TcpListener & Client - Internal IP works but External IP does not?

Question

Hey guys, just trying to overcome a little problem I have with TcpListener and TcpClient.

Basically, I have two programs, one is a TcpListener and waits for any incoming connection to my local IP address:

               TcpListener listen = new TcpListener(IPAddress.Any, 5555);

                listen.Start();

            while (true)
            {
                if (!listen.Pending())
                {

                    Console.WriteLine("Sorry, no connection requests have arrived");

                }
                else
                {
                
                    //Accept the pending client connection and return a TcpClient object initialized for communication.
                    TcpClient tcpClient = listen.AcceptTcpClient();
                    // Using the RemoteEndPoint property.
                    Console.WriteLine("I am listening for connections on " +
                                            IPAddress.Parse(((IPEndPoint)listen.LocalEndpoint).Address.ToString()) +
                                             " on port number " + ((IPEndPoint)listen.LocalEndpoint).Port.ToString());
                    Console.ReadLine();
                }
            }

And the other connects to my local IP using the same port:

tcpclient.Connect(IPAddress.Parse("192.168.1.10", 5555);

And this works when connecting with a local IP Address, however when I want to do tcpclient.connect(externalIP, 5555) it does not work.

 

I figured it had something to do with firewalls and port forwarding but I am set as the DMZ server in my router, have set up numerous port forwarding rules for other applications like uTorrent and games (that all work) but this just doesn't seem to work...

Another thing I should mention is this site only says my port is open when an application uses it.

Ie. port 50000 is open when utorrent is open and using that port, otherwise it will say port 50000 is closed.

 

Any ideas?

 

Thanks.

Answer 1

Check your firewall logs about the port being blocked or not.

Answer 2

Checked it, it doesn't show any DENIED connections, only ones that are allowed.

Is there a reason?

 

I have set it to log dropped connections on both private and domain connections..

 

Thanks.

 

EDIT- Had to wait a while but got this:

2011-12-29 18:53:21 DROP ICMP 2002:6d34:96aa::6d34:96aa 2001:0:4137:9e76:38e6:674:91df:8ff9 - - 52 - - - - 129 0 - RECEIVE

Not sure if that's it?

 

EDIT 2 - Nope, I am not getting any DROPPED connection logs any more. Probably means the above ^ is not what I was looking for :/. Did a successful connection to local IP followed by two requests to the external IP (which failed) followed by a successful connection again to narrow down results to between two ALLOW TCP ip ip 5555. As suspected, didn't show the unsuccessful connections.

 

EDIT 3 - Another thing to mention is that I have a Modem that leases an address to my Router which leases addresses to me and other computers. So in a way I have to 'double port forward' wherein any requests to my external IP and port (modem IP) are forwarded to my router IP which then forwards these to me. Is this the correct way of doing this?

Answer 3

Travy92, I can see that your issue is more likely with the environment, I would advice you to use technet forums for a rapid help.

Answer 4

Alright, posted there.

Hopefully a fast reply :)

 

But if anyone here still has any ideas, it would be appreciated!

 

Thanks.

Answer 5

I myself had this problem aswell.

Most likely the Windows Firewall is blocking traffic. That's why your application doesn't show up in the logs. It doesn't even reach that far because it is blocked in an earlier stage.

Why don't professional applications suffer from this?

Turns out, that "professional" applications will call some winapi function that will popup the windows firewall notifier and ask you if you want to allow the application.

There are some options:

* Turn off the windows firewall completely (strongly recommended for testing purposes since there is no possibility of doing this wrong) (services.msc -> Windows Firewall blablabla, turn it off and set it to manually).
* Manually adding your application to the firewall exceptions.
* Upgrading your application so it will add an exception itself, or ask the user to allow one. Latest Windows SDK required for this.

Answer 6

Can you ping the destination?  Try the ping first to make sure you actaully have a valid route to the destination.  From DOS window type >Ping 192.168.1.10

Ping won't always work because some server now ignore ping since hackers some time use ping to bring down servers. The hackers send out millions of ping messages to the servers at one time to bring them down.

---

jdweng

Answer 7

When I used the TcpListener class I had to port forward though the router firewall in order for a TcpClient to connect to it, and I have to do this for all servers including game servers, teamspeak servers etc...

Even if all ports are unblocked on the firewall I think you still need to "port forward/virtual server" specific ports to specific local IP address so that the local IP address can actually listen for connections from the internet. Im no networking wiz (as you could probably tell by the way I'm typing this) but is what I got do to, and Id imagine its the same for everyone as all my mates cannot host servers even if all ports + firewalls are unblocked and off unless they setup a virtual server (this is what it is called on my router).

Xanather.

---

Personal Website: http://www.xanather.com