Im trying to follow the instructions from League of Legends support to open port forwarding on the Coda modem.
League of Legends support recommends opening incoming ports:
UDP 5000 -5500 , 8088
TCP 8389-8400, 8088, 5222-5223, 2099
I tried to set them up as follows, on the CODA modem:
TCP: 2099 ( as private ), 5222-5223 ( as public ), 8088 ( as private ) , 8393-8400 ( as public )
UDP : 5000-5500 ( as public ), 8088 ( as private ).
remote server: 188.8.131.52 --184.108.40.206
Im not doing it correctly since the port forwarding does not work for the Leage of Legends.
The question is which ones should be defined under PRIVATE and which ports should be defined under PUBLIC options on the CODA port forwarding configuration option ?
Thank you for your help.
Welcome to the community!
It's admittedly strange to hear someone requiring port forwarding for League of Legends! UPnP should be enabled on your modem allowing for optimal connectivity to the majority of major gaming ingest servers, including Riot's,so it's concerning for sure if that's not happening. We'll be happy though to assist in any way we can. I haven't personally had to apply port forwarding for LoL, so for specifics regarding their required ports, and port forwarding settings, you may need to contact their support directly.
To best assist though with removing the requirement of port forwarding, can you confirm the following for us?
LoL does work with no problems but only when routers Firewall is set to Typical or Minimum config.
LoL stops responding when the Maximum Level firewall is turned on.
I got the port forwarding info from LoL tech support website :
List of ports to forward:
Coda's port forwarding panel has options for Private and Public port ranges. Which ones need to be defined as public and which ones as private?
I just got the brand new modem from Rogers, so it must have the latest firmware on it.
Just leave your firewall at Minimum configuration. Unless I'm mistaken, that's the default. It won't permit anything inbound to your inside network unless it matches with an established outbound connection (stateful firewall) or one that's been dynamically created using UPnP (universal plug and play). Besides, you said it works with those settings (don't turn off UPnP) so why tinker? 🙂
I'd like to keep the Firewall at Maximum configuration; there are reasons why this option is available there; ... and I'd really would like to totally disable UPnP ( really bad wrap when it comes to security.)., but I know I need it for port forwarding.
If you can't have port-forwarding w/o UPnP then you don't have much of a choice, do you? That said, UPnP is not (read: never!) a good option for a commercial firewall in a business context but I wouldn't be particularly worried about using it in my home. I recognize that there are reasons for having different firewall settings (max, minimum, custom....) but these setting aren't very granular.
At a certain point you have to balance the likelihood of someone compromising your security vs the vulnerability. That said, are you talking about port-forwarding or port-triggering? Two different things. If port-forwarding (and I really believe this is what you mean, then essentially all you're doing is selectively forwarding traffic that hits those ranges of port numbers on your WAN side to a specific device on the LAN side. For example, if someone is trying to communicate with your LAN connected device (aka inside PC) from the Internet on port 443 (secure HTTP) then you would forward all traffic on the public (aka WAN) port 443 to private port 443 on IP address <= the inside PC>. For this to work properly you will need to define a static IP address for that PC, which in your case is your gaming rig. You can either hard-code it on your PC or you can create a DHCP reservation for that PC on your modem so that, despite the fact that it's a dynamically obtained IP address, you get the same address every time. This way, you are limiting the attack surface of your network, and only exposing that one inside PC and only on specific ports.
You can also expose that PC to all external access by specifying its IP address when using the Basic -> DMZ settings on your modem. Thus, all outside->inside initiated traffic will be forwarded to that PC. A bit of a lazy approach, but if you have a personal firewall on that PC you might be able to get away with it. 😉