jpanderson
asked on
ICQ Shared Files and Firewall
I am using ICQ 2003a and have set up a shared folder service. I am also using Gnet IP0008 router which has a firewall built into it. People can access my shared folder if they are NOT using a router firewall but if someone is using a router with firewall we can't send/receive files or access shared folders (chat works fine). I have tried most of the settings in the connections (General, Server, Firewall and User) configuration but can't seem to get it right. Also I not sure if I should be using proxy settings or how they work.
Does anybody have any insight into this?
Thanks,
Jeff
Does anybody have any insight into this?
Thanks,
Jeff
Hey,
Found this at the following url:
http://www.icq.com/icqtour/firewall/netadmin.html
==========================
For ICQ to successfully work behind a firewall the following system configurations must be set by the System Administrator for the systems network.
Client to server Communication:
This is done via port 5190 TCP to login.icq.com (please note- allow a bi-directional connection to the port for login.icq.com and not any specific IP address, since it stands for more than one IP address).
Client to client communication:
Client to client connection is done using the TCP protocol, using port range 1024-65535. This means that the client needs an open listening port within the mentioned range-- 1024-65535.
==========================
So you need 5190 open to communicate with the ICQ server and any range of ports open on the firewall to transfer files, BOTH firewalls must use the same range. The ones I mentioned in my above post, I beleive, are the default ports used by ICQ so you won't do to bad by opening that range on both firewalls. AND, this is why I sue an ftp server to transfer file snad simply leave one port open for chat...to insecure to do file transfers through these chat programs.
This may also be of some use to you also:
http://www.icq.com/icqtour/firewall/#configure
Cheers,
J
Found this at the following url:
http://www.icq.com/icqtour/firewall/netadmin.html
==========================
For ICQ to successfully work behind a firewall the following system configurations must be set by the System Administrator for the systems network.
Client to server Communication:
This is done via port 5190 TCP to login.icq.com (please note- allow a bi-directional connection to the port for login.icq.com and not any specific IP address, since it stands for more than one IP address).
Client to client communication:
Client to client connection is done using the TCP protocol, using port range 1024-65535. This means that the client needs an open listening port within the mentioned range-- 1024-65535.
==========================
So you need 5190 open to communicate with the ICQ server and any range of ports open on the firewall to transfer files, BOTH firewalls must use the same range. The ones I mentioned in my above post, I beleive, are the default ports used by ICQ so you won't do to bad by opening that range on both firewalls. AND, this is why I sue an ftp server to transfer file snad simply leave one port open for chat...to insecure to do file transfers through these chat programs.
This may also be of some use to you also:
http://www.icq.com/icqtour/firewall/#configure
Cheers,
J
ASKER
I have read all that stuff but it didn't help me.
On my router I have a section called Special Applications, is this where I would put it? It has three sections: ID-Trigger, Incoming Ports and Enable (check box). So would I put the 5190 in the ID-Trigger and leave the Incoming port empty and obviously check the box to enable.
On my router I have a section called Special Applications, is this where I would put it? It has three sections: ID-Trigger, Incoming Ports and Enable (check box). So would I put the 5190 in the ID-Trigger and leave the Incoming port empty and obviously check the box to enable.
ASKER
Ths is the help text for above:
Help - Special Applications
Some applications require multiple connections, like Internet games, Video conferencing, Internet telephony and so on. Due to the firewall function, these applications can not work with pure NAT router. Special Applications makes some of these applications to work with NAT router. The settings are:
Trigger The outbound port number issued by the application.
Incoming ports When the trigger packet is detected, the inbound packets to the specified port numbers are allowed to pass through the firewall.
Help - Special Applications
Some applications require multiple connections, like Internet games, Video conferencing, Internet telephony and so on. Due to the firewall function, these applications can not work with pure NAT router. Special Applications makes some of these applications to work with NAT router. The settings are:
Trigger The outbound port number issued by the application.
Incoming ports When the trigger packet is detected, the inbound packets to the specified port numbers are allowed to pass through the firewall.
I just found this:
In ICQ under "Preferences & security", "Preferences" and Connections, click on "I am behind a firewall or proxy" then click on "Firewall Settings". Then select "I don't have a SOCKS Proxy server on my firewall" or "I am using another Proxy server". Click Next. Click "Use the following TCP listen ports for incoming event" and set the TCP ports for 20000 to 20019 for the first user, 20020 to 20039 for the second user, 20040 to 20059 for the third user, etc.
