Jump to content

dustankorte13

Recommended Posts

dustankorte13

Hello,

I have a hardware firewall in my house. I do work that needs my connection to be secured. Currently when connecting to a lobby it waits a little bit and gives me a failed to connect to server error. If I open all inbound ports to my firewall from the internet then it works fine. I need a list of port numbers and protocols that I need to open so I can play the game but still have my firewall active.

 

Thanks in advance,

Dustan

 

Link to post
Share on other sites
  • Replies 51
  • Created
  • Last Reply

Top Posters In This Topic

  • dustankorte13

    20

  • banchev

    7

  • necuja

    6

  • Graylord

    3

Top Posters In This Topic

Popular Posts

Lol go play Minecraft, you have no idea what your talking about.

Try this: open destination ports:  TCP - 80,11007,31780 UDP - 17000-17025 (not sure about this range)

Regardless this will not help... lol amatures.. Look let me explain something to you guys. Any program using TCP/UDP has to connect through the network stack. There is a handshake depending on th

Posted Images

1 minute ago, dustankorte13 said:

Windows firewall is irrelevant it is off. 

Ok, I'm not familiar with hardware firewalls.. you can't add exceptions to programs on it? If not I will pass this over and have someone check into this

Link to post
Share on other sites
dustankorte13
2 hours ago, necuja said:

Ok, I'm not familiar with hardware firewalls.. you can't add exceptions to programs on it? If not I will pass this over and have someone check into this

Yes I can add exceptions but not as programs, I have to open the specific ports. So like HTTP is port 80 so I have to tell my firewall to allow communication through port 80 TCP and UDP. So basically I need to know what ports your application uses for connectivity I know it uses 443 and that is already open, I assume it uses that for authentication. There are also some random ports in the 65XXX range that I have seen it try to use so I would need to know the range of the random port numbers it can use as well. Thank you very much for your help.

Link to post
Share on other sites
dustankorte13

Regardless this will not help... lol amatures..

Look let me explain something to you guys. Any program using TCP/UDP has to connect through the network stack. There is a handshake depending on the protocol. Escape from tarakov uses 443 for authentication, I have that open. It then does a handshake and attempts to open a connection back to the client via a random port. For example Discord uses ports 45000 - 60000 which is absolutely ridiculous but it is what it is. So in order to get discord to work you need 443 SSL, and all ports between 45000 - 60000 open on your WAN_IN firewall rule. Basically allowing any incoming connections from the internet through the router to the lan destined for ports 45000 - 60000 to pass through. Escape From Tarakov needs 443, and some random ports as well, I need to know the random port range the use for the rest of the connection process to tell my firewall to allow them.

 

Here is a picture for people who cannot read or do not understand as well through text.

 

 

Firewall.JPG

1 minute ago, dustankorte13 said:

Regardless this will not help... lol amatures..

Look let me explain something to you guys. Any program using TCP/UDP has to connect through the network stack. There is a handshake depending on the protocol. Escape from tarakov uses 443 for authentication, I have that open. It then does a handshake and attempts to open a connection back to the client via a random port. For example Discord uses ports 45000 - 60000 which is absolutely ridiculous but it is what it is. So in order to get discord to work you need 443 SSL, and all ports between 45000 - 60000 open on your WAN_IN firewall rule. Basically allowing any incoming connections from the internet through the router to the lan destined for ports 45000 - 60000 to pass through. Escape From Tarakov needs 443, and some random ports as well, I need to know the random port range the use for the rest of the connection process to tell my firewall to allow them.

 

Here is a picture for people who cannot read or do not understand as well through text.

 

 

Firewall.JPG

As a follow on, the top rule enable all test, when I enable that it allows all incoming connections from the outside world all protocols to connect and then Escape from Tarakov works perfectly. It makes a connection through some random 60XXX port number, that number changes each time because it chooses from an available range that the programmers for their game chose.

  • Like 1
Link to post
Share on other sites
dustankorte13
55 minutes ago, banchev said:

Try wireshark/tcpdump to find the tarkov server ip (or check your firewall logs). Then you can place an "any" rule to the ip instead of opening ports B|

This works, all gravy but the problem is that after allowing all connections it connects to say port 62457 and you run netstat, wireshark, what ever other program you want to use to find the connected ports.. the next time the game connects it will choose a different random port from the range this is the problem area, is without knowing the range to open you have to open everything leaving huge security holes in your network. Most people, not a big deal, I work on government contracts so not an option for me. So, I have to enable it, connect, play, then close it all back up... which in theory puts all of their data at risk while it is open, but I wanna play the game I just spent 140$ on... so that is why I am asking for this information.

2 minutes ago, banchev said:

These high ports are the answers and dont need to be forwarded, stateful firewalls accept these "related/established" packaged

Mine does not, because of the current ruleset, but in most cases you would be correct.

Link to post
Share on other sites
dustankorte13
Just now, banchev said:

Sadly they are random by design of the http(s) protocol, so you wont be able to define a range...

You are incorrect, but no big deal just don't speak unless you have the knowledge behind your words.

