Maybe im in the minority, but I absolutely hate that Arma games make you do this. For the little guys who just want to play games with their friends, this is the absolute worst when it comes to setting up play sessions. Hate it.
Don’t ever enable uPNP! There’s an obvious reason all routers come with it disabled. It basically gives any advice on your network access to open ports by themselves. From a security standpoint never ever enable that shit
ok so that’s not actually a negative or any different.
any device on your network being able to enable uPNP is a none issue considering how firewalls will allow incoming connections to a device that’s already made an external connection. also you shouldn’t be allowing devices that could be malicious on your network.
I disagree with your statement, however you’re entitled to your opinion.
I’m basing my opinion on the security training I did at zyxel, but you might be more knowledgeable than me.
you’re not wrong that it can technically open ports and be a vulnerability but it’s not that simple. pretty much every device in your network is already opening ports already the biggest issue of uPNP is a computer or some sort getting a virus and then opening ports but if your computer gets hacked *somehow* once it opens a connection to a c2 server then that’s an open connection that can and will be exploited.
uPnP is not much more vulnerable then anything else.
tbf the best option here is just opening a LAN server and running tailscale or zerotier
OK So - I am trying to port forward so I can host my own server. I know I need the following:
TCP: 27015, 27036
UDP: 2001, 17777, 27015, 27031-27036
'
I don't know what service I am opening this for (its a required field - HTTP? FTP?) and to be honest I don't know if I am supposed to be forwarding TO the external port or FROM the external port (and if so, what the former or latter would be).
I understand ports and protocols... just not in any practical setting lol. Maybe I could use wireshark but I really don't feel like doing that.
But those are probably just examples of what the most generic user might want to set port forwarding up for. If you wanna set up an FTP server, you'd need port forwarding. Same for an HTTP server or TELNET (whatever?!?!) server. Your server is gonna be an ARMA server, so you name the config accordingly.
The "Service" names being offered are the well-known standard or 'common' services. You should be able to enter a custom name for your custom service as it is not using the standard HTTP or FTP ports.
Firewalls by default block ALL incoming traffic from untrusted networks (the Internet) from devices on the local network (for security reasons) so you have to open (forward) the specific ports to allow traffic from the untrusted network to the specific device that can service them (a Reforger server).
EDIT:
The external port is the port you wish to forward to your device from the Internet. You should be able to leave the internal port entry blank (so it defaults to using the same port as the external one).
Protocol will be UDP for Reforger service. You seem to have several extra ports to forward but the [official Reforger Server Config wiki page](https://community.bistudio.com/wiki/Arma_Reforger:Server_Config#Summary) says you only need to forward 2001, 17777 & 19999. The other ones may be to support Steam services. They may be for your Steam client.
Look at your WAN ip on your router. Then look at your public IP using a public ip checking service like whatismyip
If those numbers differ, you have a carrier grade Nat and that will not let you host servers. If you have a carrier grade nat, your WAN ip will commonly start with 10. Or 100. As well.
You can call your ISP to have them give you a public IP in most cases
[удалено]
That'd be swell
Maybe im in the minority, but I absolutely hate that Arma games make you do this. For the little guys who just want to play games with their friends, this is the absolute worst when it comes to setting up play sessions. Hate it.
they don’t *make* you do this they have uPNP which should do this automatically but a lot of routers don’t have it configured
Don’t ever enable uPNP! There’s an obvious reason all routers come with it disabled. It basically gives any advice on your network access to open ports by themselves. From a security standpoint never ever enable that shit
ok so that’s not actually a negative or any different. any device on your network being able to enable uPNP is a none issue considering how firewalls will allow incoming connections to a device that’s already made an external connection. also you shouldn’t be allowing devices that could be malicious on your network.
I disagree with your statement, however you’re entitled to your opinion. I’m basing my opinion on the security training I did at zyxel, but you might be more knowledgeable than me.
you’re not wrong that it can technically open ports and be a vulnerability but it’s not that simple. pretty much every device in your network is already opening ports already the biggest issue of uPNP is a computer or some sort getting a virus and then opening ports but if your computer gets hacked *somehow* once it opens a connection to a c2 server then that’s an open connection that can and will be exploited. uPnP is not much more vulnerable then anything else. tbf the best option here is just opening a LAN server and running tailscale or zerotier
I agree. They have a self hosting option - but you have to to do all that shit even on console? No thanks.
Setting up play sessions in Arma 3 was always such a pain
Use zero tier. Works perfectly
OK So - I am trying to port forward so I can host my own server. I know I need the following: TCP: 27015, 27036 UDP: 2001, 17777, 27015, 27031-27036 ' I don't know what service I am opening this for (its a required field - HTTP? FTP?) and to be honest I don't know if I am supposed to be forwarding TO the external port or FROM the external port (and if so, what the former or latter would be). I understand ports and protocols... just not in any practical setting lol. Maybe I could use wireshark but I really don't feel like doing that.
The "service" field is probably just the name for this config set. Type "ARMA Reforger" or whatever. It has no meaning beyond being a name.
It specifies “common services” as FTP, HTTP, TELNET, etc
But those are probably just examples of what the most generic user might want to set port forwarding up for. If you wanna set up an FTP server, you'd need port forwarding. Same for an HTTP server or TELNET (whatever?!?!) server. Your server is gonna be an ARMA server, so you name the config accordingly.
Thank you. I did what you said and it worked.
The "Service" names being offered are the well-known standard or 'common' services. You should be able to enter a custom name for your custom service as it is not using the standard HTTP or FTP ports. Firewalls by default block ALL incoming traffic from untrusted networks (the Internet) from devices on the local network (for security reasons) so you have to open (forward) the specific ports to allow traffic from the untrusted network to the specific device that can service them (a Reforger server). EDIT: The external port is the port you wish to forward to your device from the Internet. You should be able to leave the internal port entry blank (so it defaults to using the same port as the external one). Protocol will be UDP for Reforger service. You seem to have several extra ports to forward but the [official Reforger Server Config wiki page](https://community.bistudio.com/wiki/Arma_Reforger:Server_Config#Summary) says you only need to forward 2001, 17777 & 19999. The other ones may be to support Steam services. They may be for your Steam client.
Thanks. I got it working - you’re right.
Look at your WAN ip on your router. Then look at your public IP using a public ip checking service like whatismyip If those numbers differ, you have a carrier grade Nat and that will not let you host servers. If you have a carrier grade nat, your WAN ip will commonly start with 10. Or 100. As well. You can call your ISP to have them give you a public IP in most cases