OUT UDP 4000
IN TCP 20000 20019 for one user
OR
IN TCP 20000 20039 for two users
OR
IN TCP 20000 20059 for three users, etc.
here:
http://www.practicallynetworked.com/sharing/app_port_list.htm
Of course after you do this you will have to open those ports on the firewall/router, the first being the trigger.
Hope it hepldes. I personally do not like ICQ ahd haven't got it installed, so it's just a matter of finding "already" posted information.
Cheers,
J
In ICQ under "Preferences & security", "Preferences" and Connections, click on "I am behind a firewall or proxy" then click on "Firewall Settings". Then select "I don't have a SOCKS Proxy server on my firewall" or "I am using another Proxy server". Click Next. Click "Use the following TCP listen ports for incoming event" and set the TCP ports for 20000 to 20019 for the first user, 20020 to 20039 for the second user, 20040 to 20059 for the third user, etc.
OUT UDP 4000
IN TCP 20000 20019 for one user
OR
IN TCP 20000 20039 for two users
OR
IN TCP 20000 20059 for three users, etc.
here:
http://www.practicallynetworked.com/sharing/app_port_list.htm
Of course after you do this you will have to open those ports on the firewall/router, the first being the trigger.
Hope it hepldes. I personally do not like ICQ ahd haven't got it installed, so it's just a matter of finding "already" posted information.
Cheers,
J
I just found this:
In ICQ under "Preferences & security", "Preferences" and Connections, click on "I am behind a firewall or proxy" then click on "Firewall Settings". Then select "I don't have a SOCKS Proxy server on my firewall" or "I am using another Proxy server". Click Next. Click "Use the following TCP listen ports for incoming event" and set the TCP ports for 20000 to 20019 for the first user, 20020 to 20039 for the second user, 20040 to 20059 for the third user, etc.
OUT UDP 4000
IN TCP 20000 20019 for one user
OR
IN TCP 20000 20039 for two users
OR
IN TCP 20000 20059 for three users, etc.
here:
http://www.practicallynetworked.com/sharing/app_port_list.htm
Of course after you do this you will have to open those ports on the firewall/router, the first being the trigger.
Hope it hepldes. I personally do not like ICQ ahd haven't got it installed, so it's just a matter of finding "already" posted information.
Cheers,
J
In ICQ under "Preferences & security", "Preferences" and Connections, click on "I am behind a firewall or proxy" then click on "Firewall Settings". Then select "I don't have a SOCKS Proxy server on my firewall" or "I am using another Proxy server". Click Next. Click "Use the following TCP listen ports for incoming event" and set the TCP ports for 20000 to 20019 for the first user, 20020 to 20039 for the second user, 20040 to 20059 for the third user, etc.
OUT UDP 4000
IN TCP 20000 20019 for one user
OR
IN TCP 20000 20039 for two users
OR
IN TCP 20000 20059 for three users, etc.
here:
http://www.practicallynetworked.com/sharing/app_port_list.htm
Of course after you do this you will have to open those ports on the firewall/router, the first being the trigger.
Hope it hepldes. I personally do not like ICQ ahd haven't got it installed, so it's just a matter of finding "already" posted information.
Cheers,
J
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thats why I love this site...ask a question and get the answer.
Made the changes in ICQ for the the TCP Port settings and then changed the router and its working good. One problem is that the connection is getting dropped for brief periods of time but I should be able to figure that out.
Thanks jatcan...great work.
Made the changes in ICQ for the the TCP Port settings and then changed the router and its working good. One problem is that the connection is getting dropped for brief periods of time but I should be able to figure that out.
Thanks jatcan...great work.
Your welcome!
Thanks for the grade!
Thanks for the grade!
ASKER
I figured out why the connection was being dropped intermidately and it is because I have another computer running another icq number that I had left the port setting at 5190 on the server tab in connections connected to the same router. I changed it by hitting the Auto Configure button and it seems to work fine although I am just testing on intranet and not the internet. I wrote a litle help file that can be sent to anyone if they send an email to jeff@jpanderson.com with "ICQ and Router Settings" (without the quotes) in the subject line. If anyone wants to test it I will give them the icq number for that machine. Please get the help file first and have icq installed.
Cheers.