PSA-Please Don't Use Port Forwarding for ESO(ZOS shouldn't be telling people to do this)

RinaldoGandolphi

@ZOS_GinaBruno‌ @ZOS_JessicaFolsom‌

As the title says, I please ask for everyones own safety, don't use port forwarding for ESO. I also ask, can ZOS employees please stop telling customers to do this, its irresponsible and a major computer security risk. This came to my attention today on the ESO redditt

http://www.reddit.com/r/elderscrollsonline/comments/2nnlf6/an_unknown_error_occurred_eso_support_response/

I am a Network Administrator, and Administer Windows and Linux servers and firewalls on a daily basis including Cisco managed switches as well. Web servers, mail servers, exchange, postfix, dovecot, blah, blah blah. years experience and going strong.

I am only posting this thread because port forwarding is a serious security risk if one doesn't know what their doing. Its is NOT just about the router...its about the machines behind the router.

Question: What exactly is Port Forwarding?

Answer:Port Forwarding is when you tell your router that incoming packets from ANY computer on your WAN(The Internet) that are incoming(meaning your not required to initiate the connection) on the port you forward will be automatically routed to an IP Address on your internal LAN behind your router/firewall.

Question: What is port forwarding used for?

Answer - When your wanting to host or share remote resources with a network or the Internet such as Web Servers, Mail Servers, FTP Servers, etc.

Are you hosting or sharing a web site, a mail server, an FTP server, or any other service with the internet knowingly on those ports? If the answer is no, then why are you port forwarding? are you wanting to share things on your PC with the internet? Do you have something you want accessible to the world on your machine to the internet? Do you want your machine open to hackers to start poking on your machine on those ports until they get in?

As of right noq, ANY zombie, hacker, infected machine on the internet now has access to the your local LAN though the ports you forwarded for ESO.I see 2.5-4k scan attempts per day on my perimeter firewalls. Folks are always scanning looking for open ports, most of them zombies, but they are scanning nonetheless, and they are scanning all of us on our home connections too.

I really hope folks that have port forwarded don't do any kind of banking, bill paying, or anything else on those machines. If you forwarded those ports, those ports are open. traffic coming form any location on the Internet are automatically routed to that specific IP Address(The PC you play ESO on) on your local network. Those packets could be coming from ESO, they could be coming from the Republic of China, your Router is a Layer 3 device, its just going to forward those packets because thats what it was told to do.

Question: Then how Am i supposed to get ESO to work with the right ports?

Answer:Port Triggering

Port Triggering was designed for this very use scenario. Port Triggering sets up the router so that computers can access public services outside the network or on the Internet, such as web servers, FTP servers, email servers, game servers or other Internet applications instead of sharing local resources with the internet or outside networks.

Question:How is Port Triggering Different then Port Forwarding? - Port Triggering in simple terms works like this example. You go into your router and you set up a port triggering rule that when a computer on your LAN sends traffic outgoing on port 51, the router will automatically port forward port 1024. This is how port triggering works.

You say its still port forwarding? and your right BUT the difference is once you close the application(ESO) and the machine on your LAN is no longer sending traffic outgoing on the trigger port, the port forward is removed and the port is closed thus greatly protecting your network and the security of your systems. So port triggering doesn't leave your ports wide open to the Internet 24/7 which akin to a big sign in your yard that says "Hi, im going on vacation for a week, no one will be home, but i left the door unlocked and the lights on, take whatever you want from the house"

Its the best way i could put it. Im just trying to get the message home that folks really shouldn't be port forwarding for a game, especially on OS like Windows that has been known to have security holes every month, this is just asking for something bad to happen. Even Mac users should be wary about this.

Port Forwarding is for hosting external services on a machine behind your firewall, such as hosting a web site, mail server, etc is a constant job of maintenance and maintaining security at all times or it will end up hacked or compromised. I really hope this is a through enough explanation why you shouldn't port forward for a game.

I have linked some resources below on port triggering

http://portforward.com/help/porttriggering.htm

http://kb.linksys.com/Linksys/ukp.aspx?pid=80&vw=1&articleid=3706

I hope this helps anyone out there who may not know. I also hope this helps raise awareness about computer security issues. Computer security is important, even for us gamers. The way things are being hacked, and how people are getting their PI stolen and everything else, I think the least I could do was raise some awareness about this issue, if those who choose to continue port forwarding, at least they will understand fully what the implications and risk of doing that is.

