Can't join, Can't create

[cs2107]

Hi.
When I try and join a game, it says "atempting.." the number goes up past a thousand,
I waited for 20minutes it sill didn't Join the Game.

When Creating a game, with one AI player it works fine, but when waiting for another
playing it just sits there waiting for another player even If I wait a long time.

As far as firewall settings go, it's off on the Windows system, and I have added the
NAT rule for 5008->5011 on both TCP and UDP on my router configuration.

[bert_the_turtle]

Hmm, could you post screenshots of the relevant configuration screens? The port forwarding and NAT rules of your router and your Windows firewall configuration. And, are you sure there is no other firewall installed?

[cs2107]

no firewall on windows system, the router's NAT configuration is openbsd and relevant rules are as follows...

rdr pass inet proto tcp from any to 192.20.199.2 port 5008 -> 192.20.200.45 port 5008
rdr pass inet proto tcp from any to 192.20.199.2 port 5009 -> 192.20.200.45 port 5009
rdr pass inet proto tcp from any to 192.20.199.2 port 5010 -> 192.20.200.45 port 5010
rdr pass inet proto tcp from any to 192.20.199.2 port 5011 -> 192.20.200.45 port 5011
rdr pass inet proto udp from any to 192.20.199.2 port 5008 -> 192.20.200.45 port 5008
rdr pass inet proto udp from any to 192.20.199.2 port 5009 -> 192.20.200.45 port 5009
rdr pass inet proto udp from any to 192.20.199.2 port 5010 -> 192.20.200.45 port 5010
rdr pass inet proto udp from any to 192.20.199.2 port 5011 -> 192.20.200.45 port 5011

note: the above rule has been tested with http, ftp services forwarding and works ok for that.

[cs2107]

I bought the game and put in my key, I can now join but not create.

EDIT: I can't join all games however, some still get stuck and keep attempting.

[prophile]

That's because they've set up their firewalls incorrectly. If that happens, just find another game.

[bert_the_turtle]

Did you tell the game that you have port forwarding enabled? There is a switch for it in the network setup. It shouldn't be required, but is worth a try. Also, UDP is a bit different when it comes to "connections" than TCP; maybe you also need to tell your router to let packets originating from ports 5008 to 5011 get out of your network?
192.20.199.2 is your Router's LAN address and 192.20.200.45 is your PC's LAN address? I don't know about openbsd, but I think on Linux, you'd have to put the Router's Internet IP address there (or the internet network interface).

You should also check whether your server is listed on the metaserver list; while you're in your lobby, press escape and select "join game". The list of all servers should come up, and one of them should be marked as "Your Server".

And of course, there is the possibility that nobody wants to play with you

[torig]

Well there are two problems with that.

First of, your router is using non-RFC 1918 address space.
In English: you are using public address space for private use. Or in other words: the IP range 192.20.0.0/12 (the entire B class) is routable on the internet.
It is highly unlikely anything would be routed to your router directly using that IP. But of course that IP is on your LAN side, you have a routable address on the internet side (or a private address and your ISP performing NAT to a public one).

Whatever the case, you have different solutions.
People will be trying to connect to inet interface on port 5008 (for instance) but that port isn't open. Actually you should port forward it from router_ext_IP:port to LAN_IP_pc:port.
Normally your router should NAT packets coming to router_ext_IP:port to router_LAN_IP:port (which is port forwarded in your example, so router_ext_IP:port becomes router_LAN_IP:port ). However, it seems the packets are being treated as incoming to router_ext_IP:port which is not opened . Hence you need to port forward that port to the local IP which is then port forwarded to the other pc (if you do it directly, the router for some daft reason may or may not properly NAT between your two interfaces).

The IP you've used for your router is in use by AT&T. Actually, it's on of their DNSes it would seem.

Name: nothing.attdns.com
Address: 192.20.199.2

Pick addresses in:

10.0.0.0/8 - anything after the 10 can be changed. This is a Class A network.
172.16.0.0/12 - this gives you 16 class B networks. They span from 172.16.0.0 to 172.31.255.255 .
192.168.0.0/16 - It spans from 192.168.0.0 till 192.168.255.255 (256 C class networks)
Anything outside these IP ranges A/ is fully routable on the internet B/ should be considered "in use". (ok I'm not talking about D/E class which have specially reserved functions. But luckily, I've yet to encounter the first person that decided to name his network 239.21.25.x for instance)

[torig]

192.20.199.2 is your Router's LAN address and 192.20.200.45 is your PC's LAN address? I don't know about openbsd, but I think on Linux, you'd have to put the Router's Internet IP address there (or the internet network interface).

Well, I first thought so too (see my previous post) but then I reread his router rules.
I don't like those "interpreted" things, because each manifacturer interprets differently.

rdr pass inet proto tcp from any to 192.20.199.2 port 5008 -> 192.20.200.45 port 5008

"pass inet proto" (and then the rest). Does that many "Allow any source coming from the inet interface using proto TCP going to port 5008 on 192.20.199.2 to be forwarded to .200.45:5008" or does it mean "Allow any source coming from the inet interface using proto TCP trying to reach port 5008 to be rewritten to IP .199.2 port 5008 which is forwarded to ....."

Actually, I think it's the first. While you need the second. No one "from the internet" is going to be coming for .199.2 AND arrive at his box
There seems to be a missing rule saying A/ port 5008 is open on the internet side (accept -or in this case, allow- traffic)
B/ rewrite inet:5008 to LAN:5008

Good point on the UDP traffic Bert. Most "good" firewalls treat UDP as semi-statefull nowadays and open up the connection bi-directly.

[cs2107]

Did you tell the game that you have port forwarding enabled? There is a switch for it in the network setup. It shouldn't be required, but is worth a try. Also, UDP is a bit different when it comes to "connections" than TCP; maybe you also need to tell your router to let packets originating from ports 5008 to 5011 get out of your network?
192.20.199.2 is your Router's LAN address and 192.20.200.45 is your PC's LAN address? I don't know about openbsd, but I think on Linux, you'd have to put the Router's Internet IP address there (or the internet network interface).

You should also check whether your server is listed on the metaserver list; while you're in your lobby, press escape and select "join game". The list of all servers should come up, and one of them should be marked as "Your Server".

And of course, there is the possibility that nobody wants to play with you

At the moment the default route is 192.20.200.1 (internal interface of firewall system) the address with 199 in it was the external interface of the firewall system.

Yes I see my game in the lobby list, but I assume people are getting the same "Attempting" message as I get when joining games due to some rule not being set in firewall. I will check what both of you suggested, but so far no issue hosting different services in the past with this setup.