-
Ever wanted an RSS feed of all your favorite gaming news sites? Go check out our new Gaming Headlines feed! Read more about it here.
Port Forwarding for PSN
- Thread starter RangerBAD
- Start date
The order is a bit funky because I had it setup for PS4, then added the extra ports that Sony specifies for Vita/PS3.
Here's an official page. It varies by PS4 vs. PS3/Vita. Note that I ignored the remote play, headset stuff, and PS Now.
Sony Firewall Link - PSN
Here's an official page. It varies by PS4 vs. PS3/Vita. Note that I ignored the remote play, headset stuff, and PS Now.
Sony Firewall Link - PSN
Last edited:
It's fine and necessary. It just allows the firewall to pass/forward both UDP and TCP traffic for that port rather than dropping one or the other.
Sure. I usually keep it simple. LAN to WAN: allow. WAN to LAN: deny. Once the LAN establishes the connection, returning traffic is allowed.
I would only port forward to resources that need to be accessible to the entire internet. I can't think of a good reason to open these ports (at someone's home) to the internet.
This. I remember the annoyance of port forwarding and uPnP is a massive quality of life change.
Again, it'll depend on what users require from local security and what their devices support. Security and convenience are on opposite ends of the scale. UPNP is too close to the convenience side and too far away from the security side for many people.
I don't have everything just wide open, my particular configuration is pretty well locked down. I have individual device groups defined on the local network and when possible domains/addresses/etc defined on the WAN side on a per-service basis.
I'm super far away from the convenience end of things.
Last edited:
OP
OP
It's a wi-fi connection. I don't know if that matters because I don't know if I understand what you're saying.
It's the same idea. I'm only suggesting you don't need to do any port forwarding because you'd be opening those ports up to the rest of the world. It's likely that your current set up is just fine.
May I ask your reason for doing this?
To avoid NAT issues, the ports need to be open in order to matchmake properly. Strict NAT means you'll only be able to matchmake with people with Open NAT.
OP
OP
I've just done this since I got my first router. I don't remember the initial reason. Just have always set a static IP for the PS3/PS4/Vita and opened ports.
This is probably the reason.
I see. I'm not familiar with networking geared towards gaming. There must be something going on with the match making that I'm not aware of.
It's usually P2P matchmaking which means you'll connect directly to other players. If all ports are closed by default, you'll be facing issues when trying to join a game with them or host games yourself.
I remember having issues joining game hosts/voice party hosts on Xbox 360 if they had a strict NAT for example, but could join people who had an Open NAT just fine, which makes sense.
With dedicated servers this becomes a non issue.
This makes sense. So you really do need these ports open to the internet, as in the other players in the lobby. That's interesting.
Yeah, that's why i suggest uPnP. This will open the ports automatically when you need them instead of having them permanently open from port forwarding.
This assumes you're able to keep your computer(s) clean from malware though, but that's simple enough depending on your household.
erm. I do networks and I don't get what you're trying to do.
If you have a home router it will have UPnP. This means that the PS4 will request whatever port it requires forwarded from your router.
Have you given your PS4 a static LAN IP? So you've disabled DHCP? If so you can still use UPnP
If you have a static WAN IP, then that shouldn't make a different to your LAN.
Unless you've been given an Internet reachable subnet that you can assign a public IP to your PS4.
LOL, where'd you find this? Port 80, 443 and 8080? Is your PS4 hosting a web server hahaha.
Ports 80,, 8080, 443, 465 and 993 are not needed. The first three are standard HTTP and HTTPS ports and the other two are for email. 3478-3480 you only need one set per system, as those are the standard PSN ports and the system will "rotate" through them to find an open one. Likewise 5223 is not needed because its just a standard port for a lot of different things.
For PSN, for one system, you really only need to forward 3478 on UDP and TCP to get a NAT Type 2. Everything else is rather superfluous.
You can give something a static IP and still have DHCP enabled, I do that for all of the known devices on my network, split them into different octets for quick visibility and then they grab the IP from the router via DHCP. I do agree, though, that unless you have an old as shit router that cannot do secure UPNP (or UPNP2 as it's frequently noted) you shouldn't need to setup a NAT port forward.