I really hope ZOS and the folks in this community take this into consideration because port forwarding is only supposed to be used when hosting or offering services to the outside, not for playing games, Port Triggering was designed for using games and other services, because it doesn't keep your ports wide open 24/7, it only opens them when you need them(launch an app you made a triggering rule for), and closes then when its done...this is a much better solution that just flat out opening ports for the world.

I hope everyone has a great day!

SteveCampsOut

...but aren't those triggered ports still susceptible to hacking while they're forwarded by the application you're using? If you're playing ESO for 8 to 10 hours a day, aren't those ports open to everyone else during those same hours? Why should any ports be forwarded at all?

Louis

finally someone who knows what they are talking about for one.

RinaldoGandolphi

SteveCampsOut wrote: »

...but aren't those triggered ports still susceptible to hacking while they're forwarded by the application you're using? If you're playing ESO for 8 to 10 hours a day, aren't those ports open to everyone else during those same hours? Why should any ports be forwarded at all?

I take that back, sorry its early, just got my 1st cup of coffee down.

No, a person couldn't get into your computer or hack you while playing ESO. As the ESO is using the ports, so those ports are in use. its after you stop playing ESO when the risk of port forwarding comes into play since now the ports are open but their not being used, so their are ripe for the picking of anyone passing by.

Two Applications can't use the same ports at the same time according to the RFC's(On a Layer 3 device anyways)......Take one router, set up 2 web servers, port forward 80 to both of them, good luck...only 1 of them will work if at all because the router doesn't know which one has priory, the router doesn't have the ability to say "Packets from region A go here, and Packets from Region B go here" its a Layer 3 device, its not supposed to, you would need a device with Layer 7 functionality for something like that. (there are corporate grade network equipment that does come with much Layer 7 functionality)

The only way i know of where you could have multiple applications using the same port (such as port forwarding 2 web servers on the same port) is by having a device that has Layer 7 functionality which are quit expensive and rely on using some sort of proxy to handle those scenarios at the Application Layer(Hence i say Layer 7 functionality)

SteveCampsOut

Well luckily I haven't run into any situations with ESO needed forwarded ports yet. If I do, I will most likely unsubscribe.

RinaldoGandolphi

Also, you can use Nmap Online to check your port forwarding

http://nmap.online-domain-tools.com/

1. Select Full Scan
2. Input ESO Ports
3. Click Scan, if your port forwards are set up correctly, Nmap will show those ports as open.

Of course you don't want to leave those ports open all the time which is why port forwarding isn't the ideal way to do this, and since ESO don't support Universal Plug and Play, Port Triggering is our best option to limit our exposure.

RinaldoGandolphi

SteveCampsOut wrote: »

Well luckily I haven't run into any situations with ESO needed forwarded ports yet. If I do, I will most likely unsubscribe.

You most likely will have issues at some point if you don't Port Trigger, the Unknown Error is a NAT issue, and those who understand how Network Address Translation works won't blame ZOS for the unknown errors.

I have no doubt at some point ZOS will probably implement UPnP support into the game executable and it will forward the ports for us automatically, but until that day comes, Port Triggering is our best option.it is what it is.

I'd say pretty much every Crash, Lag, unresponsiveness, etc outside of big Cyrodiil battles or buggy addons is caused by NAT...NAT is woking as designed and if there is any packets being dropped by NAT that ESO needs, not much ZOS can do about that outside of making the ESO Executable use UPnP to dynamically open and close the ports it needs on the router to alleviate those issues.

Port triggering is pretty much required.

Misa

reason is that a lot of people can't figure out the port triggering, I do agree that it's much better than forwarding but you also need to enter more stuff than forwarding.

I know that a lot of people will instantly close it, afraid to break something unless they have very clear guides on what to enter in which field.

RinaldoGandolphi

Misa wrote: »

reason is that a lot of people can't figure out the port triggering, I do agree that it's much better than forwarding but you also need to enter more stuff than forwarding.

I know that a lot of people will instantly close it, afraid to break something unless they have very clear guides on what to enter in which field.

