[cod] Waiting for CDKey Authentication [EXE_AWATINGCDKEYAUTH] never stop

Daniel Rudolph lists at daniel-rudolph.de
Wed Nov 26 13:39:48 EST 2003 

Eduardo E. Silva schrieb:

 > Daniel, I have the same problem and I think LOTS of users have the same
 > problem. I think the problem lies in NAT. My server has a public IP
 > address (24.199.16.170) whereas my internal PC has a 172.16.200.x based
 > ip.
I can imagine that problem but thats maybe not exactly my problem as 
long as the Server is running without any nat.

 > When I connect to any servers in the internet I have no problems,
 > since they see my NATed public ip address of 24.199.16.170. Now when 
I try
 > to connect to my server, it tries to authenticate using 172.16.200.x 
based
 > ip NOT 24.199.16.170, since the activision cannot ping my 172.16.200.x ip
 > the authentication process fails

What you can do is a crazy setup but it is possible. You can DNAT the 
ports for the Server in your router that way that if you try to join an 
external server that dont exists and get dnat to your local server. Hmm 
maybe i try to explain it better.

What you do is that you DNAT your incoming external traffic to your 
local Server like.

example. 123.123.123.123 as an ip in the internet and 10.0.0.1 as your 
server ip so what happens is that you dnat packets to 123.123.123.123 
10.0.0.1 so it see the remote pcs.

Incoming

Packet with src ip from internet --> 123.123.123.123 -->DNAT on router 
--> local network 10.0.0.1 and src ip dont change

Outgoing
Source 10.0.0.1 dst 123.123.123.123 --> router do snat so src ip change 
to 123.123.123.123 and the dst keeps the same

What you need now is that your router do an snat for you first and then 
dnat it back to your local server.
Like.

Your local pc. 10.0.0.2

10.0.0.2 wants to join 123.123.123.124  --> router make SNAT to 
123.123.123.123 or something else --> makes DNAT to 10.0.0.1 and so on.


Well thats a funny setup but i think the problem is simple. Therefore i 
asked about more information how key check works.

*Sniff* If that is a problem and i only got ideas by tcp dump and other 
stuff i dont have any internal information. I would nearly say its an bug.
Maybe anybody from IW can say whats going on because I only can say what 
I think how it works.

Maybe they do it like:

you only can join a server if there was a client pc that was aithing 
that key for THAT ip client pc ip to the key servers and they remeber 
that pair for some time.
If the server not checks the key they search for an matching part.
Good news. Maybe they don’t transfer the key over the Internet to the 
game servers. Bad news : well we see what problems can make that. I 
think they dont allow internal ips to register a key so that cause the 
problem.


 > Medal of Honor did not have this problem using the same NATed scheme
 > above. I think there should be a patch to address this problem. Perhaps a
 > cvar or a file that lets 192.168.0.0, 172.16.0.0 and 10.0.0.0 
networks get
 > authenticated WITHout having to ping them.
Maybe they ping only but i dont think so.


Daniel

PS: ignore my nat stuff hehe its only an possibility how to solve the 
external/internal ip problem but i dont think that solve the real 
problem with cod.

More information about the Cod mailing list