Does anyone know which ports need to be forwarded at the level of a NAT device in order to get best network performance from the PlayStation Network?

I was shocked when I realized this is not mentioned anywhere!

My firewall/router blocks all incoming connections through ports I have not explicitly forwarded.
This information would be essential.

Again...not to familiar with the terminology of "NAT" but is this some of what you are looking for: link (http://boardsus.playstation.com/playstation/board/message?board.id=psnetwork&thread.id=798)

Again...not to familiar with the terminology of "NAT" but is this some of what you are looking for: link (http://boardsus.playstation.com/playstation/board/message?board.id=psnetwork&thread.id=798)

NAT means Network Address Translation. It's a method to map a network address that makes sense outside your network to a network address that makes sense inside your network.

It's hard to explain from scratch, but basically it gives you some control on what connections can be established from outside your network.

There are ways to avoid restrictions imposed by NAT, but they usually imply decreased overall performance.

The link you posted is a good start for me to investigate.

Thank you very much!

Each game utilizes different ports (usually somewhere in the game manual or online support site).

Again...not to familiar with the terminology of "NAT" but is this some of what you are looking for: link (http://boardsus.playstation.com/playstation/board/message?board.id=psnetwork&thread.id=798)

I don't know the source of the information in this thread.
I think it might be a wild guess on the OP's part.

Some useful info can be found there about NAT:

http://au.playstation.com/ng/faq_advanced_networking.jhtml

I think the ports info was guessed from the way it worked with PS2.

I emailed Sony with this exact question...they emailed me back 2 days later with a generic email that had nothing to do with my question. I really hate these guys.

I emailed Sony with this exact question...they emailed me back 2 days later with a generic email that had nothing to do with my question. I really hate these guys.

:D

I am not surprised. I don't remember the last time I talked to a Customer Service Representative who actually knew anything.

They spend all of their time trying to match your questions with their available scripts and they are not very good at it.

Each game utilizes different ports (usually somewhere in the game manual or online support site).

You are kidding, right?

You are kidding, right?
No, I'm not. What makes you think I am?

No, I'm not. What makes you think I am?

Just because that's an idiotic approach for a console. I guess I should stop being surprised at some point.

With uPnP enabled routers and whatnot this shouldn't be much of an issue. My PS3 works fine on my school's network, where even freaking IRC is blocked.

With uPnP enabled routers and whatnot this shouldn't be much of an issue. My PS3 works fine on my school's network, where even freaking IRC is blocked.

uPnP is not ideal in terms of security.

On the other hand, if I'm going to have to open and close ports when I play this or that game, what a nightmare.

Response from SCEA:

Thank you for writing us.

We apologize for any inconvenience you may have experienced. Here are the TCP and UDP Port numbers
you will need to connect to our first-party game servers. If you need port numbers for games
published by third-party companies, you will need to contact them directly for additional
information.

For all PLAYSTATION(R)3 format software titles published by Sony Computer Entertainment America
(SCEA):

TCP Ports: 10070 - 10080
UDP Ports: 10070

In addition, please note these additional ports for the following titles:

SOCOM I,II,III:
TCP Ports: 10070 - 10080
UDP Ports: 10070, 50000
Voice Chat: UDP 6000-7000, 10070 (for headset operation)

Frequency
TCP Ports: 10070 - 10080
UDP Ports: 10070
Allow incoming ICMP Echo Reply

*Note: Please make sure to enable these TCP/UDP ports in BOTH directions.

Check your router for a "DMZ" setting. This allows ALL ports to be open for one IP address. (never use this on an IP that a PC is connected to. Use only for a console)

I use this myself and have had no problems.

Check your router for a "DMZ" setting. This allows ALL ports to be open for one IP address. (never use this on an IP that a PC is connected to. Use only for a console)

I use this myself and have had no problems.

I know about the DMZ option, but it's kind of risky if someone finds a way to install a trojan on your PS3.

I am asking Sony about a better alternative.

I'll keep you posted.

I know about the DMZ option, but it's kind of risky if someone finds a way to install a trojan on your PS3.

I am asking Sony about a better alternative.

I'll keep you posted.
Wouldn't you only need to worry about a trojan on your PS3 unless you don't have wep/wpa or some form of security set up. Just questioning for my own knowledge.

Wouldn't you only need to worry about a trojan on your PS3 unless you don't have wep/wpa or some form of security set up. Just questioning for my own knowledge.