Perhaps, but is that really a viable excuse for leaving their machines wide open? These people probably do their banking on these machines too, and who are they going to blame when they get hacked or money stolen out of their account?

why should their bank be responsible for losses when they port forwarded and opened their ports to the world to allow hackers to plant a keylogger on their machines? if their bank knew this, the bank would refuse to cover the losses on their accounts(this kind of auditing is coming soon, it has too, the banks are eating too much money in losses due to this sort of behavior, but that's a post for another day)

I feel its prudent if people don't know, they should learn...their security is on the line here. This is the Digital Age, its not going away, it is what it is.

Here is guides for Netgear and Linksys routers i found a few minutes ago

http://kb.linksys.com/Linksys/GetArticle.aspx?docid=82e45c13dbcb4ff189c9f3a455951f0b_21486.xml

http://kb.netgear.com/app/answers/detail/a_id/20231/related/1/session/L2F2LzEvdGltZS8xNDE3MTkxMTc3L3NpZC9udWwzd3o4bQ==

that's about 60% of router users right there, that guide will show them how to set up triggering, all they have to do is enter ESO ports instead of the ones in the screenshot...

Please understand, im not trying to be smug...i don't folks getting ripped off or having their accounts compromised or money stolen from them because they didn't know their ports were wide open to the world. No one is telling them when port forwarding for ESO that those ports are now open all the time to anyone with an Internet connection anywhere in the world can gain access using those conveniently open ports.

brian_murray22b16_ESO

They gave me that advice for days and I followed it to the letter when I had my unknown error, just after they moved the EU server. None of it worked of course and I was pretty much left in the dark, not knowing what to do. I found a post on google about MTU settings and I lowered mine a bit. I also undid everything that ZOS told me to do in my router and the game is fine for me. It was indeed packet loss, not ports.

RinaldoGandolphi

brian_murray22b16_ESO wrote: »

They gave me that advice for days and I followed it to the letter when I had my unknown error, just after they moved the EU server. None of it worked of course and I was pretty much left in the dark, not knowing what to do. I found a post on google about MTU settings and I lowered mine a bit. I also undid everything that ZOS told me to do in my router and the game is fine for me. It was indeed packet loss, not ports.

its possible a router between you and ESO wouldn't accept packets as large as you were sending. Glad you got it sorted out.

Bouvin

woodsro wrote: »

@ZOS_GinaBruno‌ @ZOS_JessicaFolsom‌

As the title says, I please ask for everyones own safety, don't use port forwarding for ESO. I also ask, can ZOS employees please stop telling customers to do this, its irresponsible and a major computer security risk. This came to my attention today on the ESO redditt

http://www.reddit.com/r/elderscrollsonline/comments/2nnlf6/an_unknown_error_occurred_eso_support_response/

I am a Network Administrator, and Administer Windows and Linux servers and firewalls on a daily basis including Cisco managed switches as well. Web servers, mail servers, exchange, postfix, dovecot, blah, blah blah. years experience and going strong.

...

I really hope ZOS and the folks in this community take this into consideration because port forwarding is only supposed to be used when hosting or offering services to the outside, not for playing games, Port Triggering was designed for using games and other services, because it doesn't keep your ports wide open 24/7, it only opens them when you need them(launch an app you made a triggering rule for), and closes then when its done...this is a much better solution that just flat out opening ports for the world.

I hope everyone has a great day!

You sir are awesome.

RinaldoGandolphi

Bouvin wrote: »

show previous quotes

woodsro wrote: »

@ZOS_GinaBruno‌ @ZOS_JessicaFolsom‌

As the title says, I please ask for everyones own safety, don't use port forwarding for ESO. I also ask, can ZOS employees please stop telling customers to do this, its irresponsible and a major computer security risk. This came to my attention today on the ESO redditt

http://www.reddit.com/r/elderscrollsonline/comments/2nnlf6/an_unknown_error_occurred_eso_support_response/

I am a Network Administrator, and Administer Windows and Linux servers and firewalls on a daily basis including Cisco managed switches as well. Web servers, mail servers, exchange, postfix, dovecot, blah, blah blah. years experience and going strong.

...

