"I see the list of stations, but every time
I try to connect to one, I get a "Connect attempt failed" message after 30
seconds. What's the problem?"
Most likely, a "firewall" problem is preventing your computer from
receiving messages from other stations over the Internet. This is a very
common issue.
Please note that this is not a problem with the EchoLink
software itself. For this reason, the EchoLink Support team
will not be able to help you solve it. However, the information on this
page might help. It's also recommended that you first try the Firewall/Router Test Page on this site.
The solution depends on what kind of hardware and software you are
using for your Internet connection. Unfortunately, many different
hardware and software products may be involved, so it is not possible to
document every solution. A few of the most common situations are listed
below.
Basic Information
EchoLink requires that your router or firewall allow inbound and
outbound UDP to ports 5198 and 5199, and outbound TCP to port
5200. If you are using a
home-network router, you will also need to configure the router to "forward"
UDP ports 5198 and 5199 to the PC on which EchoLink is running.
This can be summarized as:
Allow UDP destination ports 5198-5199 between Internet and PC in both directions
Allow TCP (source port any, destination port 5200) from PC to Internet
The information above applies to every situation, regardless of the
type of equipment and software you are using. If the information below
does not help you solve the problem, please consult your equipment's
documentation, or contact the manufacturer for support, and provide them with
the information above.
Note: If you are using Internet security software and have
recently upgraded to a newer version of EchoLink, you may need to re-apply the
special security settings you had established earlier.
DSL and Cable Modem Service
If you connect to the Internet using DSL or Cable Modem service,
there might be a router built into the equipment that the telephone company or cable company provided you.
For example, some of the equipment provided by BellSouth and Verizon have built-in routers. Check the make and model of your DSL adapter or cable modem, and then look for instructions
on the portforward.com site described below.
PortForward.com Web Site
A useful Web site that discusses port forwarding, with solutions for
specific makes and models of equipment, is
www.portforward.com. Scroll down the page at that site to find the
make and model of your equipment. (Please note that portforward.com is not
affiliated in any way with EchoLink; we recommend that you use the portforward.com Web site as an information resource, and not necessarily for the optional configuration software being sold on that site.)
Microsoft Windows
Newer versions of Windows come with a built-in "firewall" feature that helps
protect your computer from undesired connections from the Internet. In
order to use EchoLink, you will need to adjust some settings if the built-in
firewall is enabled.
There are different versions of the Windows firewall, depending
on the version of Windows you are using. Verify the Windows
version by right-clicking the My Computer icon on your desktop, and choosing
Properties. Then, choose one of the links below:
Windows XP Service Pack 1: See
Windows XP Firewall Setup. Also see the Microsoft article
Using the Internet Connection Firewall.
Windows XP Service Pack 2: See
EchoLink and Windows XP SP2.
Windows 7 and above: See EchoLink, Windows 7 and Above.
Problems With Some Connections, And Not Others?
If you router isn't properly configured, you might that you are
able to connect to some stations on EchoLink, but not others. For more
information about this, please see the article
"Echolink, Firewalls, and Routers."
Windows Internet Connection Sharing
Several versions of Microsoft Windows support a utility called
Internet Connection Sharing (ICS). This utility allows several different
computers on a local network to access the Internet over a single
connection. Basically, ICS is a software-based router. As with any
router, the software must be configured to "forward" UDP ports 5198 and 5199 to
the computer on which EchoLink is installed, which might not be the same
computer on which ICS is running.
A useful utility for setting up Internet Connection Sharing is
ICS Configuration.
See also the Microsoft articles on
troublehooting ICS problems and a
description of ICS.
Home-Network Routers and Modems
A "router", as used in a home network, is a device which allows
several different computers to share a single connection to the Internet.
A router is frequently used in conjunction with a cable modem or DSL
connection. Popular models are manufactured by Linksys, D-Link, and
SMC. We do not have configuration information for any routers other than
those listed below. If your model is not listed below, please
consult the manufacturer's documentation for details.
