anyone have any guidance on setting up port triggering for routers when hosting an EQEMU server?

my router (tp-link) can only port forward single ports. not looking to add 400 entries.

so far I have port 9000, 5999, and 7000 forwarded.

port triggering requires a trigger start 7001, trigger end 7400. External Port Start: ??? 7001 doesn't seen to allow connections here
External End Port: ??? 7400 doesn't seen to work here.

Not sure if this will help, or if you saw this page ? Also, doesn't 5998 have to be in there as well ?
http://int-help.com/en/port-triggering-to-tp-link-router/

AFAIK the client start the first connect to the zones and not the zones to the client. So you need Port Forwarding, not Port Triggering. You need one forward for each zone. If you have 30 dynamic zones then you need Forwarding for 7000-7030.

i thought 5998 was only for titanium clients. was using ROF2.

i think my hang up is not knowing what port the client is using to try and connect to 7000-7400 range.
do I also need a trigger range for 1024-65535?

Trigger Start: 7001
Trigger End: 7500
External Start Port: 7001
External Start End: 7500
Protocol: BOTH

If i connect locally i don't have an issue. so the server itself isn't blocking via firewall.

I'll try this. thanks

AFAIK the client start the first connect to the zones and not the zones to the client. So you need Port Forwarding, not Port Triggering. You need one forward for each zone. If you have 30 dynamic zones then you need Forwarding for 7000-7030.

i thought 5998 was only for titanium clients. was using ROF2.


I just assumed your server was going to be connecting to the public EQEmu login server ?
In your config: (this has nothing to do with clients)
<host>login.eqemulator.net</host>
<port>5998</port>

i have two entries in my config.
one for the local IP
and another that is a dns address that maps to my public ip (like dyndns).
outside of my network they are using dyndns 5999, internally is using the local IP.

So you're setting up for a dual login, one being a private login,
(to allow outside connections) ?

that's right. and they (public connections) can get to login and create an account. they cannot get to character creation or beyond.

Ok, so whatever port your private loginserver is listening on, (usually 5998 )
That listening port has nothing to do with client versions. See below login.ini


listen_port = 5998 (this port needs to be listening to all connections)
local_network = 127.0.0. (whatever IP)
auto_create_accounts = TRUE

[security]
plugin = EQEmuAuthCrypto
mode = 5

[Titanium]
port = 5998
opcodes = login_opcodes.conf

[SoD]
port = 5999
opcodes = login_opcodes_sod.conf

got it. will add that back into the router as a forwarded port.

Just as an added note : In the login.ini - whatever IP you are using, leave out that
last octet number, keeping the period though. Or you may have client connect probs.
Example:
local_network = 192.168.10.

yeah i ran into that before. thanks. i can only forward a total of 30 ports on this router. so hopefully 22 entries is enough as I'm using 8 for other things. may be time to get a new router...

It's been a long time since I run into a router without port range forwarding, but I can't imagine
what it would be like with a project like this. I'd probably just to hell with it and DMZ, haha
Hackers are all busy with politicians anyway :P

got past this issue. by replacing the router.

i am now having an issue with zone.exe running the start script it defaults to 127.0.0.1: <random port>

this causes me issues. players outside of my LAN cannot connect to port 7000. yet if i map that port to forward to say 3389. they can of course connect to it.

so it's not a forwarding issue. I expect its a problem that zone.exe isn't starting up with 0.0.0.0 or my actual IP address. is there a config way that I can change this? or am I looking at

when I messed around with a private server a year or so ago this wasn't an issue. sadly that build is gone and I'm on the most recent stable release. did something change?

7100 - 7500 forwarded in your router ?
configs (including login.ini) set right for IP's ?

Grumpy, thanks for continuing to assist. to answer your questions

Yes
eqemu_config.json with removed user/pass


"server" : {
"chatserver" : {
"host" : "",
"port" : "7500"
},
"database" : {
"db" : "peq",
"host" : "localhost",
"password" : "",
"port" : "3306",
"username" : ""
},
"mailserver" : {
"host" : "",
"port" : "7500"
},
"qsdatabase" : {
"db" : "peq",
"host" : "localhost",
"password" : "",
"port" : "3306",
"username" : ""
},
"webinterface" : {
"port" : "9081"
},
"world" : {
"http" : {
"enabled" : "true",
"mimefile" : "mime.types",
"port" : "9080"
},
"key" : "OcDY7lFcmIkfghhKNpyPj2qFKErDINZ",
"loginserver1" : {
"account" : "",
"host" : "<address>.no-ip.biz",
"legacy" : "1",
"password" : "",
"port" : "5999"
},
"loginserver2" : {
"account" : "",
"host" : "<address>.no-ip.biz",
"password" : "",
"port" : "5999"
},
"longname" : "some name",
"shortname" : "some name 070_pop",
"tcp" : {
"ip" : "<address>.no-ip.biz",
"port" : "9001"
},
"telnet" : {
"enabled" : "true",
"ip" : "<address>.no-ip.biz",
"port" : "9000"
}
},
"zones" : {
"defaultstatus" : "0",
"ports" : {
"high" : "7400",
"low" : "7000"
}
}
}
}

