Firewall-friendliness is a feature of version 2.0 or above of the software. Although this is the version of EchoLink most commonly found in the system, many nodes are still running earlier versions. Until all nodes on the system upgrade to 2.0, some types of connections still won't work through an unconfigured NAT router.

If you're running 2.0 behind a NAT router, you may find that you can connect to conference servers, EchoIRLP nodes, and EchoLink nodes running 2.0 or above without making any adjustments to your router. To connect to other nodes, you'll need to adjust your router just as before.

Please note that we still recommend that you configure Port Forwarding in your NAT router for use with EchoLink, if you can. The firewall-friendly feature is provided as a convenience for users who are unsure about how to configure their router, or who are using a type of Internet service that doesn't allow router changes, such as a satellite ISP or a public hot-spot.

Firewall and Router Issues -- Background

firewall is a system that isolates your computer from the Internet, usually for security reasons. A firewall helps prevent unauthorized access to your computer from other people on the Internet. A firewall can be implemented using software on your computer (such as ZoneAlarm), or with an outboard hardware device such as a router

A router a device which allows more than one computer to communicate over a single connection, such as a connection to the Internet. Routers have become more common in homes as home networks and high-speed connections, such as cable or DSL, have become more popular. Typically, cable companies and DSL service providers allocate only one Internet address to an entire household, in which there may be several computers. The router must decide which computer should receive each packet of data which comes in from the Internet.

Overview

Your connection to the Internet might be going through a or a firewall. These devices can improve the security of your computer, and can allow a single Internet address to be shared by more than one computer on your network.However, routers and firewalls can be a problem for peer-to-peer programs such as EchoLink. The reason is that EchoLink nodes communicate directly with each other over the Internet, rather than sending all of their packets through a server. This is good for the efficiency and scale of the system, but it is not always "firewall-friendly".By far, the most common problem involves a device called a NAT router. Now that broadband Internet connections are so common, NAT routers are more widespread than ever. NAT stands for "Network Address Translation". If you have a home network or DSL service, you're likely to have one of these. It poses a problem for EchoLink because it normally does not allow unsolicited packets from the Internet to reach your PC. The solution to this problem is to configure the port forwarding feature of the router to allow certain packets to reach the EchoLink software.

However, port forwarding is not always a good solution. Each make and model of router has a different procedure for setting up port forwarding, so the steps to follow aren't easy to document. A good starting point, however, is Portforward.com. Furthermore, in many situations (such as public Wi-Fi hotspots and wireless Internet service), you might not even have access to the router to be able to change its configuration.

A Solution

A new feature has recently been rolled out on the EchoLink system that allows EchoLink to work through most types of NAT routers without any special configuration changes. It accomplishes this by automatically setting up a flow within the router when a new connection is being established.

Firewall-friendliness is a feature of version 2.0 or above of the software. Although this is the version of EchoLink most commonly found in the system, many nodes are still running earlier versions. Until all nodes on the system upgrade to 2.0, some types of connections still won't work through an unconfigured NAT router. If you're running 2.0 behind a NAT router, you may find that you can connect to conference servers, EchoIRLP nodes, and EchoLink nodes running 2.0 or above without making any adjustments to your router.

To connect to other nodes, you'll need to adjust your router just as before.

Please note that we still recommend that you configure Port Forwarding in your NAT router for use with EchoLink, if you can. The firewall-friendly feature is provided as a convenience for users who are unsure about how to configure their router, or who are using a type of Internet service that doesn't allow router changes, such as a satellite ISP or a public hot-spot.

Do I Have a Router or Firewall?

If you have broadband Internet service, such as with a cable modem or DSL modem, there's a good chance that there is a router somewhere in your system. Even if you didn't purchase and install your own, many cable modems and DSL modems now come with built-in routers. The equipment that your cable company or telephone company provided might fall into this category.

Using Firewalls and Router with EchoLink

Firewalls are usually configured to allow your computer to make requests anywhere on the Internet, and receive replies. Some programs, however, must be able to accept unsolicited data from the Internet.EchoLink is an example of such a program. When you are connected to another station using EchoLink, you and the other station take turns sending data to each other, so each station's PC must be able to receive data without having requested it.

The protocol for this type of exchange is called UDP, or User Datagram Protocol. If you are using a firewall or router to connect to the Internet, you will probably need to configure it to accept UDP information on specific ports. (A port is part of an address.)EchoLink uses UDP ports 5198 and 5199. To use EchoLink, you must configure your router to direct all incoming data on these two ports to the PC on which EchoLink is installed.

Typically, there are two ways to configure this:

Forwarding.

Most routers allow data on specific ports to be "forwarded" to specific computers. If you expect to use EchoLink on only one PC, configure your to forward UDP ports 5198 and 5199 to that computer.

Port triggering.

Some routers implement a "smart" forwarding scheme which tries to direct data to the computer which is most likely to use it, based on requests each computer has recently made.If you expect to use EchoLink on several different computers at different times, you may wish to try this option. Configure the router to direct ports 5198 and 5199 to any computer which makes outbound requests over UDP ports 5198 or 5199, or TCP port 5200. EchoLink also uses TCP port 5200. Most routers will handle these requests correctly, since EchoLink always initiates them from the local computer.  If you are using firewall software, however, you may need to "open up" outboundconnectionsto this port. (EchoLink does not use TCP for incoming connections.)

How Do I Adjust My Router?