Finding the Local IP Address
To configure your router, you will first need to know your computer's local
IP address. If you are not sure what the address is, do the
following:
Windows 95, 98, and Me: From the Start menu, choose Run, and
enter winipcfg. The IP Configuration window should
open. In the drop-down box at the top, select your Ethernet adapter, then
note the IP address that is displayed.
Windows NT, XP, 2000, and 2003: From the Start menu, choose
Programs->Accessories->Command Prompt. A command prompt should
open. Enter ipconfig. Note the IP address that is displayed
underneath the name of your Ethernet adapter.
Linksys Routers
-
Using a Web browser, bring up your router's configuration
page. By default, the URL is 192.168.1.1, the user name is blank, and the
password is "admin".
-
Be sure you are using the latest version of the firmware for this
device. The version of your current firmware is displayed on the Setup
page. Check the Linksys Web site for details.
-
Click the Advanced tab.
-
Click the Forwarding tab.
-
If you see a column labeled "Customized Applications" on the left,
enter "EchoLink" on the first line. (Not all versions of the Linksys
firmware have this column.)
-
In the first pair of Service Port Range (or Ext.Port) boxes along
the top, enter 5198 and 5199.
-
On the same line, under Protocol, choose UDP (or check the UDP box).
-
On the same line, enter the local IP address of the computer running
EchoLink. (If you are not sure what the address is, run "winipcfg" or
"ipconfig" from a command prompt).
-
If there is an Enable check box on the same line, check it.
-
Click Apply to save changes.
D-Link DI-604
-
Be sure you are using the latest version of the firmware for this
device. Older versions of the firmware may not work correctly.
Check the D-Link Web site for details.
-
Using a Web browser, bring up your router's configuration
page. By default, the URL is 192.168.0.1, the user name is "admin", and
the password is blank.
-
Click the Advanced tab.
-
Click the Applications button.
-
Click the Enable button.
-
After Name, enter "EchoLink".
-
After Trigger Port, enter 5200.
-
After Trigger Type, choose TCP.
-
After Public Port, enter 5198-5199.
-
After Public Type, choose UDP.
-
Click "Apply".
Click here to see a
screen shot of this configuration. (Tks: VE3BDR)
3Com Office Connect 612
(courtesy of IW0GLC)
Enter the following three commands, substituting your
computer's local IP address for <ip> :
set vc EchoLink nat_options enable
add nat udp vc EchoLink public_port 5198 private_address <ip> private_port 5198
add nat udp vc EchoLink public_port 5199 private_address <ip> private_port 5199
SMC Routers
(courtesy of N1AHH)
click NAT
click SPECIAL APPLICATIONS
on line one under TRIGGER PORT type:
5198, TRIGGER TYPE UDP PUBLIC PORT 5198 PUBLIC TYPE UDP ENABLED
on line two under TRIGGER PORT type:
5199, TRIGGER TYPE UDP PUBLIC PORT 5199 PUBLIC TYPE UDP ENABLED
Drop down to the bottom of the page and select apply. Exit the router
set-up and start EchoLink. It should function normally.
If you have any firmware version before v1.05, contact SMC technical
support at www.smc.com and ask for the latest
firmware update. The latest on the web page as of 3 nov 02 is ver 1.03,
however if asked, they will e-mail you version 1.05 which appears to solve a
problem with intermittent disconnects.
When you receive the firmware update, install it according to the
manual's directions. Basically, this means to go to the ADVANCED section and
then TOOLS, then FIRMWARE UPGRADE. Follow the directions. The
router will perform a hard reset when done and you will have to re-configure
using the SET-UP WIZARD.
Belkin Cable/DSL
Router
Model No. F5D-5230-4
(courtesy of WD4FFX)
Log into the Router by going to going to http://192.168.2.1:88
on your browser, then invoke Initial Setup, then go to Virtual Server under the
Security Banner.