Well, if someone successfully installs a trojan on your PS3, they have access to all your network parameters. They can sniff network packets, etc.

Now, I admit it's a long shot to imagine someone will ever be able to install a trojan on a PS3.

Well, if someone successfully installs a trojan on your PS3, they have access to all your network parameters. They can sniff network packets, etc.

Now, I admit it's a long shot to imagine someone will ever be able to install a trojan on a PS3.

It's a very long shot. Almost as long a shot as thinking Sony will deliver an easier way to do it. They don't set universal standards like Xbox Live. Every game will be a possible new headache.

I believe you can trust DMZ, but to each his own.

Update from SCEA...

The question was:

Could you explain to me how PlayStation 3 uses uPnP?
I assume enabling uPnP at the level of my firewall could allow the console to open any port required by any particular game.

Their answer is:

We apologize for any inconvenience, but we do not have any information to answer your question referenced in your email at this time. We recommend checking back with us in the future for additional updates and details.

In other words, Japan did not provide this information to SCEA.

SCEA must feel dangerously isolated.

DMZ helped a littl but still very slow for me

Actually it helped a lot!!!!
Well for online play anyway. My ping is constantly at its highest level (full green bar). and gameplay was lagless, I played against people with low pings in 2k7 and it was horrible, but against anyone with a decent ping it was beautiful, Resistance too was great online.

I guess I can accept that it takes an hour and 20 minutes to download ans install the motorstorm demo

I did the DMZ thing between my router and my old PS2. It worked but Socom definitely had it's problems at times. I guess I need to do it again for my PS3 ???

I did the DMZ thing between my router and my old PS2. It worked but Socom definitely had it's problems at times. I guess I need to do it again for my PS3 ???

Could someone explain how to set your DMZ settings in your router using wifi connect????

I have a D-Link DI-524. Is there a way to make it so that everything can get thru, and so you don't have to forward any ports (so that they will all automatically just get thru)? I'm not worried about security settings because my network is all hard-wired (not wireless).


Obviously I don't really have an in-depth understanding of security settings on routers or how to program them.

Are the router's settings programmed by logging into your router or by using buttons on the router itself?

I have a D-Link DI-524. Is there a way to make it so that everything can get thru, and so you don't have to forward any ports (so that they will all automatically just get thru)? I'm not worried about security settings because my network is all hard-wired (not wireless).


Obviously I don't really have an in-depth understanding of security settings on routers or how to program them.

Are the router's settings programmed by logging into your router or by using buttons on the router itself?

Your router has some kind of Web site built into it. You can access it using a Web browser at a certain address, often "http://192.168.1.1", once there you can put the IP address of your console in the DMZ field or check the box near "Enable uPnP".

So far, with my Linksys, using UPnP has been just fine, unlike my 360's UPnP support. :/

I would rather use UPnP, since the game asks for ports X-Y to be opened, and then lets go of them when it is done. Much better than just opening up a DMZ, IMO. The security issue comes into place that a trojan or worm /could/ ask for ports to open, but in the case of Windows worms/trojans, protecting your inbound ports is worthless anyways since these nasty guys tend to call out to their writers, not have the writer call in. They tend to assume they are behind a firewall, so they don't even try to open ports.

So far, with my Linksys, using UPnP has been just fine, unlike my 360's UPnP support. :/

I would rather use UPnP, since the game asks for ports X-Y to be opened, and then lets go of them when it is done. Much better than just opening up a DMZ, IMO. The security issue comes into place that a trojan or worm /could/ ask for ports to open, but in the case of Windows worms/trojans, protecting your inbound ports is worthless anyways since these nasty guys tend to call out to their writers, not have the writer call in. They tend to assume they are behind a firewall anyways.

for some reason I had UPnP enabled and the PS3 kept reading it as unavailable, Once I set up the DMZ to my PS3's static IP address the PS3 reads UPnP as available.

Do I have to worry about trojans if I don't install Linux OP? wouldn't the trojan most likely be written for a windows environment anyway(I don't know the answer)

Also do I need to set up static IP addresses for my other wireless devices (like 3 pcs) and psp so that they don't get assigned the PS3's IP address or will the router know not to give out that address to any other device?

So far, with my Linksys, using UPnP has been just fine, unlike my 360's UPnP support. :/

I would rather use UPnP, since the game asks for ports X-Y to be opened, and then lets go of them when it is done. Much better than just opening up a DMZ, IMO. The security issue comes into place that a trojan or worm /could/ ask for ports to open, but in the case of Windows worms/trojans, protecting your inbound ports is worthless anyways since these nasty guys tend to call out to their writers, not have the writer call in. They tend to assume they are behind a firewall, so they don't even try to open ports.

