In order to host your own MTA Server, you'll need to forward ports for others to be able to see your server, and join it. If ports are not forwarded properly, other players cannot connect, and your server will feel empty. Additionally, the output of "openports" command in server console would be:
Testing ports...
Port 22126 UDP is closed. Players can not browse!
Port 22003 UDP is closed. Players can not join!
Port 22005 TCP is closed. Players can not download!
Instructions
Locate your network's router or modem physically and look on the back to read its model number/type, then search on Google:
Quote
port forwarding [router model number]
as there will always be an official manual and tailored guides to forward ports. You'll have to forward (and possibly port-trigger) MTA server ports as they are defined in mtaserver.conf (ex. C:\Program Files (x86)\MTA San Andreas 1.5\server\mods\deathmatch > mtaserver.conf), if said file is unmodified then these are the default ports to forward:
22003 UDP (main server port)
22126 UDP (because the server browser port is value from <serverport> + 123, it can differ based on main server port which is 22003 by default)
22005 TCP (internal HTTP resource download port)
If you can't find your router's make and model, you can try a generic method of forwarding (of which details can deviate), follow these instructions:
1) open cmd (commandprompt) from start > type 'cmd' in search or start > run > cmd, make sure to run "as Administrator"
Type this in cmd:
ipconfig /all
It will output a table of addresses; locate and copy "Default gateway" and "DHCP server" addresses into a text file.
2) open your web browser, and paste & navigate to both addresses like you would if that IP address was a website.
You will most likely end up on the configuration interface (or login screen) of your router. If you need to login, look if they are on back of your router (sticker placed on it) and if they're not, search this on Google:
Quote
router login [router model number] or
router admin pass [router model number]
If there's no known login credentials for your router, try (a combination) of these, both as username (account) and password:
username: admin
password: admin
username: blank (don't enter)
password: admin
username: blank (don't enter)
password: blank (don't enter)
* press login without entering anything, it may ask you to set a new password immediately
username: provider/ISP name (abbrevation)
password: provider/ISP name or blank, or your local translation of the word 'wireless' or 'internet'
for the places where username 'admin' is mentioned, you should also try the variant 'Administrator' and 'administrator' (with and without capital letter)
As those are the most common login credentials, trying them all has a success rate of 80%. If none of them work, call your ISP, or do a more extensive web search, it should definately be documented (or figured out by someone else on the web) how to log in to your router's configuration panel. Also try searching in your own language.
3) If you successfully logged in, you'll see the configuration interface. It has plenty of tabs for various settings, you should focus on finding the ones relevant for port-forwarding.
Now we're going to actually forward the ports:
- Click each category (for example: Network, advanced, security/firewall, administration) until it folds out and shows something like "Port forwarding" or "Applications". It doesn't hurt to be scrolling the categories, even in places you don't expect the forwarding page to be, until you found it. It should be there.
If you found it, then create a new rule/port number entry and link the correct protocol (or if you don't get it, "both" UDP and TCP") as the corresponding type is listed earlier in my post, up here.
Reminder/TLDR: by default, they are 22003 UDP, 22126 UDP, and 22005 TCP. If it asks for port ranges, do it like this: 22003-22003, 22126-22126, 22005-22005.
If you don't see a list or form that fits this description, but rather have an "Applications" tab, then go there and create a new entry. Name it "MTA Server" and enter in the correct ports, most often as ranges. Fill out everything that it requires to save, and save & apply.
Note: Make sure to reboot your router after setting up the forwarding (or after each troubleshooting step later in this tutorial).
4) Major pitfall (cause of problems): If the forwarding entries table has a field that refers to the client (PC you're going to use for hosting MTA server) by MAC address or local IP address (192.168.x.x), then add it so it will link the forward, as the ports will only be forwarded on said PC If it allows you to select and link a device from a list (most often appearing as computer names), then do so. Otherwise, use the MAC address given in the earlier ipconfig /all command output, or if it asks for local IP address only, then take it from the same place, but directly afterwards you should take steps to ensure said local IP will be static to your host PC, because otherwise it will work only once or randomly (when your PC happens to "lease" said IP, getting it assigned).
To set the static lease, find a category relevant to "DHCP server" or gateway settings, in your router configuration panel tabs. Enter the current local IP address (which you entered in the forwarded ports table too) and your network card's MAC address from the previously mentioned command output. Apply & save. Now, your forwarded ports should (keep) working on said PC which will be used to host MTA server.