2 minutes ago, banchev said:

Sadly they are random by design of the http(s) protocol, so you wont be able to define a range...

Every HTTP(S) program, website, etc.. has a specific port range I have contacted everyone of the manufactures of the IOT devices in my home and that is what you see in my photo I presented. It is the exact ranges the programmers allowed their programs to connect back through.

Link to post
Share on other sites
dustankorte13
Just now, banchev said:

You're right, the backwards port can be adjusted serverside. My bad :bemaybe:

Just seems that way cause most sites use similar answer range

;) nbd bro its been a nightmare since starting with my new company. I have literally had to contact developers for like 60 products ... iTunes, and Craftsman (garage door) were the worst... they had no idea, Sears was like we have an application.... LIKE REALLY haha

Link to post
Share on other sites
dustankorte13

Well this company is becoming worse than Apple or Craftsman at this point, at least I had an answer in one day with them. These people are on day 3. Tomorrow I will be filing a dispute on my credit card since I cannot get support for the product. Hopefully they figure it out.

Link to post
Share on other sites
dustankorte13

@necuja I have been getting no answers for this. I am literally ready to smash my head into my desk over the lack of support for such a simple answer. I have sent screen shots, videos, pictures of my network diagram, videos of packet traces, videos of me unable to connect and then turning on my ALLOW ANY ANY rule on my WAN_IN rule while failing to connect and the game just starts working, and still no simple reply for the port range that the application uses.... I mean come on this is such a basic question.

Edited by dustankorte13
Link to post
Share on other sites
dustankorte13

#233756
Game support Technical issues

26 Oct 2017 07:04

I need to know which ports are used for connections. I have a hardware firewall in my home that I need to open the ports on because when I attempt to connect to server it says connection failed and kicks me back out to main screen.

Escape from Tarkov Support Yesterday at 20:56

 

Hello, Dustan!

 

All connections are outgoing. None of the ports should be open for WAN to LAN directions.

I think you have a well-known problem with servers.

 

Thank you for contacting us!
If we answered your questions, please close request and rate our support fighter’s job.
Respectfully yours, the Escape from Tarkov support service.

Yesterday at 23:21 dustankorte13

I need to know the random port range you use to establish the inbound connection back. There is a port range somewhere in the 60XXX range you use on the incoming connection. I need to know that random port range to open them on my firewall.

Yesterday at 23:24 dustankorte13

I get to awaiting server response while connecting to a lobby then get Server connection lost. This is because my firewall block all incoming WAN to LAN connections unless I specify it not to. This for you is somewhere in the 60XXX range, I just need to know that range to open them.

Escape from Tarkov Support Yesterday at 23:33

There is no incoming connection from the servers to you game. Check your firewall log.

How often did you meet the "connection failed" problem?

You can just wait for the patch to be released this week. The patch will fix a lot of errors.

 

Thank you for contacting us!
If we answered your questions, please close request and rate our support fighter’s job.
Respectfully yours, the Escape from Tarkov support service.

Today at 00:07 dustankorte13

Go take a networking class before you respond or get someone who understands networking to respond. When I connect to your game I authenticate through 443.. I know this because it is SSL and I watch the connection happen in Wireshark.. when you answer back which you do then you ask to make a connection back to me through a 60XXX port which when my firewall is wide open works fine. When I close it it stops working. For instance when I just connected to the game, like litterally 10 seconds ago, the random socket made between your servers, and my computer was through 62436.. this means that my firewall needs that port open. If I close that port then your connection stops... the problem is you do not always try to connect to 62436, you connect to a random port address from a range defined by your server or application. So again, if you cannot help me get someone who can please or refund my purchase thank you.

Escape from Tarkov Support Today at 00:51

Wow, you can use Wireshark?

Make a simple experiment. Unblock any ports on your firewall to transfer any traffic from the game or vice versa.

Start the capture of network traffic, run the game and do something with network activity (go to raid, chat, traders etc.).

After that, use the following filters for the captured session in wireshark:

(tcp.flags.syn == 1) && !(tcp.flags.ack == 1)

Then see if there are any packages that fall within the range of TCP ports used by the game (process monitor, netstat or any similar programs that allow you to see the ports used by the application). I do not see any incoming syn-packets in my dump.
This means that all connections are initiated only by the client, there are no incoming connections from servers. There is only response traffic within the already established TCP-connections.

 

I also have a hardware firewall with outgoing NAT, and the game works almost perfectly without opening any ports through NAT from outside. All LAN-WAN traffic is allowed and that's enough for the game. I do not have any configured rules for passing traffic from outside, because all the exchange passes through the rules of NAT.
Any problems that I've encountered are problems on the server side and most of these problems should be fixed in the near future.

 

I asked our programmers questions to clarify the ranges used, but it's worth understanding that the game is at the testing stage and this can all be changed many more times.
For this reason, I do not promise to give an answer with the list of ports now. Perhaps some recommendations will appear closer to the release.

 

Thank you for contacting us!
If we answered your questions, please close request and rate our support fighter’s job.
Respectfully yours, the Escape from Tarkov support service.