Fill out the blanks as follows: ( XX is the IP suffix of the EchoLink computer)
Private IP Private Port Type Public Port
1. 192. 168. 2.XX 5198
UDP 5198
2. 192. 168. 2.XX 5199
UDP 5199
Alcatel Speedtouch Pro Modem
See instructions,
courtesy of VK3FFB
Other Routers
In general, the router must be configured to "forward" UDP ports 5198
and 5199 to the computer on which EchoLink is installed. Forwarding is
sometimes found as an advanced configuration option on your router's setup
screens. If forwarding is not available, you may need to configure your
EchoLink computer as a DMZ, which effectively opens all ports to the
Internet. If this becomes necessary, some sort of network security
software such as Windows XP, Norton Internet Security, or ZoneAlarm is
recommended.
ZoneAlarm
ZoneAlarm is a brand of security software which can act as a
firewall, blocking certain "ports" from being used, unless you configure it to
allow them.
If you are using the "free" version of ZoneAlarm, you will need to
change the Internet Zone Security slider to Medium while you are using
EchoLink. Other versions of ZoneAlarm (such as ZoneAlarm Plus and
ZoneAlarm Pro) let you set more specific rules while leaving the security level
at High, which is preferred.
For more information, see
ZoneAlarm Configuration.
Norton Internet Security
The Norton Internet Security package includes Norton Personal
Firewall, a software-based firewall. Setting up Norton Internet Security
for use with EchoLink is normally almost automatic.
For more information, see Configuring Norton
Internet Security.
DSL (Digital Subscriber Line) Service
If you are using DSL to connect to the Internet, note that many DSL
"modems" have built-in routers. For example, Sprint DSL customers are
frequently provided with Efficient Networks or ZyXEL modem/routers, even though
the outside of the equipment might only say Sprint. If you have such a
unit, please follow the modem's User Guide to forward UDP ports 5198 and 5199
as described above, or contact the router manufacturer or your DSL provider for
assistance.
Apple Macintosh
Although EchoLink is designed to run only under Microsoft Windows,
some Macintosh users have successfully run it in a Windows "virtual machine",
using the VirtualPC product from Microsoft. However, due to
EchoLink's UDP port requirements, VirtualPC must be configured to use an IP
address separate from the Mac itself. This can be easily done if your
home network uses a router. Configure the router as described above to
forward EchoLink's UDP ports to the second IP address. See the VirtualPC
documentation for configuration details.
Linux IPTables
For complete details, see the sample
configuration file generously provided by Jason, KB1IMD.
AVM KEN Proxy Software
AVM KEN is a German product, available in ISDN and DSL
versions. For complete details, see the configuration
information generously provided by Jochen, DG2IAQ.
Cisco PIX and ASA Firewalls
VA3ISP has provided this configuration information:
static (inside,outside) udp interface 5199 XXX.XXX.XXX.XXX 5199 netmask
255.255.255.255 0 0
static (inside,outside) udp interface 5198 XXX.XXX.XXX.XXX 5198 netmask
255.255.255.255 0 0
access-list 100 permit udp any host XXX.XXX.XXX.XXX eq 5198
access-list 100 permit udp any host XXX.XXX.XXX.XXX eq 5199
For port forwarding on Cisco routers (from VK2AAT):
ip nat inside source list 100 interface overload
ip nat inside source static udp 5198 5198 extendable
ip nat inside source static udp 5199 5199 extendable
ip nat inside source static tcp 5200 5200 extendable
Satellite Internet Service Providers
Many users are successfully running EchoLink using an Internet
connection provided through a satellite dish. Although the latency (time
delay) is usually higher with this type of system, it rarely affects EchoLink
since EchoLink does not use end-to-end acknowledgements of voice packets.
However, some service providers use a router which does network-address
translation (NAT), which often cannot be configured by the customer.
Check with your satellite ISP to see if this is the case, and whether a
different tier of service is available which will avoid it.
For more information, see:
StarBand
FAQ
Broadband Glossary
MagicSat FAQ
|