I really hope ZOS and the folks in this community take this into consideration because port forwarding is only supposed to be used when hosting or offering services to the outside, not for playing games, Port Triggering was designed for using games and other services, because it doesn't keep your ports wide open 24/7, it only opens them when you need them(launch an app you made a triggering rule for), and closes then when its done...this is a much better solution that just flat out opening ports for the world.

I hope everyone has a great day!

You sir are awesome.

Thank you! i really appreciate that!

Merlight

Why would I want or need to open any ports for incoming connections to play a game? Even the support answer you linked specifically says "outbound ports".

RinaldoGandolphi

Merlight wrote: »

Why would I want or need to open any ports for incoming connections to play a game? Even the support answer you linked specifically says "outbound ports".

You don't, thats why i made this thread. you shouldn't forward ports for this or any other game.

You may notice ESO requires a "range of ports" now im not privy to the source code, and have not had the time to extensively test, but ESO may have issues with NAT and that's why they recommend Port Forwarding(should be triggering though)

Active FTP is a prime example of an application that has trouble with NAT.

Since the main connection is outgoing the NAT firewall allows this connection to be made, but when the server tries to connect back to the client it is blocked by the firewall.

https://enterprisedt.com/products/edtftpjssl/doc/manual/html/howtoftpthroughafilewall.html

This is why Passive FTP was introduced, so FTP connections would always be made from the client to the server and not vice versa.

So it could be possible that there are instances where ESO attempts to source connections back to the client on a different port that would be blocked by the firewall. there could be a myriad of reasons why it would do this, all legitimate ones by the way.

I recommend port triggering because it allows ESO to source the connections back on the port ranges with no issues and closes the port ranges when your done playing ESO. If anything else tried to send data inbound on those ports, it wouldn't work because they are in-use, or it would drop your connection to ESO and you would know(i'd say it not working would be par for the course) so its much safer then Port Forwarding and leaving them open all the time, while still making sure when you do play all the connections that need to be made work correctly.

I still believe a majority of the unresponsiveness issues i see on here are due to NAT issues, as i have never had any instances of unresponsiveness in this game, but I have had port triggering setup since day 1. Cyrodiil can get slow in very very large keep zerg battles, but thats the server getting bogged down which ZOS has already admitted they are looking into, but in pve..outside of addons, its probably NAT issues...take Xbox Live, you can still play with a moderate or strict NAT, but you will often have trouble with stability and find many hosts you can't connect to for online games.

This is just an information post, nothing more. You had a legit question though, and your right, folks shouldn't be port forwarding and leaving those ports open 24/7

Elf_Boy

Open ports can be serious.

That said this is largely a non-issue.

Current operating systems and curent routers use UPnP (universal plug and play) to open ports as needed and then close them after.

Older routers that dont have UPnP also dont have port triggering.

If your OS/Router are from before UPnP (aprox 2006 or 8 years old) the user may have no choice but to use port forwarding.

So yes it is good to be aware of open ports as a real hole in security, I do not agree that a blanket warning should be issued without a whole lot of specifics about older OS/Routers.

Not everyone can afford to drop a lot of cash on upgrades.

Elf_Boy

NAT issues would be pretty easy to check. Just plug your computer direct to the modem with no router (easy to do if you have cable and use seperate modem/router boxes) and see if the issue goes away.

Morana

Hello,

I've got a new router (Netgear R7000 Nighthawk) that I have flashed with DD-WRT so I can use a VPN on my router (PIA PrivateInternetAccess setup via OpenVPN). I used to activate PIA from within Windows, and therefore could turn it off when I wanted to play ESO. However now I have wireless devices (like Amazon Fire TV) where I need to use VPN, hence I need to use my router for VPN now.

I'm having problems getting past the character load in screen. ESO support page shows the ports to open, but I think your port triggering is a better solution (more secure) over simply port forwarding to solve my problem.

My question is = on my port triggering screen, there is a 'Triggered Port Range' and a 'Forwarded Port Range'. I'm assuming I use the ESO ports on the 'Forwarded Port Range', but what do I put in the 'Triggered Port Range?' I can't seem to find the answer anywhere.

Any help would be greatly appreciated, thank you!