Restart your router. Test if MTA Server has its ports forwarded by starting it up and writing "openports" into the server console, or alternatively with https://nightly.multitheftauto.com/ports
TROUBLESHOOTING
If it doesn't work, go back into your router configuration and try these workarounds:
1) Locate the internal router firewall settings and lower its level (like, set it to Low so it's less aggressive) or disable it.
2) Make sure MTA server isn't being limited or having its traffic blocked by the firewall on your host PC. If you have a third-party firewall (or complete security product with both anti-virus and firewall or 'internet security'), open it and whitelist MTA Server.exe in a new or existing rule, set it to allow all traffic and activities from it. If this doesn't make it work, completely and temporarily disable the security software to try again and see if the issue was related. If MTA server now works, scrutinize your PC firewall's settings again or use another.
If you don't use such security software, or you do but the last steps didn't work, then also check Windows Firewall (it can even run together with your security software firewall which means you gotta whitelist on both). Go to start menu > type "Windows Firewall" or "Windows Defender Firewall" or alternatively Control Panel > Windows Firewall ("with Advanced Security") and then go to its advanced settings. Now, whitelist the MTA Server.exe process like previously explained, in Windows Firewall (both inbound and outbound connection categories)
If none of the above options work, you will have 3 last resort steps to take, in sequence:
- See if something called "port triggering" is in your router's configuration panel. If it is, then it possibly relies on it for forwarding. "Trigger" the same ports that you "forwarded" earlier, but also keep the forwarding entries.
- Add the host PC to DMZ zone. Find the relevant setting in the router configuration interface, most often it's under the "Firewall" or security categories. Now add your local IP or MAC address to make it a DMZ host.
*Note: enabling DMZ basically opens all ports, exposing your host PC to the internet and therefore presenting a security risk. This step is most suitable to probe where the problem is; if it suddenly works, then you most likely did something wrong in the process of forwarding. It's not advised to settle for it and keep DMZ enabled on your device.
If even DMZ doesn't make it work (given that your forwarding & DMZ device is properly pointing to the host PC, as explained in the DHCP lease/static local IP chapter up in this topic), then the problem is more likely to be with your PC and its network configuration, or otherwise the network infrastructure: it's possible that the router you're configuring (forwarding in) isn't the only device between your PC and the network line that goes to your house. If there's a second router, network (edge) switch, or modem-like router that is between the internet signal and the main wireless (WiFi) router, like is sometimes the case, then you may need to forward ports on both of them and eventually trigger ports to the second router after forwarding them on the directly connected modem. For more information on that scenario, open below spoiler:
Spoiler
If the above applies, you can attempt to simplify your network by taking out the possibly abundant router/modem, if it's not neccesary for TV signal or if said modem that is directly connected also features WiFi connections when you enable it in its configuration. This scenario is the most common reasons why networks are sometimes overcomplicated with an unnecesary second device. But obviously, when you're only forwarding ports on the router that gets its signal from yet another router or modem, it is already 'too late' in the chain of networking, as the traffic was already processed (non-forwarded) by the main router receiving the signal from your home (DSL) line. This is also where it gets complicated, so before changing anything or trying to simplify your network infrastructure, it's advised to ask someone that you know is experienced with networks, for help or advise/more details on what to do. It should however be safer and simpler to try the same procedure as the forwarding guide in the main part of this topic, on the main router/what we now called modem; if it doesn't feature wireless connection, use a LAN cable in order to reach and log-in to it like you did with the Wifi router earlier, using the DHCP server address or the model-specific guide.
If you don't have a second router/modem, DMZ doesn't make it work, and neither did any of the forwarding & port triggering instructions listed in this topic (so basically you forwarded and also tried all the listed workaround and troubleshooting methods, including reviewing your firewall settings), then there's a good chance you're still doing something wrong. Consult with someone you know is experienced with networks or technical matters (IT) in general, and ask for help or advise.
The ultimate last resort, also in the case you're not doing anything wrong, is calling your ISP (internet provider) and describing the problem and steps taken. You could also ask for a new router, the latest model issued to new customers. However, as I indicated, the chance it's on your and not on their end, is higher.