That's what I've been saying (minus the snark.) And mainly why I didn't understand the point of opening the ports. I configure firewalls for a living. If a customer asked me to open these ports, to the internet, for gaming reasons, I would advise against it.
I'll agree again, UPnP is the safest approach.
I simply included the ports that Sony recommends in their published articles.
OP
OP
I hear ya. I'm not making this a personal attack.
I think Sony would only say this because technically, if these ports are blocked, then you will have problems. Opening them to the world just isn't safe.
I'm sure it's as simple as logging into your home router and clicking on/off.
No harm intended, it's just serious overkill for any normal user.
It's in the Sony link. I'm glad you enjoyed it so much.
I simply provided a summary of ports that Sony publishes as required for their services, along with a link to that information for context. No, I'm not doing any web hosting from my PS4. I have a bunch of application level and IPS stuff going on, so I have a rule that allows my PS3/PS4/Vita to initiate connections that are unimpeded by these policies. Otherwise sometimes the default rules cause problems for PSN (and Xbox Live similarly).
Yes there are probably ports there that would function just fine with the default policy but it doesn't really matter. I don't have them open WAN-> LAN as some seem to have interpreted.
Last edited:
UPnP is going to be the simplest way to have P2P connectivity work for games and chat. If you setup port forwarding, you'll want to put your PS4 on a static IP address to prevent it from moving to a new IP and requiring the forwarding rules to be reconfigured to point to the new internal address. Another option is port triggering, which is more automated than forwarding but isn't a feature that you'll see on all routers. Triggering works similar to forwarding, but instead of static rules mapping inbound traffic destined for specific ports to specific internal IP addresses, the router will dynamically create forwarding rules whenever it sees traffic matching the specific port being sent from an internal address. This allows for multiple devices in the home to have rules created dynamically by the router and typically doesn't require setting static IP addresses on your devices, but it only allows a single device to leverage the dynamic rules at any given point in time. And then there's the DMZ option. This will allow any unsolicited, inbound traffic to be forwarded to a specific internal address to work around P2P connection issues.
One thing that I don't recall see being mentioned so far is that in addition to ports used by PlayStation for things like Party Chat, there are also some games that leverage P2P network architecture that will use additional network ports as well. So setting up port forwarding or port triggering configurations will require additional rules for some games that use their own network ports. If UPnP is working properly between the game and your router, those rules will be setup automatically. And placing the console in the DMZ should also work for those games.
In short, UPnP is going to be the simplest method to enabling P2P communication for features like Party Chat and for games that use a P2P architecture. There are instances where routers may have a buggy UPnP implementation running, or have a version of UPnP installed that isn't backwards compatible with most current devices and results in NAT issues. In those instances, folks usually end up using either port forwarding, port triggering, or DMZ configurations to work around the problem. Port forwarding and port triggering are good workarounds, but you'll likely need to add additional rules depending on the games that you play. And putting the console in the DMZ is more of a catch all solution if none of the above methods work.
Also note: many of these network features overlap with each other, so you'll want to make sure you only use one at a time, e.g. if you enable UPnP on your router, make sure to disable any DMZ, port forwarding, or port trigger rules.
OP
OP
This was what I was wanting to know. Thanks. I'm going to set a static IP for the PS4. I have a question about using Google DNS servers. Would I have to set those statically on my computer or router to use them on my PS4?
Clarification: using a static IP isn't needed when using UPnP. DHCP + UPnP makes things more simple and automagic.
As for using Google DNS servers, the easiest method would be to set that up on your router, versus having to go device-by-device configuring manual DNS settings to override what gets set via DHCP. How routers implement the alternate DNS configuration can differ, though. Some will just pass down the DNS server values to client devices via DHCP settings, while others will still point client devices to the router as a DNS relay and the router will start using the alternate DNS services rather than those passed down to it from your ISP. Also, there are other DNS services out there that you might also consider, such as OpenDNS or Cloudflare. And also be aware that if your ISP connection supports IPv6 that you may want to also configure the IPv6 addresses for the alternate DNS service (even though IPv6 DNS lookups can be issued to the DNS service via IPv4).
OP
OP
I'll send you a DM and see if I can walk you through the setup.