Unofficial Civ4 GameSpy Multiplayer Firewall/Router Port Forwarding Guide

[CanuckSoldier]

I'm not sure that GameSpy even needs you to open any ports on your firewall, except 2056 for Civ4. It seems to be listing *outgoing* ports, not inbound, and hardly any firewalls or routers block outgoing ports (usually it just asks "do you want app X to be able to connect to computer Y". Seems highly unlikely that you'd be running an IRC server (6667) on your computer just to use GameSpy.

Well not a server, but GS is just a modified IRC network, which explains the use of the standard IRC port. Either by using the build in game lobby or GS Arcade you are infact using a IRC client.

CS

 

[risa2000]

Risa, were did you determine that Civ4 uses 3784 for voice, according to the GS firewall help page, voice in the lobby(which Civ4 lobby doesn't use anyway) is 3783. In game voice chat uses 2056 as does everyother Civ4 network function.

In fact, I did not . I have read somewhere in this thread that it uses port 3783, then maybe 3784 ...
If this port belongs to GS, I did not know either.

Anyway, I verified only 1) and 2) and I did not use built-in VoIP. In fact I used Ventrilo .

 

[ensignyu]

Well not a server, but GS is just a modified IRC network, which explains the use of the standard IRC port. Either by using the build in game lobby or GS Arcade you are infact using a IRC client.

Key word being "client" -- shouldn't require opening any ports on your end unless they're doing something bizarre.

 

[GrecoRoman]

This is great information, but I'm having a slight problem that maybe you knew how to deal with.

My router will only allow 10 ports at a time to be opened and there are a couple of pre-existing ones already opened, is there anything I can do to maximize my amount of ports so that I can fit all of the above in?

 

[kgober]

if you're using DirectIP, you don't need any ports opened except for 2056 (or whatever port your client is set to use; 2056 is the default).

if you're running multiple machines (multiple clients, or one or more pitboss servers) you'll need to open a different port for each machine. the pitboss sticky thread has more info about this.

-ken

 

[Harpua7859]

for anyone who knows, three of my friends are all in an apartment behind a router. I cannot connect to the game, but I used to be able to do so. we have played 4 times in this setup. I know I am in the DMZ, but they're 3 guys behind one router there's no way they all had the DMZ or ports forewarded. any ideas?

 

[kgober]

if each of the three used a diffferent port (say, one used 2056, one used 2057 and one used 2058), and the router was set to forward each port to the appropriate computer, then that would work fine.

one of the things to watch out for when you do this, is that if the internal ip address of any of the computers changes for any reason, the forwarding rule in the router will need to be updated to point to the new address. this can happen sometimes when using dhcp (it happened with our pitboss server once).

-ken

 

[He-Who-Hunts]

Run -> command -> type "ipconfig" and it will display your ip info

I get 3 Ip adress's when i type this:

IP Adress
Subnet mask
Default Gateway

Which one is the one I type for opening the ports?

 

[kgober]

"IP Address" is the address of your computer. typically, "Default Gateway" is the address of your router.

-ken

 

[ETR]

if each of the three used a diffferent port (say, one used 2056, one used 2057 and one used 2058), and the router was set to forward each port to the appropriate computer, then that would work fine.

How would this work? The pitboss server can only connect to one port, right? So while you could port forward each port, how could you tell the server to listen on each port, or tell each client to connect to the other client on a different port?

Similarly, if you have a player that's on the same NAT router as the server (say he's hosting the game), how can you make that work? Won't all port 2056 traffic be directed to the server, meaning that you could never contact his client as a peer?

We're having issues with this currently in our pitboss setups, so I'd really like to know what you are doing to make this work.

Also, for diagnostics on figuring out who else might be causing problems, wouldn't

telnet friends.machine.com 2056​

be a good test? You should get "connection refused" as the reply from every player's machine (and the server) if I follow correctly. If you get a "connection timed out" error to any of them, that would indicate at least which conneciton is the problem.

--- ETR

 

[NatanielX]

You can setup another Civ4 communication port in
C:\Documents and Settings\UserName\My documents\My Games\Civilization 4\CivilizationIV.ini

Just look for 2056 and change it to 2057 on one computer and 2058 on another, then setup forwadring rules on router.

 

[Lloyd]

Hi

My current Router does not allow port 6667 to be forwarded, it is used for internal puposes on the router.

Would the only soloution be a new router?
I will look into purchasing a Civ friendly router if this is the case!

 

[juggerxnaut]

as a matter of fact,i opened all the ports on my computer,i didnt install any firewall or antivirusware ,but it seems do nothing with the connection.

 

[Steaton]

That's bullfeathers. All ports opened, and still "Contacting peer/host". Firaxis just spend all their money to make neat visuals and singleplayer...

Yes this is definately true - you get problems contacting peer/host when in gamespy (a lot of the time not always) even when you have all ports forwarded correctly, this is a bug with GS/Civ4 software and not necessarily anything to do with your network setup. If it works even once it's not your network!

Otherwise if you have a router then you will need to be in a DMZ (my preferred option but removes some of the added security of the router however software firewall e.g. ZoneAlarm is enough IMHO) or you can forward the ports individually if you want as described in this post.

p.s. I don't know about pitboss but a DMZ will open all ports so you don't have to know anything about port forwarding ever again!

Also the post about zonealarm is rubbish - there are no conflicts with copy protection that I have encountered and I have a LOT of games (infact from a technical view point there is no relationship between a software firewall and accessing a CD drive on the computer, they simply don't interact with each other). Zonealarm uses program control rather than TCP/IP ports for controlling access to the internet.