login.ini
[database]
host = localhost
port = 3306
db = peq
user =
password =
subsystem = MySQL

[options]
unregistered_allowed = TRUE
reject_duplicate_servers = FALSE
trace = TRUE
world_trace = FALSE
dump_packets_in = FALSE
dump_packets_out = FALSE
listen_port = 5999
local_network = 192.168.99.
auto_create_accounts = TRUE

[security]
plugin = EQEmuAuthCrypto
mode = 5

[Titanium]
port = 5998
opcodes = login_opcodes.conf

[SoD]
port = 5999
opcodes = login_opcodes_sod.conf

[schema]
account_table = loginserver_server_accounts
world_registration_table = loginserver_world_server_registration
world_admin_registration_table = loginserver_server_admin_registration
world_server_type_table = loginserver_server_list_type

for the moment I have the windows firewall completely disabled on win 10 pro box. win 10 has a static ip

port forwarding looks like

5999
5998
9000
7778
7000-7500

QoS is disabled on the router
UPnP is disabled on the router
IPv6 is disabled on the router

this is a netgear R6230 with the latest firmware.
I can login from LAN machines without issue using RoF2 client. anyone trying to come in from the WAN gets timeouts on the zone ports (7000, 7001, etc.)

zone.exe is starting all of the zones on 127.0.0.1:<random high port> like 61130

if I use a site like yougetsignal.com for port 7000 its showing as closed. yet 5999 is open

netstat /an does not show those ports as listening on the win 10 box. tho 7778 is.

Not quite sure what you're doing here ? <address>.no-ip.biz
You are using 9001, is that in port forward ?

<address> was just me masking my DNS address.

9001 wasn't in port forwarding.

<address> was just me masking my DNS address.

9001 wasn't in port forwarding.

I used that dyndns once long ago, but in the configs, I still used just my own external IP.
The dyndns account pointed to that IP and clients put that address in their eqhost.
But not sure how you are setting yours up.

after adding 9001.

I can see that 9000, 9001, 5998, 5999 are all open ports to the outside world. 7000 , 7001, etc are not.

using my actual IP and removing all DNS entries. I end up with port 7000 still being an issue.

I'm also seeing
[Error] Handle_NewLSInfo error, remote address was null, defaulting to stream address <my ISP IP address>

In your config, can you try this out ?

"high" : "7100",
"low" : "7500"

Instead of this ?
"high" : "7400",
"low" : "7000"

i'm assuming you meant

low 7100
high 7500

i'm seeing open UDP ports in that range now (and the 7000 range if i switch back).

i'm guessing that the DNS trick you asked previously was the fix. will need to test from the WAN to confirm

"zone.exe is starting all of the zones on 127.0.0.1:<random high port> like 61130"

Don't worry about that..it's internal and doesn't affect client connectivity.

still an issue

this is from the client outside of the network

[Sat May 05 15:37:49 2018]00466:Initializing character select UI.
[Sat May 05 15:37:49 2018]00467:Resetting game UI.
[Sat May 05 15:37:53 2018]00468:Zone Connect -- 0 -- Received MSG_ZONE_ADDRESS
[Sat May 05 15:37:53 2018]00469:Zone addr [:48155] received...
[Sat May 05 15:37:53 2018]00470:ZONING
[Sat May 05 15:37:53 2018]00471:Networking: Connection Closed [0] with 0 pending bytes.
[Sat May 05 15:37:53 2018]00472:Networking: using port [59524].
[Sat May 05 15:37:53 2018]00473:Networking: Connection Established [1]
[Sat May 05 15:38:53 2018]00474:Could not connect to :7100 [client:DisconnectReasonConnectFail,server:Disconne ctReasonNone]. Negotiation count: 599.

[Sat May 05 15:38:53 2018]00475:Networking: Connection Closed [0] with 0 pending bytes.
[Sat May 05 15:38:53 2018]00476:Failed to connect to zoneserver (, port 7100), result = 1, for MSG_ZONE_ADDRESS.

this is a working LAN login.

something is happening that port 7100 isn't being used locally. and it isn't giving an actually address on port 7100 for outside traffic.

