Results 1 to 5 of 5

Thread: Port Triggering

  1. #1
    ROG Member Array
    Join Date
    Mar 2012
    Reputation
    10
    Posts
    7

    Port Triggering

    I just purchased this routers, and so far, so good. I did have the issue of updating the firmware on it, but it's not hard to go to the website, download, then update it. Is what it is. I trust in ASUS to fix this. That said, I was curious if anyone thinks it is weird that we are locked to only using 1 port for triggering? If I wanted to connect to a dedicated Steam server, my previous routers allowed a range of ports for game connection and server detection. Makes life a little easier. I am by no means some network guru, but maybe someone can offer up some better advice. As triggering is more secure, that is the option I would prefer to use over forwarding.

    Maybe I'm missing the boat on something, and if I am, by all means correct me.

  2. #2
    Banned Array
    Join Date
    Jun 2017
    Reputation
    11
    Posts
    67

    I would use the feedback section in the router and send this query to the engineers. I don't however know if you will get a response this way as I have already submitted numerous issues via this method but have yet to get a response. I am however sure that one of the moderators on this forum will respond - just can't say when.

    Regards
    Mark

  3. #3
    ROG Guru: Black Belt Array Korth PC Specs
    Korth PC Specs
    MotherboardASUS X99 R5E (BIOS2101/1902)
    ProcessorHaswell-EP E5-1680-3 SR20H/R2 (4.4GHz)
    Memory (part number)Vengeance LPX 4x8GB SS DDR4-3000 (CMK32GX4M4C3000C15)
    Graphics Card #1NVIDIA Quadro GP100GL/16GB, 16xPCIe3, NVLink1 (SLI-HB)
    Graphics Card #2NVIDIA Quadro GP100GL/16GB, 16xPCIe3, NVLink1 (SLI-HB)
    Sound CardJDS Labs O2+ODAC (RevB), USB2 UAC1
    MonitorASUS PG278Q
    Storage #1Samsung 850 PRO 512GB SSDs, 4xSATA3 RAID0
    Storage #2Comay BladeDrive E28 3200GB SSD, 8xPCIe2
    CPU CoolerRaijintek NEMESIS/TISIS, AS5, 2xNH-A14
    CaseObsidian 750D (original), 6xNH-A14
    Power SupplyZalman/FSP ZM1250 Platinum
    Headset Pilot P51 PTT *modded*
    OS Arch, Gentoo, Win7x64, Win10x64
    Network RouterActiontec T3200M VDSL2 Gateway
    Accessory #1 TP-Link AC1900 Archer T9E, 1xPCIe
    Accessory #2 ASUS/Infineon SLB9635 TPM (TT1.2/FW3.19)
    Accessory #3 ASUS OC Panel I (FW0501)
    Korth's Avatar
    Join Date
    Mar 2015
    Reputation
    152
    Posts
    2,719

    Some routers allow more than one client to use port triggering or port forwarding.
    Some routers are limited to a single client.
    None of these allow multiple clients to simultaneously use port triggering and forwarding.

    There's almost always an option or a method for entering a range of ports. Although it's sometimes not obvious and it's often badly documented. And yes, sadly, it can be an oversight (or bug) in user-interface design running from firmware.

    Exactly which model ASUS router do you have?

    If you're accessing your router configuration through a browser, you might be able to edit the page/script source and manually enter your values into fields. But before going through all that trouble, you should simply clean all browser cache/cookies and try reloading the router page, you should also just try using different browsers (especially yucky Internet Explorer, since it's always the Windows "default"). Any dependencies in your router interface (like Microsoft.NET, VC++, etc) should be documented somewhere, although such stuff is sometimes overlooked in non-Enterprise products, so you may have to research your router/firmware specifics or you may have to simply keep your WinOS fully updated with all the latest-and-greatest components.

    Some WinOS editions can display remote devices in the Device Manager. If your router is listed, you can right-click on it and access a "Settings" or "Advanced" tab which typically lists all user-configurable options, including hardware firewall services such as port triggering/forwarding IP subsets. You will need to access your router's Admin login to save any persistent changes, but many routers/switches/gateways do not require login for per-session changes.

    A software firewall can provide exactly the same functions as port triggering/forwarding. You might find "life a little easier" if you disable port triggering/forwarding and configure in software instead. Windows Firewall is, astonishingly, one of the most secure options available. Impact of a decent software firewall on system resources (CPU, RAM, etc) is usually minimal and actual network performance (in terms of pings and bandwidths) is usually comparable since a hardware firewall actually imposes a performance hit anyways (which varies between chipsets, products, and firmcode efficiencies - all routers are not created equal).

