bit torrent issues with Kerio

[edifreak]

Ahlo everyone,

I installed Kerio wiroute v6 last week in order to manage quota and shape clients who share an existing internet connection. I've a winxp box that has Keiro installed and have the below config's

Intenal LAN - 192.168.1.1 (kerio box)
External WAN - 192.168.2.254 (Belkin Wireless router's IP - 192.168.2.190)

I can't get bit torrent to work. I've installed the latest torrent software and it is using 2248 and I've opened on my Belkin router to forward ports to my External WAN (192.168.2.254)

On Kerio firewall, I've opened that ports for both UDP/TCP and the source is any and the destination is 2248. Still no luck. One thing I've not bothered to configred on torrent software was proxy server details. I thought it was not necessary.

Any Help?! TIA

 

[edifreak]

ok looks like everyone is takin time to reply

all i want to know is what rules i should allow on the traffic policies and the services that need to be defined.

i already opened the ports on the router and they are forwarding to the WAN adapter. What's next?!

 

[pmf71]

Hi,

Even though you've opened the right ports to forward traffic to the kerio router, there is still the problem of IP traffic going through NAT twice. This is a bad thing. There are many applications that do not work after the traffic has been through NAT twice because some of the original information of the packets has been lost.

Best thing to do is turn off NAT in the belkin router, so that your Internet IP address is given directly to the WAN adapter in kerio. If this is not possible, turn off NAT in kerio so that it becomes a normal router. This will at least give you the quota functionality.

And by the way, if you can turn off NAT in the belkin router, turn ON UPNP in kerio, and start using BITLORD. BITLORD uses UPNP for opening ports in the kerio firewall, so manual port mappings aren't needed anymore. I use kerio winroute firewall and bitlord, and it works like a charm. download speeds of 500+ KB/sec are normal here

 

[pmf71]

Oh, forgot one more thing:

Kerio Winroute firewall does not do traffic shaping. If you want to cap bandwidth to/from certain IP's/ports, you'll need an additional program. A good one is bandwidth controller - there's a shareware version for download (just google it), and if u like it u can buy it ($30 i think)

And i made a mistake: kerio firewall has no quota(got mixed up with kerio mailserver). but u will still need kerio do to the routing in the machine that caps the bandwidth. U could make a static routing table in winxp, but kerio is by far the easiest. And it's a good firewall, too.

 

[edifreak]

Thx for all that info pmf71. You've been great!!

yes I'm using winroute firewall and currently it records the data usage. The quota functions are not that flexible. I wanted to monitor peak and off-peak time usages. I dont see an option to do so on the firewall. I shall consider turning off NAT like you said on the belkin. It makes much sense not to have two NATing at once. I shall post the results soon.

 

[edifreak]

Also, one other thing mate... how can you turn off NAT on the router? Make it bridged? then I need the keiro box to do the PPPOE? Just use XP to do the PPPOE or do you recommend any RASPPPOE client that stays on all times once connected

TIA

 

[pmf71]

Yes it should become a bridge, in essence.

It should still be possible for the modem(because routing is switched off) to perform PPPoE because PPPoE is performed from the WAN port. But be sure to give the modem a name because after you've disabled NAT and routing you won't be able to address the modem (web interface) with it's usual private ip address!

By the way i have a question for you. Please email me: pmf71@hotmail.com

 

[pmf71]

Oh and because DHCP will be turned off in the belkin, configure a scope in the Kerio DHCP server....

 

[edifreak]

Thx for the input again pmf71. Below are the connection type settings I've on my router.

-PPPoE
-PPPoA
-Dynamic IP (1483 Bridge)
-Static IP (IPoA)
-Modem only (Disable Internet sharing)


I selected Modem only option, which in turn disbaled the firewall and NAT. Then I made up a PPPOE connection with XP, which connected without any hitch.

Now I still have two network interfaces as mentioned before with the same internal (192.168.1.1 Kerio Box) and external (192.168.2.254 - router)IP address. All of them are statically assigned. The internet seem to work fine now and

I've the below traffic policy set

Source (Any) - Destination (Any) - Service (Any) - Action (Permit)

still no joy with emule, LOW ID

 

[pmf71]

Actually, the WAN adapter in the kerio box should get the Public IP previously given to the Router.

WHat I don;t understand is that your WAN adapter in the kerio box still has a pivate IP address (192.168.2.254), because that means there must still be NAT translation in the modem....

Oh and please contact me at my email address...

 

[pmf71]

Try setting the Kerio WAN adapter, the one connected to your modem, to DHCP assigned IP address.