RinaldoGandolphi

Morana wrote: »

Hello,

I've got a new router (Netgear R7000 Nighthawk) that I have flashed with DD-WRT so I can use a VPN on my router (PIA PrivateInternetAccess setup via OpenVPN). I used to activate PIA from within Windows, and therefore could turn it off when I wanted to play ESO. However now I have wireless devices (like Amazon Fire TV) where I need to use VPN, hence I need to use my router for VPN now.

I'm having problems getting past the character load in screen. ESO support page shows the ports to open, but I think your port triggering is a better solution (more secure) over simply port forwarding to solve my problem.

My question is = on my port triggering screen, there is a 'Triggered Port Range' and a 'Forwarded Port Range'. I'm assuming I use the ESO ports on the 'Forwarded Port Range', but what do I put in the 'Triggered Port Range?' I can't seem to find the answer anywhere.

Any help would be greatly appreciated, thank you!

Put ESO ports on the trigger and forward ranges. That way when eso uses those ports, the triggering will forward them while you play the game and will close them when your done.

Eso will use its ports on the LAN side, when it does, it will forward them

ItsMeToo

@OP - Thanks for this thread. Knowledge is a good thing.

RSram

I'm also using a R7000 with the default firmware, but I can only add one port as the trigger, so what ports are the triggers since I will have to add each one separately?

SteveCampsOut

woodsro wrote: »

show previous quotes

SteveCampsOut wrote: »

Well luckily I haven't run into any situations with ESO needed forwarded ports yet. If I do, I will most likely unsubscribe.

You most likely will have issues at some point if you don't Port Trigger, the Unknown Error is a NAT issue, and those who understand how Network Address Translation works won't blame ZOS for the unknown errors.

I have no doubt at some point ZOS will probably implement UPnP support into the game executable and it will forward the ports for us automatically, but until that day comes, Port Triggering is our best option.it is what it is.

I'd say pretty much every Crash, Lag, unresponsiveness, etc outside of big Cyrodiil battles or buggy addons is caused by NAT...NAT is woking as designed and if there is any packets being dropped by NAT that ESO needs, not much ZOS can do about that outside of making the ESO Executable use UPnP to dynamically open and close the ports it needs on the router to alleviate those issues.

Port triggering is pretty much required.

Been playing since last Novembers Beta with no Port Triggering or forwarding so, um, no!

RinaldoGandolphi

SteveCampsOut wrote: »

show previous quotes

woodsro wrote: »

SteveCampsOut wrote: »

Well luckily I haven't run into any situations with ESO needed forwarded ports yet. If I do, I will most likely unsubscribe.

You most likely will have issues at some point if you don't Port Trigger, the Unknown Error is a NAT issue, and those who understand how Network Address Translation works won't blame ZOS for the unknown errors.

I have no doubt at some point ZOS will probably implement UPnP support into the game executable and it will forward the ports for us automatically, but until that day comes, Port Triggering is our best option.it is what it is.

I'd say pretty much every Crash, Lag, unresponsiveness, etc outside of big Cyrodiil battles or buggy addons is caused by NAT...NAT is woking as designed and if there is any packets being dropped by NAT that ESO needs, not much ZOS can do about that outside of making the ESO Executable use UPnP to dynamically open and close the ports it needs on the router to alleviate those issues.

Port triggering is pretty much required.

Been playing since last Novembers Beta with no Port Triggering or forwarding so, um, no!

Perhaps your router isn't RFC compliant with NAT

The way NAT works is it allows multiple local addresses to share one internet address. Allows you to have one internet connection and share that connection among multiple devices in your home.

Now the the way NAT works according to RFC in simple terms is:

"Any inbound connection on any port that a client computer behind the router/in the routers connection state table did not request is blocked/dropped"


Say your start ESO it uses port 14377 since you initiate the connection, everything works fine on that port. Say the ESO server wishes to source a connection back on a different port? without a port forward, RFC compliant NAT would drop that connection. NAT is doing what its supposed to do.

Now I haven't had an infinite loading screen in god...months, since launch week...but i have all the appropriate triggers set up...infinite load screens and crashes every now and then are all symptoms of NAT issues...its more then just the "unknown error", or unresponsiveness, NAT issues can have a variety of different symptoms when it comes to the game. Just one dropped sourced connection can cause the client to get out of sync temporarily. or even cause a crash.

