Port Triggering

Port triggering can be used for dynamic port forwarding configuration. By setting port triggering rules, you can allow inbound traffic to arrive at a specific LAN host, using ports different than those used for the outbound traffic. This is called port triggering since the outbound traffic triggers to which ports inbound traffic is directed.

For example, consider a gaming server that is accessed using UDP protocol on port 2222. The gaming server responds by connecting the user using UDP on port 3333 when starting gaming sessions. In such a case you must use port triggering, since this scenario conflicts with the following default firewall settings:

• The firewall blocks inbound traffic by default.
• The server replies to OpenRG's IP, and the connection is not sent back to your host, since it is not part of a session.

In order to solve this you need to define a Port Triggering entry, which allows inbound traffic on UDP port 3333, only after a LAN host generated traffic to UDP port 2222. This will result in accepting the inbound traffic from the gaming server, and sending it back to the LAN Host which originated the outgoing traffic to UDP port 2222.

Click the 'Port Triggering' tab on the security screen, the 'Port Triggering' screen will appear (see figure 6.9). This screen will list all of the port triggering entries.

Figure 6.9: Port Triggering

Let's add an entry for the gaming example above:

1. Click the 'New Entry' link to add an entry (see figure 6.10).

   Figure 6.10: Adding Port Triggering Rules

   

2. Click the 'New User-Defined Service' link to add an entry (see figure 6.11).

   Figure 6.11: New User-Defined Service

   

3. Specify the following port triggering entries in the ``New Server Ports'' and ``New Opened Ports'' respectively (see figure 6.12):

   Figure 6.12: Define Service Server Ports

   
   • Server Ports: UDP ANY->2222
   • Opened Ports: UDP ANY->3333

4. Mark the 'Add Port Triggering Rule' check-box next to your service description in the general 'Port Triggering' screen to enable port redirection.

   Figure 6.13: User-Defined Service

   

There may be a few default port triggering rules listed when you first access the port triggering screen. Please note that disabling these rules may result in impaired gateway functionality.