Escolar Documentos
Profissional Documentos
Cultura Documentos
Routers/Broadband modems
a) Devices without UPnP or NAT-PMP
1. you have to set your PC to a static IP (i.e. don't use DHCP) or use your router's
MAC-address binding to allocate a specific IP to your network card
2. log into your router (if you don't know its address read the manual or determine the
gateway address, which should be the address of your router)
3. Setup port forwarding by setting up rules to forward Vuze' listening ports (UDP and
TCP) as external ports to the IP of your computer and the same ports on your
computer.
Note: The exact wording is different for each router, thus it might be called port forwarding,
opening pinholes through the firewall, NAT rules, virtual server or something else.
4. Turn off UPnP in Vuze in Tools > Options > Plugins > UPnP, since it may confuse
some routers that do not support or correctly support UPnP.
b) Devices with UPnP/NAT-PMP
Just enable the UPnP/NAT-PMP plugin under tools -> options -> plugins -> UPnP and set it
to report everything to get some feedback, once it works you can turn the messages off
again. Sadly some routers that claim to support UPnP don't interoperate with Vuze correctly,
if that's the case have a look at point a).
1 Quick outline
2 Detailed guideline
4.2.1 VPNs
5 Conclusion
o 5.1 STILL Not Working?
5. MAC Address: Media Access Control Address (sometimes referred to as a device's physical
address). MAC addresses are a unique code assigned to most forms of networking hardware
(for example: A0:99:E3:76:BE:01). The address is permanently assigned to the hardware
(network cards/wireless adapters/routers) to act as a security feature for limiting access on
closed networks. This is extremely useful when securing a wireless network.
o MAC Address Binding: An option on some routers to bind a MAC address to an IP
address on a closed LAN or WAN network. When available, this method can be used
to create a static IP address for port forwarding purposes.
6. UPnP: Universal Plug 'n Play. A technological stab at attempting to make networking
devices a simple task. This has been met by mixed reviews and levels of effectiveness by
manufacturers and consumers. Your network hardware and Operating System may or may
not properly employ this technology.
7. Port Forwarding: The act of forwarding a network port from one machine to another. One
use of this technique can allow an external user to reach a port on a private IP address
(inside a LAN) from the outside via a NAT-enabled router.
8. Port Triggering: This allows computers behind a NAT-enabled router access to a special
server or use a special application on the Internet using a specified port number. While
similar to port forwarding, it is not recommended for usage with bittorrents due to the
timing discrepencies involved with a port constantly being told to open with so many
connections being generated. It has more functions for gaming servers.
9. DMZ: The De-Militarized Zone. When this option is enabled in a router, the computer is
now outside of the internal/protected network. Since a DMZ'd computer will be open to
allow public access to services, it is considered extremely insecure and dangerous. Do NOT
use DMZ in lieu of port forwarding.
Please Note: If you are using file sharing where you have no access to the router
(corporate or campus network, public WLAN from a cyber-cafe or a neighbor, or a housing
development where everyone shares the connection), you must contact the network
administrator.
You want to select a port that will forward incoming data to your computer's IP address using the
port of choice, and ensure that software firewalls and antivirus programs do not interfere. If you
skimmed the above passages, you may be confused by the following procedures. You should read
the entire page before proceeding.
If you know you own a router, continue reading this page in its intended order.
If you own a router and you are absolutely positive it properly supports UPnP, enable UPnP in Vuze
(Tools->Options->Plugins->UPnP) and try the nat/firewall test again. If this doesn't work, skip
down to the Software Firewall section.
If you are unsure as to whether or not you own a router (some broadband modems have routers with
NAT features built-in), consult your ISP or see your modems manual.
A simple test for Windows operating system users is to use ipconfig (win2K/XP) or
winipcfg (win9X/ME). Go to Start>Run (or hold the Windows key and hit "r"), and type in
the command "cmd /k ipconfig" or "winipcfg.exe" without the quotes, then press the Enter
key. If the Default Gateway starts with 10.*.*.*, 172.*.*.* or 192.*.*.*, then it is very likely
that there is a router involved.
Apple Mac 8.x/9.x: Pull down the Apple menu, select Control Panels. Open the control
panel TCP/IP. Look for the line Router address.
Leopard (10.5.x): Apple menu > System Preferences > Network. From list on
the left select your connection (Ethernet, AirPort, etc.), which is probably
already selected. Click "Advanced" button and from there the TCP/IP tab.
