How To Make P2P Programs to Work on Networks Using a Broadband Router
By Gabriel Torres on February 15, 2007
If you built your own network using a broadband router, the router will automatically prevent any P2P file sharing program (eMule, Shareaza, etc) from working correctly on your network: it will either get a “low ID” or will be shown as “firewalled”. As a consequence you will get lower transfer rates and also won’t be able to initiate file downloading from users that are also “firewalled”. In this tutorial we will teach you how to configure your router to correctly allow P2P file sharing programs to work.
This problem happens because P2P programs use non-standard ports to work. Since broadband routers work as a firewall, they block all connections using non-standard ports. So in theory it would be just a matter of “opening” the ports that your P2P program uses on your broadband router control panel to solve this issue. However, it isn’t that simple. Usually by simply “opening” ports on your firewall programs have access to servers on the Internet using these ports, but it doesn’t allow other computers on the Internet to have access to your PC. In other words, while the firewall will allow outgoing connections, it will still operational, blocking incoming connections. Keep in mind that when using P2P programs your computer will act as a server, delivering files (and parts of incomplete files) to other users.
On this tutorial we will use eMule as our example. The basic idea shown on this tutorial is exactly the same for other programs; the only different thing will be the exact location of the options we need to change on the program. You will be able to adapt this tutorial to other programs very easily.
Let’s first take a look at the problem. After downloading and installing eMule on our PC we hit “Connect” and we got a “low ID” status, as shown in Figure 1 (follow the red arrow). The correct would be getting a “high ID” status (for security reasons we removed our IP address from this screenshot).
To test your connection, go to Options, Connection and click on Test Ports. This will test your connection to check if people on the Internet is being able to access files located in your computer. As we had this low ID problem, the result wouldn’t be different than the one shown in Figure 2 (once again we removed our IP address from this screenshot for security reasons).
The goal of our tutorial is to make your computer to pass this test, thus giving you a high ID on eMule.
The first thing we should do is to reconfigure eMule to use a different set of TCP/IP ports. On the eMule version we installed it was using ports 19034 for TCP protocol and 17157 for UDP protocol. You need to change that to 4660 for TCP protocol and 4670 for UDP protocol. This is done on Options, Connection. In Figure 3, you can see how our eMule was configured and then in Figure 4 you can see eMule correctly configured. Don’t forget to click on “Apply” after changing this configuration. Exit eMule.
If you are using a different P2P program, we recommend you to enter its configuration menu and change its default TCP and UDP ports to the numbers we suggested, in order to make it easier to follow our tutorial.
Now you need to configure Windows XP’s internal firewall.
Windows XP SP2 has an internal firewall that blocks P2P connections (if you don’t have SP2 installed you won’t have Windows Firewall installed). So we must configure Windows XP in order to “open” the ports used. If you have another firewall program installed such as ZoneAlarm or Norton Personal Firewall, you will need to make this procedure on your firewall program. After running your P2P program for the first time you probably unblocked it on Windows Firewall (by clicking on Unblock on the screen shown in Figure 5) but this isn’t enough.
Open Control Panel, Windows Firewall and click on Exceptions tab. Your P2P program will probably be already listed there, as you can see in Figure 6, where eMule was already being listed. If not, click on Add program and choose your P2P program.
Even if your P2P program is already listed on Windows Firewall Exceptions tab you need to click on Add port. Then give a name to this rule (e.g., “eMule TCP Port”), add the TCP port number that eMule uses (4660), select “TCP” and click Ok (see Figure 7).
Figure 7: Adding the TCP port used by eMule.
Then click again on Add port, give a name to this rule (e.g., “eMule UDP Port”), add the UDP port number that eMule uses (4670), select “UDP” and click Ok (see Figure 8).
Figure 8: Adding the UDP port used by eMule.
These new rules will now be listed on Windows Firewall Exceptions tab, see Figure 9.
But that isn’t all. We still need to add one more configuration to Windows Firewall.
Now click on Advanced tab. The screen shown in Figure 10 will show up. Click on the first Settings button, present in "Network Connection Settings" field.
As you can see in Figure 11, there will be no configuration for our P2P program yet, so we must add two configurations there, one for each protocol (TCP and UDP).
Click on Add, then enter a name for this configuration (e.g., “eMule TCP Port”), the name of your computer or the IP address your computer is using, the TCP port number (4660) on both “External Port number” and “Internet port number” fields, check TCP and click Ok. In our case we used our computer name (“Gabe”).
If you don’t know the name of your computer, go to Control Panel, System, Computer Name tab. It will be listed there. If you prefer to use the IP address of your PC and don’t know it, click on Start, Run, Cmd and then type Ipconfig and hit Enter. This command will list the IP address your computer is using. We know that the IP address of your computer can change over time, but later we will need to configure our router to always assign the same IP address to our computer, so actually this won’t be really a problem.
Figure 12: Adding the TCP port used by eMule
Now repeat the process for the UDP port: click on Add, enter a name for this configuration (e.g., “eMule UDP Port”), the name of your computer or the IP address your computer is using, the UDP port number (4670) on both “External Port number” and “Internet port number” fields, check UDP and click Ok.
Figure 13: Adding the UDP port used by eMule.
Now you will see both configurations selected on Windows Firewall advanced settings tab, as shown in Figure 14.
Click Ok and you are done with Windows Firewall configuration.
Our next step is configuring our router.
The exact options names and locations for your router configuration will vary depending on the router brand and model. In our examples we are using a D-Link DI-524 router and we think it is not so hard finding out how the options we will show are named on your particular case.
The first thing you will have to do is obviously enter the router control panel. If you don’t know how to do that, please read our tutorial on how to build a network using a broadband router to learn how this is done.
There you need to look for an option called “Virtual Server” or similar. On our router this option was the first found under “Advanced”, see Figure 15.
Here you will need to select “Enable”, give a name to this configuration (e.g., “eMule TCP Port”), enter the IP address of your computer (or the computer running your P2P program), select TCP, enter eMule TCP port number (4660) on both “Private Port” and “Public Port” fields (these fields can also be called “Internal Port” and “External Port”, respectively), select Always and click Apply. If you don’t know the IP address of your PC, click on Start, Run, Cmd and then type Ipconfig and hit Enter. This command will list the IP address your computer is using.
Repeat the process for the UDP Port: select “Enable”, give a name to this configuration (e.g., “eMule UDP Port”), enter the IP address of your computer (or the computer running your P2P program), select UDP, enter eMule UDP port number (4670) on both “Private Port” and “Public Port” fields, select Always and click Apply.
Now you will see these two new rules added and enabled on the Virtual Server section of your router, see Figure 18.
Now you need to make your router to always assign the same IP address to your computer, otherwise your configuration will stop working if your router assigns a different IP address to your computer the next time your turn it on.
You need to find now where DHCP configuration is located in your router control panel. On our router this was located at Home, DHCP. There look for a configuration called “Static DHCP”.
Configuring our router to always assign the same IP address to our computer was really easy. On the drop-down box called “DHCP Client” we had a list of all computers connected to our router. So it was just a matter of selecting our computer from that list (which was called “Gabe”), clicking on “Clone”, selecting Enable and then clicking on Apply.
With this configuration in place, our PC will always have the same IP address, so we won’t lose the configurations we made before.
Now it is time to check if everything was correctly configured. Enter your P2P program, click on Connect and now you will get a high ID or “open” status (instead of “firewalled”), follow the red arrow in Figure 21. On eMule we can run again its internal test (Option, Connection, Test Port) to see if your configuration was done right, see Figure 22.