My advice to you: If you are going to use uPnP, make sure all your Windows PCs don't have uPnP enabled.
When you enable uPnP at the level of your router, you allow any uPnP-enabled device in your network to open ports as they see fit and without notice.
Considering how secure Windows PCs tend to be, you don't want any virus or trojan to be opening ports that should not be open.

Check this page for a tool that allows you to disable uPnP in Windows:

http://www.grc.com/unpnp/unpnp.htm

for some reason I had UPnP enabled and the PS3 kept reading it as unavailable, Once I set up the DMZ to my PS3's static IP address the PS3 reads UPnP as available.

Wow, yeah... some UPnP implementations on routers do suck. I take that back... almost all of them do. Not sure what else to say about that one.


Do I have to worry about trojans if I don't install Linux OP? wouldn't the trojan most likely be written for a windows environment anyway(I don't know the answer)

A trojan is much like the Trojan Horse... you have to let it in yourself. So you would have to download the app yourself and run it. Any virus/trojan would also have to be written SPECIFICALLY for the PS3, or PowerPC Linux in order to actually do damage. Sony's OS is locked down tighter than a guy going for his first prostrate exam, and with Linux's popularity mostly being on x86, there isn't much out there that will pose a threat.

That may change, however, so just keep an eye out for reports every so often, and only download software from sources you are willing to trust when running Linux, and you should be fine.


Also do I need to set up static IP addresses for my other wireless devices (like 3 pcs) and psp so that they don't get assigned the PS3's IP address or will the router know not to give out that address to any other device?

Here is how I solve that problem: I configure the router so that I have two parts of my address space: one which the router is allowed to assign, one that it isn't. Any static IPs go in the second area. This way you can avoid clashes. My printer server, router, and file server are all static IP (x.x.x.1-.39 for example), and everything else is dynamic (x.x.x.40-.254).

for some reason I had UPnP enabled and the PS3 kept reading it as unavailable, Once I set up the DMZ to my PS3's static IP address the PS3 reads UPnP as available.

Do I have to worry about trojans if I don't install Linux OP? wouldn't the trojan most likely be written for a windows environment anyway(I don't know the answer)

Also do I need to set up static IP addresses for my other wireless devices (like 3 pcs) and psp so that they don't get assigned the PS3's IP address or will the router know not to give out that address to any other device?

Don't worry about trojans or viruses on the PS3 at this time.

In a DHCP environment, it is always possible to have clients configured statically.
To use the DMZ feature, it's better to configure the PS3 statically.
Your other devices can continue using DHCP.

Your router has some kind of Web site built into it. You can access it using a Web browser at a certain address, often "http://192.168.1.1", once there you can put the IP address of your console in the DMZ field or check the box near "Enable uPnP".I know, thats what I meant by logging in to the router. How do you find the IP address of your console? I thought IP addresses are always changing, since I have several network devices on 1 cable modem.

Whats the DMZ field?

That stuff that you reccommended to do above, what will that do?

Don't worry about trojans or viruses on the PS3 at this time.

In a DHCP environment, it is always possible to have clients configured statically.
To use the DMZ feature, it's better to configure the PS3 statically.
Your other devices can continue using DHCP.


That's what I thought about trojans, not many people out there who would be able to create a virus for the PS3's OS.

So the router knows not to assign the PS3's static IP to any of my other devices [ those that are getting assigned random IPs via DHCP, correct?


ROCKO
as I understand it the router via DHCP randomly assigns an IP address but only the last 3 numbers are random - to clarify - the router's address is 192.168.1.1 for example anything connecting through the router will get an address that is 192.168.1.XXX where each device gets a random XXX.
You have to go into that specifc device and tell it to always take a specific address of your chosing ie 192.168.1.101 or whatever 3 numbers - on the PS3 in network set up when you get to a point where you can chose between easy and custom chose custom and then enter the info (I cheated and also had my PS3 connected and tested the connection so that I could read off the other fields that you need to enter but those are constants subnet mask and etc...)
and then tell the router (by accessing it via its IP through a wired computer) to enable DMZ on the address you decided on.
so your PS3 when connecting will grab the static address everytime

Someone who has more knowledge on this matter please correct me if I am wrong (I'm learning as I go)

That's what I thought about trojans, not many people out there who would be able to create a virus for the PS3's OS.