The "Router" line will have an IP address listed if you are connected through
a router.
o Open a Terminal window, type the command ipconfig getoption en0 router (where
en0 is the name of the interface in use)
If you are positive you do not own a router or a broadband modem with NAT features, please skip
down to the Software Firewall section.
o Log into your router's configuration table. This is normally done by typing the
router's Gateway Address into your browser's URL edit box and pressing the Enter
key. You should be prompted for a username/password before proceeding. If you
don't know the information, consult your owner's manual or ISP if it originated from
them. (Note: some devices require utilizing Telnet for access and forwarding; the
steps will be left out here due to their uniqueness. Again, refer to the owner's manual
for the correct procedure).
o If your router supports MAC address binding, do so save/apply your changes, and
skip down to the "Port Forwarding Through The Router" section.
o If your router does not use MAC address binding, disable or limit the DHCP range in
the router, then create a static IP address for your computer that is OUTSIDE the
router's DHCP server's IP pool/range (example: the DHCP range is 192.168.1.100 192.168.1.149 .. you would select 192.168.1.200 as your new static IP address). Here
is a static IP guide for individual Operating Systems. Once this step completed, your
connection to your router will be temporarily broken and then reconnected a few
moments later - this is to be expected. At this point, you should restart both your
router and computer(s) on your LAN (some routers do not release the previous login
and will interefere with the actual port forwarding step detailed further below).
Once your computer and router are restarted, use ipconfig or winipcfg to
ensure the new static IP address is being used and continue reading the
instructions on this page.
The Rule will need a unique Service Name or a Number to identify it.
The Rule will need to know what port number to have forwarded to it.
o If the option asks for a range, simply input the same number for From and To
(example: From: 56912 To: 56912).
The Rule will need to know which protocol to use for that port. Use both TCP and UDP.
o Vuze requires the TCP protocol for "regular" incoming data transmissions.
o Vuze (2.3.0.0 and newer) requires the UDP protocol to be enabled for DHT to
function properly.
If the router does not ask for one protocol or the other, it should be safe to
assume it defaults to using both.
If the router only allows you to choose one protocol or the other, then you
will need to create two rules for that port (use a different Service Name or
Number), one for each protocol.
o The Rule will need to know which IP address to forward to. You will, of course, use
the static IP address you have already assigned yourself.
Example:
Right click on your Internet Connection (eg, Local Area Connection X - that accommodates
your dial-up/broadband modem connection) and click Properties.
Now click the Settings... button in the Internet Connection Sharing group.
For "Description of service:", type in something to remind you that this is for Vuze'
Distributed DB, eg., Vuze DistDB-T.
In the "Name or IP address ..." field, type in the local network name of the computer that is
running Vuze, eg., livingroom.
In the "External Port ..." and "Internal Port ..." fields type in the port number you have
configured your Vuze to use (the port number in Vuze' Tools|Options|Connection).
Choose TCP (should be default) and click the Ok button and you are done. You now have
the DistDB-T service in your Advanced Settings dialog.
You need UDP access to the port as well, so you have to repeat the above steps to add a
UDP service. Just change the service name (eg., Vuze DistDB-U) and remember to choose
UDP instead of TCP this time.
You could follow the "Make sure you really have a NAT problem" advice to check if you've done it
right, but, really, the more enjoyable test is looking in "My Torrents" to see your smileys start to
turn green as soon as you have closed the Advanced Settings dialog.
[edit] Port Forwarding on Linux, specifically Ubuntu
Firstly the earlier notes on port forwarding for your router apply as before. Computers running
Ubuntu, by default, come with all the ports locked down and you need to open the ports in ubuntu
by using the iptables command. Other flavours of linux behave similarly
The commands below can be entered in a root terminal session to open the ports (TCP and UDP)
iptables -I INPUT -p tcp --dport <your_port_number> -j ACCEPT
iptables -I INPUT -p udp --dport <your_port_number> -j ACCEPT
<your_port_number> is the port number you have used for port forwarding (Avoid 6881-6999, any
from 49125-65535 is fine)
Once you've established the port is open you need to make the change persist through a reboot; edit
file /etc/rc.local and add the lines below:
sleep 220
/sbin/iptables -I INPUT -p tcp --dport <your_port_number> -j ACCEPT
/sbin/iptables -I INPUT -p udp --dport <your_port_number> -j ACCEPT
The sleep 220 is there to make the script wait a few minutes to allow subsequent firewall
configuration scripts to run. 220 seconds is a large value and you may choose to configure a lower
value. The key is that the opening of the Vuze port is not countermanded by the firewall
initialisation which runs later.