 

[Sedai]

You can setup another Civ4 communication port in
C:\Documents and Settings\UserName\My documents\My Games\Civilization 4\CivilizationIV.ini

Just look for 2056 and change it to 2057 on one computer and 2058 on another, then setup forwadring rules on router.

Another way to do this is to add the command -port 2056 in the path of the program shortcut on your desktop. This will assign a specific port to each machine. Then check the local LAN IPs of each machine, and forward the correct port to the correct IP on your router. Obviously, you change the command to -port 2057 for the other machine.

 

[VaikKleidenauer]

Hi,

for all those who have an linux router (2.6.*) this is an quick an dirty approach to establish port forwarding for endless civ enjoyment:

---<cut>---

iptables -t nat -I PREROUTING -i ppp0 -p tcp --dport 6667 -j DNAT --to 192.168.0.72:6667
iptables -t nat -I PREROUTING -i ppp0 -p udp --dport 6667 -j DNAT --to 192.168.0.72:6667

iptables -t nat -I PREROUTING -i ppp0 -p tcp --dport 2033 -j DNAT --to 192.168.0.72:2033
iptables -t nat -I PREROUTING -i ppp0 -p udp --dport 2033 -j DNAT --to 192.168.0.72:2033

iptables -t nat -I PREROUTING -i ppp0 -p tcp --dport 2056 -j DNAT --to 192.168.0.72:2056
iptables -t nat -I PREROUTING -i ppp0 -p udp --dport 2056 -j DNAT --to 192.168.0.72:2056

iptables -t nat -I PREROUTING -i ppp0 -p tcp --dport 47624 -j DNAT --to 192.168.0.72:47624
iptables -t nat -I PREROUTING -i ppp0 -p udp --dport 47624 -j DNAT --to 192.168.0.72:47624

iptables -t nat -I PREROUTING -i ppp0 -p tcp --dport 3783 -j DNAT --to 192.168.0.72:3783
iptables -t nat -I PREROUTING -i ppp0 -p udp --dport 3783 -j DNAT --to 192.168.0.72:3783

iptables -t nat -I PREROUTING -i ppp0 -p tcp --dport 3784 -j DNAT --to 192.168.0.72:3784
iptables -t nat -I PREROUTING -i ppp0 -p udp --dport 3784 -j DNAT --to 192.168.0.72:3784

iptables -t nat -I PREROUTING -i ppp0 -p tcp --dport 27900 -j DNAT --to 192.168.0.72:27900
iptables -t nat -I PREROUTING -i ppp0 -p udp --dport 27900 -j DNAT --to 192.168.0.72:27900

iptables -t nat -I PREROUTING -i ppp0 -p tcp --dport 28900 -j DNAT --to 192.168.0.72:28900
iptables -t nat -I PREROUTING -i ppp0 -p udp --dport 28900 -j DNAT --to 192.168.0.72:28900

iptables -t nat -I PREROUTING -i ppp0 -p tcp --dport 29900 -j DNAT --to 192.168.0.72:29900
iptables -t nat -I PREROUTING -i ppp0 -p udp --dport 29900 -j DNAT --to 192.168.0.72:29900

iptables -t nat -I PREROUTING -i ppp0 -p tcp --dport 29901 -j DNAT --to 192.168.0.72:29901
iptables -t nat -I PREROUTING -i ppp0 -p udp --dport 29901 -j DNAT --to 192.168.0.72:29901

iptables -t nat -I PREROUTING -i ppp0 -p tcp --dport 13139 -j DNAT --to 192.168.0.72:13139
iptables -t nat -I PREROUTING -i ppp0 -p udp --dport 13139 -j DNAT --to 192.168.0.72:13139

iptables -t nat -I PREROUTING -i ppp0 -p tcp --dport 6500 -j DNAT --to 192.168.0.72:6500
iptables -t nat -I PREROUTING -i ppp0 -p udp --dport 6500 -j DNAT --to 192.168.0.72:6500

iptables -t nat -I PREROUTING -i ppp0 -p tcp --dport 6515 -j DNAT --to 192.168.0.72:6515
iptables -t nat -I PREROUTING -i ppp0 -p udp --dport 6515 -j DNAT --to 192.168.0.72:6515

iptables -t nat -I PREROUTING -i ppp0 -p tcp --dport 2056 -j DNAT --to 192.168.0.72:2056
iptables -t nat -I PREROUTING -i ppp0 -p udp --dport 2056 -j DNAT --to 192.168.0.72:2056

---<cut>---

surely you have to insert your local ip address an your interface-name. this one worked fine for me (directIP). afaik you need to add another port if you want to "play" as host. Voicechat worked but in a somewhat bad quality.. so maybe wengo|skype|teamspeak|googleTalk|anything familar is the better alternative.

so far,
Vaik

 

[Chunky]

Can anyone help me? When I type my gamespy ID in and click login, nothing happpens. It lags a bit, and then just stays at that screen. What's the reason for this?

I also noticed that CivIV is not on GameSpy Arcade's game list.

 

[vilemerchant]

Can anyone help me? When I type my gamespy ID in and click login, nothing happpens. It lags a bit, and then just stays at that screen. What's the reason for this?

I also noticed that CivIV is not on GameSpy Arcade's game list.

Try creating a new gamespy account using the menu on civ. If it's lagging on that screen, it's because you're using a name that is already taken.

 

[blacktime]

Try creating a new gamespy account using the menu on civ. If it's lagging on that screen, it's because you're using a name that is already taken.

I'm having the exact same problem that Chunky has! I've already tried to creat a new account but the same happens (nothing)! About using a name that is already taken, i dont think that may be possible because i've cheked my status directly at gamespy page and my profile is OK!

Does anyone have any idea how to solve this?

 

[Phyr_Negator]

Read here I guess that reveals the problem source...