got a similar situation, but, um, at work >.>
I may have to try setting up a VPN server at my house and see if I can get it to work. Dial-up sucks
Thanks for the links.
I may have to try setting up a VPN server at my house and see if I can get it to work. Dial-up sucks
Thanks for the links.
Scholar
18 posts
Slightly off-topic- but @ my work my boss is a micromanager-son-of-a-beoytch lol. He's made it his religion to block internet... no-matter-what/where you goto. Even blocked msn.com!
So for ppl @ work that deal with this is an ungodly nightmare. I have to use proxify.com just to makes ends-meat and enjoy the internet on my breaks. Dunno if that may help in your situation for FFXI, but that does royality suck and imo they are taking your rights away. The internet is such a controversal subject whether it even has "freedoms" like free speech.
So for ppl @ work that deal with this is an ungodly nightmare. I have to use proxify.com just to makes ends-meat and enjoy the internet on my breaks. Dunno if that may help in your situation for FFXI, but that does royality suck and imo they are taking your rights away. The internet is such a controversal subject whether it even has "freedoms" like free speech.
Recent Visitors: 37
All times are in CST
Anonymous Guests (37)
- Forums
- FFXI Servers
- Shiva
- Getting around University Firewall...
© 2024 Fanbyte LLC