I hope this guide helped. I still advise to stick to the router model-specific forwarding instructions that can be found on the web/internet provider's documentation, rather than using my generic methods for the steps from logging in to actually forwarding the ports. I cannot guarantee you'll succeed with the generic guide for the millions of router devices that exist, it's simply a culmination of personal knownledge.
Question
Dutchman101
PORT FORWARDING GUIDE
In order to host your own MTA Server, you'll need to forward ports for others to be able to see your server, and join it. If ports are not forwarded properly, other players cannot connect, and your server will feel empty. Additionally, the output of "openports" command in server console would be:
Testing ports...
Port 22126 UDP is closed. Players can not browse!
Port 22003 UDP is closed. Players can not join!
Port 22005 TCP is closed. Players can not download!
Instructions
Locate your network's router or modem physically and look on the back to read its model number/type, then search on Google:
as there will always be an official manual and tailored guides to forward ports. You'll have to forward (and possibly port-trigger) MTA server ports as they are defined in mtaserver.conf (ex. C:\Program Files (x86)\MTA San Andreas 1.5\server\mods\deathmatch > mtaserver.conf), if said file is unmodified then these are the default ports to forward:
22003 UDP (main server port)
22126 UDP (because the server browser port is value from <serverport> + 123, it can differ based on main server port which is 22003 by default)
22005 TCP (internal HTTP resource download port)
If you can't find your router's make and model, you can try a generic method of forwarding (of which details can deviate), follow these instructions:
1) open cmd (commandprompt) from start > type 'cmd' in search or start > run > cmd, make sure to run "as Administrator"
Type this in cmd:
ipconfig /allIt will output a table of addresses; locate and copy "Default gateway" and "DHCP server" addresses into a text file.
2) open your web browser, and paste & navigate to both addresses like you would if that IP address was a website.
Examples: http://192.168.2.1, http://192.168.2.254 (also, both are very common)
You will most likely end up on the configuration interface (or login screen) of your router. If you need to login, look if they are on back of your router (sticker placed on it) and if they're not, search this on Google:
If there's no known login credentials for your router, try (a combination) of these, both as username (account) and password:
As those are the most common login credentials, trying them all has a success rate of 80%. If none of them work, call your ISP, or do a more extensive web search, it should definately be documented (or figured out by someone else on the web) how to log in to your router's configuration panel. Also try searching in your own language.
3) If you successfully logged in, you'll see the configuration interface. It has plenty of tabs for various settings, you should focus on finding the ones relevant for port-forwarding.
Now we're going to actually forward the ports:
- Click each category (for example: Network, advanced, security/firewall, administration) until it folds out and shows something like "Port forwarding" or "Applications". It doesn't hurt to be scrolling the categories, even in places you don't expect the forwarding page to be, until you found it. It should be there.
If you found it, then create a new rule/port number entry and link the correct protocol (or if you don't get it, "both" UDP and TCP") as the corresponding type is listed earlier in my post, up here.
Reminder/TLDR: by default, they are 22003 UDP, 22126 UDP, and 22005 TCP. If it asks for port ranges, do it like this: 22003-22003, 22126-22126, 22005-22005.
If you don't see a list or form that fits this description, but rather have an "Applications" tab, then go there and create a new entry. Name it "MTA Server" and enter in the correct ports, most often as ranges. Fill out everything that it requires to save, and save & apply.
Note: Make sure to reboot your router after setting up the forwarding (or after each troubleshooting step later in this tutorial).
4) Major pitfall (cause of problems): If the forwarding entries table has a field that refers to the client (PC you're going to use for hosting MTA server) by MAC address or local IP address (192.168.x.x), then add it so it will link the forward, as the ports will only be forwarded on said PC If it allows you to select and link a device from a list (most often appearing as computer names), then do so. Otherwise, use the MAC address given in the earlier ipconfig /all command output, or if it asks for local IP address only, then take it from the same place, but directly afterwards you should take steps to ensure said local IP will be static to your host PC, because otherwise it will work only once or randomly (when your PC happens to "lease" said IP, getting it assigned).
To set the static lease, find a category relevant to "DHCP server" or gateway settings, in your router configuration panel tabs. Enter the current local IP address (which you entered in the forwarded ports table too) and your network card's MAC address from the previously mentioned command output. Apply & save. Now, your forwarded ports should (keep) working on said PC which will be used to host MTA server.