    I suspect you basically want Steam's network access to be disabled until/unless you explicitly open the Steam service. Not sure why, exactly, and it's basically a good network security practice, but it's not strictly necessary. Steam isn't going to hack you. Steam isn't very likely to be hacked by someone who will use it to hack you. And any Steam-based trojans/malware payloads you've got on your machine are going to wait until Steam is connected anyways, so locking Steam out on a per-demand basis wouldn't secure anything the next time Steam gets launched. I suspect you prefer hardware firewall to software firewall for performance reasons, but the difference is really quite inconsequential (usually immeasurable) unless your system or network connection already struggles to meet minimum requirements or your network is tremendously busy with packet handling (like <ahem> P2P torrent sharing in background while you play games).
    Last edited by Korth; 06-21-2017 at 08:38 AM.

  4. #4
    ROG Member Array
    Join Date
    Mar 2012
    Reputation
    10
    Posts
    7

    Thank you both for you responses.

    In regards to the router, I am running the Rapture GT-AC5300. I am new ASUS routers. I figured I would take the dive as I am an avid ASUS hardware fan (not the support though, sadly) That said, I just thought it was off for such a high priced router to not have that particular feature. It's not a make or break thing. Previous routers I have had allowed this, hence why I was perplexed. I had used IE, FF, and Chrome both at home and at work, and both provided the same level of detail in the router, with and without cookies cleared.

    The reason why I was looking to use it is I have people in the house that run servers. So instead of leaving ports open with forwarding, I was looking to have them triggered. Steam was just an example as I know some of the people in the house run Dedicated or Listen Servers, which really only require a single port anyway. When I do game, I typically have nothing in the background running, so things like BitTorrent aren't an issue. I would switch to a software firewall/router, and honestly considered standing up a Virtual Machine to do it since I have a PowerEdge server. Laziness won out, so I purchased the hardware option.

    Not super concerned about it anymore, I'm over it. lol Nonetheless, your responses were appreciated!

    Off topic:
    I am starting to to play around with the setting more and more, and I'm finding little nuances, like WTFast won't connect in the router, unless you connect via HTTP. HTTPS connection elicits a "Server does not Response" error message.

    Also found that the router took my DDNS hostname and let me apply it, despite that hostname being occupied by someone else. No errors in the router UI about it. When I wasn't able to connect to it, I did an nslookup, to find...well, it wasn't my IP lol.

  5. #5
    ROG Guru: Black Belt Array Korth PC Specs
    Korth PC Specs
    MotherboardASUS X99 R5E (BIOS2101/1902)
    ProcessorHaswell-EP E5-1680-3 SR20H/R2 (4.4GHz)
    Memory (part number)Vengeance LPX 4x8GB SS DDR4-3000 (CMK32GX4M4C3000C15)
    Graphics Card #1NVIDIA Quadro GP100GL/16GB, 16xPCIe3, NVLink1 (SLI-HB)
    Graphics Card #2NVIDIA Quadro GP100GL/16GB, 16xPCIe3, NVLink1 (SLI-HB)
    Sound CardJDS Labs O2+ODAC (RevB), USB2 UAC1
    MonitorASUS PG278Q
    Storage #1Samsung 850 PRO 512GB SSDs, 4xSATA3 RAID0
    Storage #2Comay BladeDrive E28 3200GB SSD, 8xPCIe2
    CPU CoolerRaijintek NEMESIS/TISIS, AS5, 2xNH-A14
    CaseObsidian 750D (original), 6xNH-A14
    Power SupplyZalman/FSP ZM1250 Platinum
    Headset Pilot P51 PTT *modded*
    OS Arch, Gentoo, Win7x64, Win10x64
    Network RouterActiontec T3200M VDSL2 Gateway
    Accessory #1 TP-Link AC1900 Archer T9E, 1xPCIe
    Accessory #2 ASUS/Infineon SLB9635 TPM (TT1.2/FW3.19)
    Accessory #3 ASUS OC Panel I (FW0501)
    Korth's Avatar
    Join Date
    Mar 2015
    Reputation
    152
    Posts
    2,719

    The router can be busy (swamped) if other people are using it simultaneously. For proper security, you basically need to assume the worst-case scenario if you don't actually know who's on it or what they're doing on it at any given time.

    Settings like WTFast may not be configurable, only listed for compatibility or listed because they're a part of a generic Broadcom AC5300 (BCM4908/BCM49408 and BCM4366E chipset) firmware package. You could try installing Broadcom's generic AC5300 firmware or firmware designed for other GT-AC5300 products, and some of these (like this linux-compatible version) might even be better than the ASUS-provided firmware, but this also voids your ASUS warranty and involves risk of permanently bricking your router - not recommended unless you seriously *need* the functionality and you really know what you're doing.

    I suspect WTFast remains disabled because not all connected/logged machines are WTFast-capable. It's common for network hardware to default to older and slower standardized protocols (and disable any nonstandard add-on enhancements/features/functionality) when any connected machine doesn't fully/properly support the tech. Many routers will limit network service and performance levels on every connected machine to the network service and performance levels of the slowest connected machine.

    There's numerous methods for translating or spoofing DNS/DDNS hostnames. The hostname displayed on your router is not always entirely meaningful, unless you have full control of all network hardware and all network devices connected to (or through) it. It's the sort of setting that's best ignored unless it's causing something to be broken.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •