Maintenance for the week of May 27:
• PC/Mac: No maintenance – May 27

Port Triggering, how to set up?

Hey all,

Im trying to set up port triggering as a safer alternative to port forwarding, and some people recommend it but no one explains how to do it, specifically what ports do you enter for the trigger ports? The only description I could find, not eso related, said to use the same port or range of ports as the trigger and forward range. Is this correct? Also, if my router doesnt allow the entry of a range of ports for the trigger, then what? Seems like ZOS should have a guide for this.

  • KhajitFurTrader
    ZOS doesn't need a guide for this, because you're not going to offer publicly available services on your side of the router, i.e. based within your local network, aren't you? It's always the local ESO client that initiates IP connections from within the local network to the remote server, and by all means this will usually be allowed by default -- unless it's explicitly forbidden in the router's firewall settings, which would have to be set manually. So unless you're not the administrator of said router, and said administrator doesn't want any traffic on specific ports from within to be routed outside of the local network (e.g. torrent networks, email, or whatever), you should be good. Which port numbers the ESO client is using to open outgoing connections from the local network to its remote server somewhere on the Internet is well documented by ZOS, and can be provided by you to your local network administrators to appeal for them to be opened in the case that they're closed.

    On the other hand, any run-of-the-mill customer router provided by ISPs that offer IPv4-based Internet access (still the widely used norm today) is configured to "hide" the local customer's network by assigning it a private network IP range. For network traffic to flow to and from local machines to hosts in other networks (i.e., servers on the Internet) and vice versa, the router does something called Network Address Translation (NAT). By default, any and all outgoing connection attempts from within the local network to remote networks are enabled on those NAT routers and should have no trouble connecting on any port. At the same time, any and all connection attempts from remote hosts on your public IP address provided by your ISP are blocked. Local machines couldn't be reached from the outside anyway, since they're using private IP addresses, which are not routed on the public Internet.

    Only in the case that you want a local machine to offer a service that should be publicly reachable (say, an OwnCloud server, web server, or email server), you'd need to set up Port Forwarding on your router, so that incoming connecting attempts from the Internet on your public IP address using the specified ports are forwarded (and translated) to the internal host's IP address and service port number.

    Btw, using Port Triggering in such cases isn't any "safer" per se. It just adds a level of "security by obfuscation", which can easily be detected and circumvented by knowledgeable and creative people, and there are lots and lots of them out there. ;)

Sign In or Register to comment.