Setup for Host Firewall Support Using the DirectPlay Dynamic Range

To host a game through a firewall, the host must be using DirectX 6.0 or later, and the clients beyond the firewall must be using DirectX 6.0 or later, as well. To support applications using the DirectPlay dynamic range, a firewall administrator needs to allow an initial inbound TCP connection on port 47624, with subsequent connections of inbound TCP ports 2300-2400, outbound TCP ports 2300-2400, inbound UDP ports 2300-2400, and outbound UDP ports 2300-2400. For a chart highlighting these requirements, see the Dynamic Range Port Reference Chart.

Theoretical Microsoft Proxy Server 2.0 configuration:

• Internet Service Manager, Windows Sockets Proxy service: Service Properties
  • Add protocol "DirectPlay (host)" under Protocols tab.
    • Initial connection
      • 47624 TCP Inbound
    • Subsequent connections
      • 2300-2400 TCP Inbound
      • 2300-2400 TCP Outbound
      • 2300-2400 UDP Inbound
      • 2300-2400 UDP Outbound
  • Give appropriate permissions to "DirectPlay (host)" under Permissions tab.
• Add to file "mspclnt.ini", which is in the C:\Msp\Clients folder by default.
  • [Common Configuration]
  • RemoteBindUdpPorts=2300-2400
  • ServerBindTcpPorts=2300-2400
  • KillOldSession=1

Unfortunately, some firewall solutions, including Microsoft Proxy Server 2.0, won't recognize additional inbound connections as subsequent connections. The workaround for this is that each port in the range (2300, 2301, 2302, and so on) must get its own protocol definition, as if it were an application-specified fixed port. For more information, see Setup for Host Firewall Support Using an Application-Specified Fixed Port. Practically, only as many ports as active DirectPlay applications need to be opened, that is, to run both the applications "SuperDuperGame" and "WackyFunGame" at the same time, only ports 2300 and 2301 will be used.