Overview
Your connection to the Internet might be going through a router or a firewall. These devices can improve the
security of your computer, and can allow a single Internet address to be shared by more than one computer on your network.
However, routers and firewalls can be a problem for peer-to-peer programs such as EchoLink. The reason is that EchoLink nodes communicate directly with each other over the Internet, rather than sending all of their packets through a server. This is good for the efficiency and scale of the system, but it is not always "firewall-friendly".
By far, the most common problem involves a device called a NAT router. Now that broadband Internet connections are so common, NAT routers are more widespread than ever. NAT stands for network address translation. If you have a home network or DSL service, you're likely to have one of these. It poses a problem for EchoLink because it normally does not allow unsolicited packets from the Internet to reach your PC. The solution to this problem is to configure the port forwarding feature of the router to allow certain packets to reach the EchoLink software.
However, port forwarding is not always a good solution. Each make and model of router has a different procedure for setting up port forwarding, so the steps to follow aren't easy to document. (A good starting point, however, is portforward.com.) Furthermore, in many situations (such as public Wi-Fi hotspots and wireless Internet service), you might not even have access to the router to be able to change its configuration.
A Solution
A new feature has recently been rolled out on the EchoLink system that allows EchoLink to work through most types of NAT routers without any special configuration changes. It accomplishes this by automatically setting up a flow within the router when a new connection is being established.
Firewall-friendliness is a feature of version 2.0 or above of the software. Although this is the version of EchoLink most commonly found in the system, many nodes are still running earlier versions. Until all nodes on the system upgrade to 2.0, some types of connections still won't work through an unconfigured NAT router.
If you're running 2.0 behind a NAT router, you may find that you can connect to conference servers, EchoIRLP nodes, and EchoLink nodes running 2.0 or above without making any adjustments to your router. To connect to other nodes, you'll need to adjust your router just as before.
Please note that we still recommend that you configure Port Forwarding in your NAT router for use with EchoLink, if you can. The firewall-friendly feature is provided as a convenience for users who are unsure about how to configure their router, or who are using a type of Internet service that doesn't allow router changes, such as a satellite ISP or a public hot-spot.
Firewall and Router Issues -- Background
firewall is a system that isolates your computer from the Internet, usually for security reasons.
A firewall helps prevent unauthorized access to your computer from other people on the Internet.
A firewall can be implemented using software on your computer (such as ZoneAlarm), or with an
outboard hardware device such as a router
A router a device which allows more than one computer to communicate over a single connection,
such as a connection to the Internet. Routers have become more common in homes as home networks
and high-speed connections, such as cable or DSL, have become more popular. Typically, cable
companies and DSL service providers allocate only one Internet address to an entire household,
in which there may be several computers. The router must decide which computer should receive
each packet of data which comes in from the Internet.
Overview
Your connection to the Internet might be going through a or a firewall. These devices can improve
the security of your computer, and can allow a single Internet address to be shared by more than
one computer on your network.However, routers and firewalls can be a problem for peer-to-peer
programs such as EchoLink. The reason is that EchoLink nodes communicate directly with each other
over the Internet, rather than sending all of their packets through a server. This is good for the
efficiency and scale of the system, but it is not always "firewall-friendly".By far, the most common
problem involves a device called a NAT router. Now that broadband Internet connections are so common,
NAT routers are more widespread than ever. NAT stands for "Network Address Translation". If you have
a home network or DSL service, you're likely to have one of these. It poses a problem for EchoLink
because it normally does not allow unsolicited packets from the Internet to reach your PC. The
solution to this problem is to configure the port forwarding feature of the router to allow certain
packets to reach the EchoLink software.
However, port forwarding is not always a good solution. Each make and model of router has a different
procedure for setting up port forwarding, so the steps to follow aren't easy to document. A good
starting point, however, is Portforward.com. Furthermore, in many situations (such as public
Wi-Fi hotspots and wireless Internet service), you might not even have access to the router to be
able to change its configuration.
A Solution
A new feature has recently been rolled out on the EchoLink system that allows EchoLink to work through
most types of NAT routers without any special configuration changes. It accomplishes this by automatically setting up a flow within the router when a new connection is being established.
Firewall-friendliness is a feature of version 2.0 or above of the software. Although this is the version
of EchoLink most commonly found in the system, many nodes are still running earlier versions. Until all
nodes on the system upgrade to 2.0, some types of connections still won't work through an unconfigured
NAT router. If you're running 2.0 behind a NAT router, you may find that you can connect to conference
servers, EchoIRLP nodes, and EchoLink nodes running 2.0 or above without making any adjustments to your router.
To connect to other nodes, you'll need to adjust your router just as before.
Please note that we still recommend that you configure Port Forwarding in your NAT router for use with
EchoLink, if you can. The firewall-friendly feature is provided as a convenience for users who are
unsure about how to configure their router, or who are using a type of Internet service that doesn't
allow router changes, such as a satellite ISP or a public hot-spot.
Do I Have a Router or Firewall?
If you have broadband Internet service, such as with a cable modem or DSL modem, there's a good chance
that there is a router somewhere in your system. Even if you didn't purchase and install your own, many
cable modems and DSL modems now come with built-in routers. The equipment that your cable company or
telephone company provided might fall into this category.
Using Firewalls and Router with EchoLink
Firewalls are usually configured to allow your computer to make requests anywhere on the Internet, and
receive replies. Some programs, however, must be able to accept unsolicited data from the Internet.EchoLink is an example of such a program. When you are connected to another station using EchoLink,
you and the other station take turns sending data to each other, so each station's PC must be able to
receive data without having requested it.
The protocol for this type of exchange is called UDP, or User Datagram Protocol. If you are using a
firewall or router to connect to the Internet, you will probably need to configure it to accept UDP
information on specific ports. (A port is part of an address.)EchoLink uses UDP ports 5198 and 5199.
To use EchoLink, you must configure your router to direct all incoming data on these two ports to
the PC on which EchoLink is installed.
Typically, there are two ways to configure this:
Forwarding.
Most routers allow data on specific ports to be "forwarded" to specific computers. If you expect to use
EchoLink on only one PC, configure your to forward UDP ports 5198 and 5199 to that computer.
Port triggering.
Some routers implement a "smart" forwarding scheme which tries to direct data to the computer which is
most likely to use it, based on requests each computer has recently made.If you expect to use EchoLink
on several different computers at different times, you may wish to try this option. Configure the
router to direct ports 5198 and 5199 to any computer which makes outbound requests over UDP ports
5198 or 5199, or TCP port 5200. EchoLink also uses TCP port 5200. Most routers will handle these
requests correctly, since EchoLink always initiates them from the local computer. If you are
using firewall software, however, you may need to "open up" outboundconnectionsto this port.
(EchoLink does not use TCP for incoming connections.)
How Do I Adjust My Router?
Routers and firewalls are manufactured by many different companies, and each has its own peculiar
set of instructions for configuration. Some newer DSL modems have routing or firewalling features
built in. For details on how to configure your router or firewall, consult the documentation that
came with your device, or the company's Web site. Another excellent resource is the
portforward.com Web site, which is a collection of
instructions for adjusting specific makes and models of routers and modems. Locate your make and
model of equipment on the list provided.
(Portforward.com is not affiliated in any way with EchoLink.)