Today at 05:52 dustankorte13

Hello, Here is a video of my firewall rule that fixes the issue. It is defiantly my firewall blocking your server from communicating back to my client

Today at 05:57 dustankorte13

https://www.dropbox.com/s/c6drbvu5ud7dx9v/IMG_0646.MOV?dl=0

Escape from Tarkov Support Today at 08:39

On the main tab, I saw the "Logging" checkbox. Turn it on and you will get all the records about the activity of the game. This will clearly give you an answer, which port and which direction to open.

What kind of firewall do you use?

 

Thank you for contacting us!

52 minutes ago dustankorte13

Again, the PORT CHANGES EVERY TIME YOU CONNECT.... BECAUSE IT IS A RANDOM PORT CHOSEN BY YOUR COMPANIES PROGRAMMERS. I need the port range.... there is a range, that it can choose from... that range has to be open, not just one port..... YOU USE 443 for authentication like everyone else on the planet, after we handshake and I attempt to login your company attempts to connect back to my machine on a random port that port changes every time I connect to the server... EVERY TIME...!!!!

19 minutes ago dustankorte13

Ok, so here we are again. My firewall is a Ubiquiti firewall to answer your question. The logging tab only counts packets that fit each rule that you have logging enabled for not the packets themselves that would be ridiculous overhead on the device. So I am providing a couple of things to help better understand. My rule for my firewall for any traffic from the internet, including RESPONSES from your server which you have to send me to update my client on things like loot, player and scav locations, etc..., is my WAN_IN rule. Its default action is BLOCK ANY ANY, meaning everything. This means I have to write a specfic rule for all ports that will be used for traffic from the WAN to my LAN. Ok, so no in the video you will see that YOUR server sends MY client back data from the WAN on all sorts of different ports, those ports change every time I connect... This is because when a programmer programs an application they can choose from a random range of ports or a singular port to use to connect. HTTP port 80, Discord port 45000 - 60000, your application is what I need to know. It seems like the port range is somewhere in the low 50XXX to the high 60XXX but I am not gonna open that huge range unless it is absolutely needed. The test rule you keep seeing me activate opens all ports which is why it all of the sudden works, but this is a huge security risk that I am not able to take with my current employment. So please https://www.dropbox.com/s/0ma2bvnzvrinq8g/IMG_0647.MOV?dl=0

Network Diagram.jpg

15 minutes ago dustankorte13

If you cannot support this request, please just refund my purchase.. I am literally getting so irritated at this lack of support for such a simple request that I almost dont even want to play the game any longer.

Escape from Tarkov Support 8 minutes ago

We really sorry to hear that you had such a situation. We're asking you to pay attention to the point of the TERMS of SERVICE 6.4.1, please:


"By pre-ordering the product, you are authorizing Battlestate Games Limited to automatically charge your account immediately upon submitting the pre-order, and you agree that you will be authorized to participate in beta testing of the product and to download the product and use the Service when it becomes available. The amount you pay will be held with Battlestate Games Limited as a Non-Refundable Deposit (NRD). The NRD amount is clearly shown on the Product webpage, and it represents the full purchase price of the Product".

 

Read the full text here (in the lower right corner of the Web page).

 

Please understand that we have no purpose to sell you pre-order of Escape From Tarkov at "all costs". Our company's reputation is very important to us, and we'd prefer to build long-term and strong relationships with our customers - so players remain only the good and fond memories about Battlestate Games even years later. But unfortunately refund is not possible be purely technical and legal reasons.

 

We sincerely hope for your understanding of this situation.

 

Thank you for contacting us!
If we answered your questions, please close request and rate our support fighter’s job.
Respectfully yours, the Escape from Tarkov support service.

Just now dustankorte13

OK THEN ducking HELP ME MAKE IT WORK!!! GIVE ME THE PORT RANGE YOUR SERVER AND APPLICATION USE!!! INSTEAD OF SOME FUCKED UP RETARDED ASS MOTHER ducking RESPONSE LIKE THIS

REQUEST RESOLVED

1500

Link to post
Share on other sites
3 minutes ago, dustankorte13 said:

This is that

 

I can understand the frustration, but coming onto the forums and breaking our rules won't help the situation. I am doing what I can and will inquire on this again to see the validity of the responses

Link to post
Share on other sites
dustankorte13
4 minutes ago, necuja said:

I can understand the frustration, but coming onto the forums and breaking our rules won't help the situation. I am doing what I can and will inquire on this again to see the validity of the responses

Did not know that word would be bad since it filtered the F word.

Link to post
Share on other sites

There is a filter but it's still masked profanity... I really do want to help you with this as the most annoying thing is buying something and not being able to use it..

Link to post
Share on other sites
dustankorte13
28 minutes ago, necuja said:

There is a filter but it's still masked profanity... I really do want to help you with this as the most annoying thing is buying something and not being able to use it..

Especially since I bought the best version because I have heard nothing but good things about the game. But my support thus far is not so great. 

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...