I don't think ZOS would have an extensive list of ports and suggest forwarding them, or keeping them open to ensure the game runs correctly. Port trigger just ensures those port forwards and removed when your not running ESO, and whileyour running ESO those ports are in use and can't be used anyways, so its a win-win

RinaldoGandolphi

RSram wrote: »

I'm also using a R7000 with the default firmware, but I can only add one port as the trigger, so what ports are the triggers since I will have to add each one separately?

You add each port that ESO uses as both the triggered port and the forwarded port.

The ESO ports are the trigger and the forward, so in the trigger and forward box use the same ports for both and create a separate entry for each one.

RSram

woodsro wrote: »

show previous quotes

RSram wrote: »

I'm also using a R7000 with the default firmware, but I can only add one port as the trigger, so what ports are the triggers since I will have to add each one separately?

You add each port that ESO uses as both the triggered port and the forwarded port.

The ESO ports are the trigger and the forward, so in the trigger and forward box use the same ports for both and create a separate entry for each one.

I cannot enter a port range for the triggers, just one port. I also cannot specify both TCP and UDP for the trigger, I can only choose one, but I would assume the initial session would be started on TCP. My router only allows 25 port triggers, but ESO uses 72 ports on TCP , so I would have a total of 72 entries (using the Netgear's port triggering interface and assuming that the initial connection would be TCP, not UDP):

24100 - 24131 = 32 ports
23500 - 23507 = 8 ports
24300 - 24331 = 32 ports

Unless, I'm misunderstanding something, it looks like I can't do port triggering with ESO. I tried to nail down a port using the CLI command "Netstate -ao" , but the ESO launcher uses HTTP and HTTPS, and the ESO.exe (the logon screen) picks at random, two of the 72 ports.

I don't want to use HTTP or HTTPS as the trigger port.

Here's a screen shot of my router's port trigger configuration screen:

Lionxoft

Where is ZOS in this conversation? You'd think that getting people into the game and keeping them in would be their goal. Especially with b2p around the corner.

JonnyBoi69

I've been having a lot of game crashes, technical support told me to do port forwarding but I don't wanna do that due to security risks. I'm trying to set up port triggering and am stuck on two things.
-The first is that it asks for the service type TCP or UDP
-The second is the triggering port. What would it be? It says "Enter the outbound port number in Triggering Port box."
Also I tried to have a TCP and UDP service type with the same triggering port but it wont let me so I have to chose one.
Here are the ports I need opened.... how would I fill this in?
TCP / UDP Ports 4100-24131
TCP / UDP Ports 24300-24331
TCP / UDP Ports 24500-24507

LameoveR

Or, well, make only TCP triggers, cause i see my netstat, and here is no UDP connections to ESO servers.

NewBlacksmurf

woodsro wrote: »

@ZOS_GinaBruno‌ @ZOS_JessicaFolsom‌

As the title says, I please ask for everyones own safety, don't use port forwarding for ESO. I also ask, can ZOS employees please stop telling customers to do this, its irresponsible and a major computer security risk. This came to my attention today on the ESO redditt

http://www.reddit.com/r/elderscrollsonline/comments/2nnlf6/an_unknown_error_occurred_eso_support_response/

I am a Network Administrator, and Administer Windows and Linux servers and firewalls on a daily basis including Cisco managed switches as well. Web servers, mail servers, exchange, postfix, dovecot, blah, blah blah. years experience and going strong.

I am only posting this thread because port forwarding is a serious security risk if one doesn't know what their doing. Its is NOT just about the router...its about the machines behind the router.

Question: What exactly is Port Forwarding?

Answer:Port Forwarding is when you tell your router that incoming packets from ANY computer on your WAN(The Internet) that are incoming(meaning your not required to initiate the connection) on the port you forward will be automatically routed to an IP Address on your internal LAN behind your router/firewall.

Question: What is port forwarding used for?

Answer - When your wanting to host or share remote resources with a network or the Internet such as Web Servers, Mail Servers, FTP Servers, etc.

