Why did you need your ISP to forward anything if the server is running at the clients site?

Good question. I missed that whole sentence.

I dunno, I asked them if it was needed and they said yes (and they admin our firewall).

I think they may have been wrong. All they'd need to do is allow outbound traffic to the remote IP address on the non-standard port, and make sure the NAT/PAT is pointing the return traffic back to your PC. Unless they've got some funky, overly-complicated setup. Which wouldn't surprise me.

It's not something like his ISP remotely manage his router or something is it? I've never heard of such a thing but it sounds like that and he is Canadian and I've heard how their mobile phones work.

Well the non-standard port (all of them, in fact and a good many standard ones as well) is blocked by default by our isp, so if I want to do anything on such a port, I have to request they open and forward it to a particular pc behind the firewall. I have a staging server configured with its own firewall, and I had to open its ports too. I going to do this secure ftp thing on a different pc (to which the port is forwarded), which I believe is not currently blocking any ports, but just thought I'd ask here in case I might have overlooked something.

They have to open port for outbound traffic?!

Usually port forwarding is for inbound traffic. Or at least it is domestically. Is there a reason they have this port blocking system? Rather than just letting you admin the router to decide what ports are forwarded inbound?

That's mad.

No, that makes sense. From a security point of view, you just block everything inbound, and only open what is needed as it becomes needed.

But that's only for traffic that originates outside the firewall/router. For traffic that originates inside the firewall going to the outside, I'd normally expect pretty much everything to be open, with the firewall allowing reply/acknowledgment traffic to pass through as well. I'm sure there's a technical term for that, but I'm buggered if I can think fo it right now.

BOFH?

That would piss me off massively. If I had to phone my ISP every time I wanted to host a game...

Which is why most sensible ISPs give you some way of doing it yourself. Even if it rarely works properly (I'm looking at you, BT).

Hmm, BT don't block shit do they (other than bad stuff). I just forward stuff on my router and it works (I'm on BT, like).

You've got Broadband? :O

If it's not being explicitly forwarded to your PC, then it's almost definitely blocked by default at your router. Otherwise it would be an open route into your network.

I doubt BT universally block anything inside their network before it gets to your router.

Yes (cheer)

I'll probably still be on 8meg when you lot are on gigabit internet.

Internet access at uni is rubbish. I'm being limited by the speed of the 54MB wifi connection :(

*downloads the internet*

I'm limited by the 100mbit network I'm on :((

(At work that is. At home I'm limited by the bathroom light switch (fail) )

Not totally uncommon in business, to be fair.

For outwards access to be very restricted?

I guess I'm in an odd position that my internal IP at work is actually my external IP and as far as I know there none or very few restrictions on ports.