Jump to content

Recommended Posts

I recently made a post (feel free to remove) that made my issue more complicated than I needed. After watch a Twitch streamer Duma partner, triplewreck, the R1 router with the Hybrid VPN feature specifically offered the option to exclude "rtmp" services. The Xr500 does not offer that. However it is exactly what I needed to exclude my stream from the VPN on my router. What would be the equivalent for me to input into the Hybrid VPN for the XR500?

Share this post


Link to post
Share on other sites
3 hours ago, jsg877 said:

I recently made a post (feel free to remove) that made my issue more complicated than I needed. After watch a Twitch streamer Duma partner, triplewreck, the R1 router with the Hybrid VPN feature specifically offered the option to exclude "rtmp" services. The Xr500 does not offer that. However it is exactly what I needed to exclude my stream from the VPN on my router. What would be the equivalent for me to input into the Hybrid VPN for the XR500?

In the Hbtid VPN feature on DumaOS on the XR500 there's the option to just put behind a vpn the devices you wish to.

Share this post


Link to post
Share on other sites

I understand that feature, and that is a part of the problem. When I add my PC. I want to exclude the RTMP ports. Which are 1935. But the R1 had it built in. I just need to know the equivalent.

Share this post


Link to post
Share on other sites

Hi there - you can set the specific ports you wish to include / exclude from your VPN by clicking the advanced option when setting up the rule. This guide explains how: http://support.netduma.com/en/support/solutions/articles/16000087492--dumaos-optimal-settings-guide-hybrid-vpn

Edit: just realised we're missing a specific guide on there for how to do ports, apologies. Here are the steps:

  1. After adding a device, click Add Service
  2. In the radio button at the top, toggle to Advanced
  3. Set your port rule / range and then click Add service

Hope that now makes sense.

Share this post


Link to post
Share on other sites

I'm only getting validation errors for 'sport'. I can't seem to get the Port Ranges for Source and Destination correct. I understand its RTMP and that needs a rule for Port 1935. What range for the Source Port should I be using? And what range for the Destination Port?

RPC error 'ERROR_VALIDATION': Validation failed for 'sport'

I get this error with every time.

Share this post


Link to post
Share on other sites

What is the range that you were inputting? In general I would leave the src port alone as you don't know what port they may use to connect to you. Destination should just be 1935-1935

Share this post


Link to post
Share on other sites

So there is something that happens with the software if you are enabling and disabling the VPN and trying to changes around devices and services. I actually cross-referenced what you and the other admins mentioned in this post below with someone who was having an issue with ports for Battlefield. They were receiving the same error as I was, where it said validation error 'sport'. The default is actually no range inputted at all. So just like your previous response in this 

 I had to set the input ranges as 1 - 65535. This makes perfect sense as I was using the 3rd party tool TCPMonitor/View to see what traffic was going in and out of my network while broadcasting. With the numbers not having a one size fits all range (one was static as a LISTENING port, while the others were constantly shifting within the ranges of 58000 - 61000 and other ranges) and there being a background application for Streamlabs OBS titled obs64.exe that also had ports being used there wasn't a possible way for me to specify the Source Ports except for 1 - 65535. The destination ports I simply did as you recommended for RTMP which is Destination Start & End - 1935. This ONLY worked after I disabled the VPN AND rebooted the router. Before reboot it would give the same RPC validation error no matter what I was trying to add, preset or otherwise. This is obviously unintended as it makes customizing your VPN somewhat convoluted and without someone who is able to think through the process the router is trying to do will just end in another post, however, the user in the other post waited three weeks after turning his VPN off obviously allowing enough time for the router to have been rebooted at some point during that window. So I would like to just leave a few remarks to end my series of comments here:

1. You guys are awesome at responding to support questions here on this forum and even on the Netgear forum when it comes to DumaOS. Looking through all the different support questions I did, you guys genuinely try to do your best to solve any problems and from what I saw you always did. I received an answer on the Netgear Community board as well, where I put a post in the hopes that more eyes means a quicker route to a solution. So I have to give kudos for that and it is refreshing to see especially after the fact that Netgear on their website has absolutely no way I can find to even contact their support, other than the board. Much love from a now loyal user.

2. The Hybrid VPN feature should have the ability to store the setup and config file for more than 1 server. Just being able to save 2 of the VPN servers that I know are viable for my area would allow for seamless transition if there was just a '1' and '2' option or maybe even more. In the event of degraded performance on one server or a DDoS attack it would even be possible for me to reconnect and join into the lobby I was in with a new I.P before the in-game reconnection tool timed-out. This would also allow for a as close to complete DDoS protected setup for PC (which is now possible) and for Gaming Consoles. To go further and allow the use of two separate servers would allow my PC to be on one secure server, with my stream as an exception and my console to be on a separate server. Therefore, no matter where the attacker grabbed my IP the division of traffic on my router would allow for the least amount of damage possible. As it stands currently, there may be other options but, the protection as stated in the video describing Hybrid VPN and its protective measures works for attacks that grab the IP from other programs or applications on the user's PC. If I were to have it setup initially how I wanted, PC & Xbox One X on home IP and all other traffic through the VPN, when they grabbed my IP through Xbox Live that would mean they have the IP for my home network. And unless the traffic for a DDoS comes through a Port that has the Protocol set to go through the VPN (which this may very well be the case since I will have ONLY the RTMP Service on my home IP excluded) they will still take me offline of my Stream and from the game lobby. With that said, the absolute QUICKEST turn around instead of having to search for the best server (if the internet had gone down, I couldn't use NordVPNs tool) and re-inputting the config file would be to just have two or more options pre-saved. Switch over, reboot the router, and you're good to go. That would make DumaOS steps ahead of any other competitor that I've seen.

3. The tips for this process could have been a little more detailed. This service is something that requires knowledge of Port numbers, ranges and types of traffic. I spent hours trying to find out what turned out to be half of the solution. I still am unsure as to why the RTMP preset was removed when it was already a choice on the Netduma R1, but the original XR500 User Manual mentioned what to do if you don't know what Port Ranges to specify (this was for Port Forwarding and adding Protocols but still applies here). The Help button could have been a little more helpful in regards to the Add Service feature. i.e "If you're are having trouble or unable to input a custom service option disabling the VPN, removing all devices, and rebooting the router can fix it. Also, somehow express to the user that they should "add devices to the VPN one at a time, adding services as necessary before moving on". I just feel as though a few of my issues could have been solved with a sentence or two in the Hybrid VPN tab introduction/help, or maybe even just a separate in-depth video trying to give a more thorough run-through of all the options. All the videos, from Netduma or otherwise, weren't as in-depth as they could have been. With Livestream platforms such as Twitch exploding over recent years  I know that this issue will be something that others come across as well, and answers could already be there for them with a few additions.

 

As a side note: Netduma Admin posted above that future firmware will feature "Streaming Detection" of some sort. That is going to be an absolutely amazing addition. I can't wait.

 

My final question is what is the most optimal way to set-up up PC, Router and Xbox One to either prevent going offline altogether or, if that's not possible, being the least damaging as possible? My current set-up will prevent my PC and Stream from every going down, but is their a way for my system to recognize a DDoS and either block/ignore all that traffic or to seperate the systems with the XR500 and my VPN?

Share this post


Link to post
Share on other sites

Thank you for all that feedback, I will pass that on to our team to note down the ideas/the issues to be fixed. 

There isn't a way to do that currently and that's also a big problem with DDoS detection/protection as a whole in general. You can also block traffic if the connection goes down, that'll let you reconnect to a server without letting your real IP slip at all.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...