I am required to setup a private CS game server behind a cisco 877 router. I've set up the router to accept PPTP VPN connections (least overhead) and things seem to work fine apart from the fact that I cannot seem to be able to forward UDP broadcast packets.
In order for the/any game to be able to find any running game servers using the built in game browser it needs to be able to get UDP broadcast packets. Therefore I need to forward any UDP broadcasts through the VPN to the remote VPN clients but I haven't been able to do so successfully.
Everything else seems to work fine as the remote users are
a)able to ping all the clients in the internal network behind the router plus
b)they can access the file server too via the internal ip.
c)they can connect to the game server if they supply the IP of the server directly
However, this is not an acceptable solution as this is only a test server and I'm also required to setup other game servers and some of these games don't have a console that you can supply an IP to connect as a player can only do so using the game's built-in LAN game browser.
The internal lan is 192.168.1.0/24
The router has an internal-ip 192.168.1.10 (VLAN1)
The VPN clients get addresses from 192.168.1.128 - 192.168.1.254
Virtual-Template 1 binds to VLAN1 interface.
I've tried supplying the the ip helper-address command both under the VLAN 1 and the virtual-template 1 interfaces but I didn't get any results.
Any suggestions or advice as what to try next or how to debug this issue?
Any help is greatly appreciated
Here's my config:
! NVRAM config last updated at 14:04:39 Athens Sat Oct 10 2009
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
enable secret 5 xxxx
no aaa new-model
no ip dhcp use vrf connected
ip dhcp binding cleanup interval 200
ip dhcp excluded-address 192.168.1.1 192.168.1.15
ip dhcp pool lan
network 192.168.1.0 255.255.255.0
multilink bundle-name authenticated
! Default PPTP VPDN group
username xxxx privilege 15 secret 5 xxxxxx
no ip address
no atm ilmi-keepalive
dsl operating-mode auto
interface ATM0.1 point-to-point
no snmp trap link-status
pppoe-client dial-pool-number 1
ip unnumbered Vlan1
peer default ip address pool PPTP-Pool
ppp encrypt mppe 128
ppp authentication ms-chap ms-chap-v2
description Internal Network
ip address 192.168.1.10 255.255.255.0
ip nat inside
ip tcp adjust-mss 1452
no ip address
description External Network (ADSL)
ip address negotiated
ip mtu 1492
ip nat outside
dialer pool 1
ppp authentication chap pap callin
ppp chap hostname xxxxxxxxxx
ppp chap password 0 xxxxxxxxxxx
ppp pap sent-username xxxxxxxxx password 0 xxxxxxxxxx
ppp ipcp dns request accept
ip local pool PPTP-Pool 192.168.1.128 192.168.1.254
ip route 0.0.0.0 0.0.0.0 Dialer0
ip http authentication local
ip http secure-server
ip dns server
ip nat inside source list 1 interface Dialer0 overload
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...