Restart your router. Test if MTA Server has its ports forwarded by starting it up and writing "openports" into the server console, or alternatively with https://nightly.multitheftauto.com/ports
TROUBLESHOOTING
If it doesn't work, go back into your router configuration and try these workarounds:
1) Locate the internal router firewall settings and lower its level (like, set it to Low so it's less aggressive) or disable it.
2) Make sure MTA server isn't being limited or having its traffic blocked by the firewall on your host PC. If you have a third-party firewall (or complete security product with both anti-virus and firewall or 'internet security'), open it and whitelist MTA Server.exe in a new or existing rule, set it to allow all traffic and activities from it. If this doesn't make it work, completely and temporarily disable the security software to try again and see if the issue was related. If MTA server now works, scrutinize your PC firewall's settings again or use another.
If you don't use such security software, or you do but the last steps didn't work, then also check Windows Firewall (it can even run together with your security software firewall which means you gotta whitelist on both). Go to start menu > type "Windows Firewall" or "Windows Defender Firewall" or alternatively Control Panel > Windows Firewall ("with Advanced Security") and then go to its advanced settings. Now, whitelist the MTA Server.exe process like previously explained, in Windows Firewall (both inbound and outbound connection categories)
If none of the above options work, you will have 3 last resort steps to take, in sequence:
- See if something called "port triggering" is in your router's configuration panel. If it is, then it possibly relies on it for forwarding. "Trigger" the same ports that you "forwarded" earlier, but also keep the forwarding entries.
- Add the host PC to DMZ zone. Find the relevant setting in the router configuration interface, most often it's under the "Firewall" or security categories. Now add your local IP or MAC address to make it a DMZ host.
*Note: enabling DMZ basically opens all ports, exposing your host PC to the internet and therefore presenting a security risk. This step is most suitable to probe where the problem is; if it suddenly works, then you most likely did something wrong in the process of forwarding. It's not advised to settle for it and keep DMZ enabled on your device.
If even DMZ doesn't make it work (given that your forwarding & DMZ device is properly pointing to the host PC, as explained in the DHCP lease/static local IP chapter up in this topic), then the problem is more likely to be with your PC and its network configuration, or otherwise the network infrastructure: it's possible that the router you're configuring (forwarding in) isn't the only device between your PC and the network line that goes to your house. If there's a second router, network (edge) switch, or modem-like router that is between the internet signal and the main wireless (WiFi) router, like is sometimes the case, then you may need to forward ports on both of them and eventually trigger ports to the second router after forwarding them on the directly connected modem. For more information on that scenario, open below spoiler:
If the above applies, you can attempt to simplify your network by taking out the possibly abundant router/modem, if it's not neccesary for TV signal or if said modem that is directly connected also features WiFi connections when you enable it in its configuration. This scenario is the most common reasons why networks are sometimes overcomplicated with an unnecesary second device. But obviously, when you're only forwarding ports on the router that gets its signal from yet another router or modem, it is already 'too late' in the chain of networking, as the traffic was already processed (non-forwarded) by the main router receiving the signal from your home (DSL) line. This is also where it gets complicated, so before changing anything or trying to simplify your network infrastructure, it's advised to ask someone that you know is experienced with networks, for help or advise/more details on what to do. It should however be safer and simpler to try the same procedure as the forwarding guide in the main part of this topic, on the main router/what we now called modem; if it doesn't feature wireless connection, use a LAN cable in order to reach and log-in to it like you did with the Wifi router earlier, using the DHCP server address or the model-specific guide.
If you don't have a second router/modem, DMZ doesn't make it work, and neither did any of the forwarding & port triggering instructions listed in this topic (so basically you forwarded and also tried all the listed workaround and troubleshooting methods, including reviewing your firewall settings), then there's a good chance you're still doing something wrong. Consult with someone you know is experienced with networks or technical matters (IT) in general, and ask for help or advise.
The ultimate last resort, also in the case you're not doing anything wrong, is calling your ISP (internet provider) and describing the problem and steps taken. You could also ask for a new router, the latest model issued to new customers. However, as I indicated, the chance it's on your and not on their end, is higher.
I hope this guide helped. I still advise to stick to the router model-specific forwarding instructions that can be found on the web/internet provider's documentation, rather than using my generic methods for the steps from logging in to actually forwarding the ports. I cannot guarantee you'll succeed with the generic guide for the millions of router devices that exist, it's simply a culmination of personal knownledge.
Link to comment
3 answers to this question
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now