So the router knows not to assign the PS3's static IP to any of my other devices [ those that are getting assigned random IPs via DHCP, correct?


Each router does this its own way. Most of them allow you to specify a range of addresses that are handled by HDCP. If such is the case, make sure your PS3's static IP address is not part of that range.

Each router does this its own way. Most of them allow you to specify a range of addresses that are handled by HDCP. If such is the case, make sure your PS3's static IP address is not part of that range.
Thanks

This also worked for me with my Netgear router wireless router.

I use
1. WEP ON
2. DMZ on set to the PS3 IP on my network
3. Forward ports 10070-10080 etc also(just in case)

Works very nice. Notice a difference in wireless connection speed right away.

Once i have made these changes I notice that my connection is much more smoother/no disconnects anymore and better pings to other users. I also notice much better browser speeds on my ps3.

I use Wep Key 3 on my network, does anyone know if the PS3 checks all keys, or just key 1?

Well, after considering all options...I put the PS3 in my DMZ.
All communications are secured using WPA PSK/AES, which is much more secure than WEP.
Since the PS3 is now in my DMZ, I no longer have to guess which ports I need to forward for any particular game or whatever.

I did the dmz setting as well but still having packet loss at 15 feet away. it's around a 14% loss everytime I do it. and at times will be 0%. I've all but given up.

I did the dmz setting as well but still having packet loss at 15 feet away. it's around a 14% loss everytime I do it. and at times will be 0%. I've all but given up.

I had 18% packet loss after installing 1.10. 1.11 didn't improve that.

The driver for the wireless chip must be busted.

That's why I plugged the PS3 into my client bridge via the Ethernet port.
So, at this time, I don't use the built-in wireless chip.

Average round trip time is 1.5 ms between my AP and the PS3.
Packet loss is 0%.
I am happy, although I would have bought the 20 GB model if I had known about their Wi-Fi hardware/software combo.

I thought I would post the recipe for a great client bridge here:

1) You buy this:

http://www.newegg.com/Product/Product.asp?Item=N82E16833124190

$66.99

2) You flash it with this:

http://www.dd-wrt.com/dd-wrtv2/ddwrt.php

3) You configure it using these instructions:

http://www.dd-wrt.com/wiki/index.php/Wireless_Bridge

You're done! You have a client bridge you can use to connect up to 5 devices.

Believe me, this works A LOT better than any overpriced wireless bridge or gaming adapter you can buy for a lot more money.

i copyed this from the online manuals.

The port numbers for PLAYSTATION®Network servers used for this are TCP: 80, 443, 5223 and UDP: 3478, 3479.

For the AV chat and online game play, the Direct communication with other PS3™ systems is used for data transmission during voice / video chat and online gaming. The port number used for this is UDP: 3658. However, you may need to use a different port number when you are connected using a NAT router.

http://manuals.playstation.net/document/en/ps3/current/settings/connecttest.html

Hoping that maybe someone can help me out here. I'm pretty computer literate, but I can't seem to figure this out.

I have a D-Link DGL-3400 wireless router that I have my PS3 connect to via ethernet. I've forwarded the ports listed earlier in this thread to the proper IP of my PS3 (192.168.0.111). I've also placed my PS3s IP in the DMZ and I've enabled uPNP on the router itself.

Now, after all that, I still get uPNP unavailable, and a NAT of "Type 2", which I believe is medium or restricted wheneverr I run the connection test.

Now it's important to note that I currently have no issues connecting to PSN, or downloading, or playing Resistance or Full Auto 2, but I'm curious why I'd be getting uPNP unavailable & a Type 2 listing for NAT.

i got that once and just unplugged and replugged my router, the restet seemed to fix the issue. but if you have no issues I wouldn't worry too much

All connections are initiated by the PS3, so you do NOT need to forward any ports put on a DMZ. By default, all firewalls/DSL routers, etc. do not block anything outbound.

In addition, you probably disabled UPnP by putting the PS3 into the DMZ. It is an Either - Or type of situation between DMZ and UPnP. Same with the Port Forwarding, it is not needed with a DMZ.

But, as noted if it works just be happy!

Thanks for the info guys! I'm going to reset my router to factory settings tonight and start from scratch to see how different settings affect the connection test.

With UPnP enabled, I shouldn't have to port forward, correct?