Are you hosting or sharing a web site, a mail server, an FTP server, or any other service with the internet knowingly on those ports? If the answer is no, then why are you port forwarding? are you wanting to share things on your PC with the internet? Do you have something you want accessible to the world on your machine to the internet? Do you want your machine open to hackers to start poking on your machine on those ports until they get in?

As of right noq, ANY zombie, hacker, infected machine on the internet now has access to the your local LAN though the ports you forwarded for ESO.I see 2.5-4k scan attempts per day on my perimeter firewalls. Folks are always scanning looking for open ports, most of them zombies, but they are scanning nonetheless, and they are scanning all of us on our home connections too.

I really hope folks that have port forwarded don't do any kind of banking, bill paying, or anything else on those machines. If you forwarded those ports, those ports are open. traffic coming form any location on the Internet are automatically routed to that specific IP Address(The PC you play ESO on) on your local network. Those packets could be coming from ESO, they could be coming from the Republic of China, your Router is a Layer 3 device, its just going to forward those packets because thats what it was told to do.

Question: Then how Am i supposed to get ESO to work with the right ports?

Answer:Port Triggering

Port Triggering was designed for this very use scenario. Port Triggering sets up the router so that computers can access public services outside the network or on the Internet, such as web servers, FTP servers, email servers, game servers or other Internet applications instead of sharing local resources with the internet or outside networks.

Question:How is Port Triggering Different then Port Forwarding? - Port Triggering in simple terms works like this example. You go into your router and you set up a port triggering rule that when a computer on your LAN sends traffic outgoing on port 51, the router will automatically port forward port 1024. This is how port triggering works.

You say its still port forwarding? and your right BUT the difference is once you close the application(ESO) and the machine on your LAN is no longer sending traffic outgoing on the trigger port, the port forward is removed and the port is closed thus greatly protecting your network and the security of your systems. So port triggering doesn't leave your ports wide open to the Internet 24/7 which akin to a big sign in your yard that says "Hi, im going on vacation for a week, no one will be home, but i left the door unlocked and the lights on, take whatever you want from the house"

Its the best way i could put it. Im just trying to get the message home that folks really shouldn't be port forwarding for a game, especially on OS like Windows that has been known to have security holes every month, this is just asking for something bad to happen. Even Mac users should be wary about this.

Port Forwarding is for hosting external services on a machine behind your firewall, such as hosting a web site, mail server, etc is a constant job of maintenance and maintaining security at all times or it will end up hacked or compromised. I really hope this is a through enough explanation why you shouldn't port forward for a game.

I have linked some resources below on port triggering

http://portforward.com/help/porttriggering.htm

http://kb.linksys.com/Linksys/ukp.aspx?pid=80&vw=1&articleid=3706

I hope this helps anyone out there who may not know. I also hope this helps raise awareness about computer security issues. Computer security is important, even for us gamers. The way things are being hacked, and how people are getting their PI stolen and everything else, I think the least I could do was raise some awareness about this issue, if those who choose to continue port forwarding, at least they will understand fully what the implications and risk of doing that is.

I really hope ZOS and the folks in this community take this into consideration because port forwarding is only supposed to be used when hosting or offering services to the outside, not for playing games, Port Triggering was designed for using games and other services, because it doesn't keep your ports wide open 24/7, it only opens them when you need them(launch an app you made a triggering rule for), and closes then when its done...this is a much better solution that just flat out opening ports for the world.

I hope everyone has a great day!

Thanks for sharing

RinaldoGandolphi

The first port in the range is the trigger port

So put port 24300 in the trigger port then put port 24300 in the start port at the bottom and 24331 at the other spot under inbound connections. Your telling your router that outbound traffic on port 24300 will temp forward the inbound port range entered below.

BigboyCT

I read up a little more on what is port forwarding and port triggering, as well as UPnP. Before this whole issue with ESO and the darn disconnects, I was living in complete bliss and didn't have to think about this stuff.
Generally speaking, I completely agree that port forwarding for home PCs is not the safest thing to do since it opens ports to anyone from the outside. (assuming that you don't have a software firewall running on your PC)
Port triggering is not really a solution for me either since I have two computers running ESO at the same time. If my first computer gets a hold of the ports, my second computer won't be able to use them.

I'm stuck having to wait for ESO to be more stable. The good news is that I didn't get booted tonight. It was smooth sailing the whole time.