[Sat May 05 15:45:37 2018]00233:Zone Connect -- 0 -- Received MSG_ZONE_ADDRESS
[Sat May 05 15:45:37 2018]00234:Zone addr [192.168.99.76:48155] received...
[Sat May 05 15:45:37 2018]00235:ZONING
[Sat May 05 15:45:37 2018]00236:Networking: Connection Closed [0] with 0 pending bytes.
[Sat May 05 15:45:37 2018]00237:Networking: using port [64611].
[Sat May 05 15:45:37 2018]00238:Networking: Connection Established [1]
[Sat May 05 15:45:38 2018]00239:Connected to 192.168.99.76:48155...

[Sat May 05 15:45:38 2018]00240:Zone Connect -- 2 -- Sending MSG_EQ_ADDPLAYER
[Sat May 05 15:45:39 2018]00241:Zone Connect -- 3 -- Received MSG_SEND_PC
[Sat May 05 15:45:39 2018]00242:Received our Player from zone.
[Sat May 05 15:45:39 2018]00243:Received MSG_EQ_ADDPLAYER, Player = Raen, zone = Greater Faydark
[Sat May 05 15:45:39 2018]00244:MSG_TIME_STAMP received.
[Sat May 05 15:45:39 2018]00245:MSG_TIME_STAMP received. (Items inc).
[Sat May 05 15:45:39 2018]00246:Item done, MSG_WEATHER_EVENT received.

[Sat May 05 15:45:39 2018]00247:Initializing zone.
[Sat May 05 15:45:39 2018]00248:Initializing world.
[Sat May 05 15:45:39 2018]00186:Beginning handling memory on zoning.

Is it something as simple as needing to add ?

!--<address>Serving Machines IP</address>-->
<!--<localaddress>127.0.0.1</localaddress>-->

To the json file in some way? I noticed that this newest build doesn't use the xml file anymore.

The FULL .json config is a little different, but this is what I am
using right now on the public server I have up. It doesn't apply
to a private outside login, since I am using the Emu public login.


{
"server" : {
"chatserver" : {
"host" : "127.0.0.1",
"port" : "7778"
},
"database" : {
"db" : "peqname",
"host" : "127.0.0.1",
"password" : "*****",
"port" : "3306",
"username" : "*****"
},
"directories" : {
"logs" : "logs/",
"lua_modules" : "lua_modules/",
"maps" : "maps/",
"patches" : "./",
"plugins" : "plugins/",
"quests" : "quests/",
"shared_memory" : "shared/"
},
"mailserver" : {
"host" : "127.0.0.1",
"port" : "7778"
},
"qsdatabase" : {
"db" : "peqname",
"host" : "127.0.0.1",
"password" : "*****",
"port" : "3306",
"username" : "*****"
},
"world" : {
"http" : {
"enabled" : "false",
"mimefile" : "mime.types",
"port" : "9080"
},
"key" : "10a29b38c47d56eza1yb2xc3",
"locked" : "true",
"loginserver1" : {
"account" : "********",
"host" : "login.eqemulator.net",
"legacy" : "1",
"password" : "******",
"port" : "5998"
},
"loginserver2" : {
"account" : "********",
"host" : "192.168.0.25",
"legacy" : "0",
"password" : "******",
"port" : "5999"
},
"longname" : "My Server Long Name",
"shortname" : "myshortname",
"tcp" : {
"ip" : "127.0.0.1",
"port" : "9000",
"telnet" : "disable"
}
},
"zones" : {
"defaultstatus" : "0",
"ports" : {
"high" : "7500",
"low" : "7100"
}
}
}
}

the client isn't receiving an address for zones outside of the network. I can't explain why that is happening

inside the network
[Sat May 05 15:45:37 2018]00233:Zone Connect -- 0 -- Received MSG_ZONE_ADDRESS
[Sat May 05 15:45:37 2018]00234:Zone addr [192.168.99.76:48155] received...

outside of the network

[Sat May 05 15:37:53 2018]00468:Zone Connect -- 0 -- Received MSG_ZONE_ADDRESS
[Sat May 05 15:37:53 2018]00469:Zone addr [:48155] received...

the server is running on a laotop.

the client inside of the network is on a completely different machine. yet I get connected fine.

The fix was to abandon a Windows PEQ server and create one on Linux Mint 18.3
i'm now able to have players connect via DNS to my private login. thanks for all of the help.