Your configuration change will now persist through reboots. Further info on the startup process in
this ubuntu howto
Futher Ubuntu Support here
you are connected to. It is possible to configure the remote network to allow the traffic through, but
given the added overhead of a VPN, it is better to run Vuze when not connected to the VPN. Vuze
will run better and your downloads will be faster.
If you have no choice and must be connected to a VPN, then you must contact the network
administrator of the remote network you connect to, and discuss allowing the Vuze port through the
VPN to your PC.
Note: If you're using Check Point SecuRemote Client, it will give you NAT problems even when
you're NOT connected to any remote networks.
Note: If you're using the Cisco Systems VPN Client, you must disable the Stateful Firewall under
Options. (It is disabled if the checkmark next to Stateful Firewall does not appear.)
To avoid the problems, go to network settings and temporarily disable it, before starting Vuze. Or, if
you have two network adapters, simply run the VPN client on one, and Vuze on the other.
[edit] Windows Routing and Remote Access
Microsoft Windows 2000 and XP contain a service for supporting VPNs, that can cause NAT issues
in Vuze if enabled. Even if you don't connect to a VPN, but this service is enabled, it can cause
problems. If you're sure you don't use VPN connections, then it's safe to assume you don't need the
Routing and Remote Access service enabled.
To disable the Routing and Remote Access service in Windows
1. Go to the Windows Control Panel (In Windows XP, switch to Classic View if not already.)
2. Open the Administrative Tools
3. Open Services
4. Find the Routing and Remote Access service, and double-click it.
5. If the server status is 'stopped', then it is not running and it is not your problem.
6. If the server status is 'started', then use the stop button to stop the service, and see if your
NAT problem changes.
If this fixes your NAT problem, and the Routing and Remote Access Service's startup type is set to
Automatic, change it to Manual or disabled to prevent it from running upon next reboot.
protect you from incoming data on certain ports - a good software firewall can monitor outbound
traffic too. Consider this an added layer of security.
For those that use a software firewall on their PC, the following information applies to everyone
who hopes to fix their NAT error.
You should never have more than one software firewall installed and in use at any given
time (analogy: two drivers wanting control of a steering wheel).
Below is a listing of some of today's common software firewalls guides that should help. Additional
information on how to open your firewall with some programs and Operating Systems here:
Firewalling
Also, confirm whether or not your motherboard is based on the NF4 (nVidia nForce 4 chipset).
Many of these new motherboards come with onboard firewalls that are enabled at the time the
drivers are installed.
Some anti-virus programs are extremely sensitive to incoming data and will report "false positives"
when used in conjunction with file sharing applications (though this is no reason to completely
remove your anti-virus software). Instead, you should use Google and see if other users have
encountered such reports. Other anti-virus programs can at times contribute to a NAT error. At the
time this is being written, only one stands out, and others will be added if/when they've been
confirmed.
1. Norton AntiVirus 2005 and 2006 employ "internet worm protection" by default and should
be either disabled or made an exception. Ideally, it would be best to make an exception for
Vuze' communications.
Open Norton AntiVirus 2005 - Click "Options"-- Click "Internet Worm Protection"--- Make sure
"Enable Internet Worm Protection recommended" is checked.--- Click "Trojan Rules"---- Uncheck
"Unused Windows Services Block", (all the way at the bottom of the list)----"OK"---"OK"
goto general rules within the internet worm protection,add a new rule, you need to permit your
Incoming TCP Listen Port(tools-options-connection)
Note: Vuze NAT test will not find this out, as it will always show the first real public IP
address it reaches. In the case of mobile dongles with private addresses, the shown IP
address is probably a router somewhere at the ISP.
[edit] Conclusion
This page's purpose should help the vast majority of those who have encountered a NAT error while
using Vuze with a "typical" setup. There are other circumstances, though, that require further
investigation. More help sections will be added to this guide in time.
1. Some computer owners may not realize there are two NAT enabled devices on their network
(modem/router AND router).
2. Some users may not have a routing device at all, but instead, are using ICS (Internet
Connection Sharing) and not properly port mapping to other machines.
What is the exact make/model/revision is your router? (if you use one)
Which (if any) of the above steps have you already attempted and with what level of
success?