the forums at

HOWTO: Port Triggering w/ Linksys BEFSR41 (maybe others)
Page 1 of 3

Author:  Silphion [ Mon Mar 15, 2004 12:10 am ]
Post subject:  HOWTO: Port Triggering w/ Linksys BEFSR41 (maybe others)

Certain people prefer the idea of leaving their computer stealthed or firewalled. And yet, as theSHAD0W has pointed out, being Firewalled/NAT-Stealthed is bad when it comes to BT. So, we have to open ports. But some of us don't wanna open ports all the time.

Others have our computers set up for DHCP, maybe for a reason, but they do. They don't set a permanent LAN I.P. address.

This is where Port-Triggering comes in. If your Router, such as the Linksys BEFSR41 supports Port Triggering, you can have the ports turned on for only as long as you use Bit-Torrent.

Here's how:
  1. Log on to your Router (usually through your browser, with the address,, or, etc. Check your owners manual). For Linksys Routers, this is going to be
  2. Type in your password, and all that jazz.
  3. For Linksys Routers, find the FORWARDING page. Other routers will see this as NAT -> VIRTUAL SERVER
  4. Linksys, click the "Port Triggering" Button you will see. Other users try to find something similar, "Application Ports/Triggers", etc., not your standard virtual server.
  5. On a new, blank field, enter "BitTorrent" as your application name. (This doesn't matter really, but it makes it easy to identify)
  6. Your Trigger Port range will be 6881-6889, if you must specify: it's TCP.
  7. Your incoming or private port range will be your client's range. By default, 6881-6889 or 6881-6999 should be fine.
  8. Click OK/APPLY/SAVE, then leave and return to the page to make sure the settings sticked.
  9. Log out of your router, and enjoy remaining secure while still getting full use of Bit-Torrent.

Whenever you connect to a peer in the trigger range, your router will automatically open up and forward the ports for you. Once you close Bit-Torrent, the router will close up your ports again. This will work regardless of your I.P. address.

Unless, of course... you have two computers using bit-torrent at once beneath the same router. I'll let you experiment and play with that one. (Hint, don't make the trigger/client ports the same).

EDIT: I've come to realize that some people also open up standard forwards to make sure it works. This is not necessary, you do not have to set up standard port-forwards, as the Port Triggering will take care of that for you. If you use standard Port-Forwarding, Port Triggering will not work as it should.

Author:  TheSHAD0W [ Mon Mar 15, 2004 9:38 am ]
Post subject: 

Great idea, Silphion! This won't work if you're using more than one computer with BitTorrent, I'm afraid; there's no mutually exclusive port trigger range you can use. But it's still very nice.

Author:  Silphion [ Mon Mar 15, 2004 11:04 am ]
Post subject: 

Actually, an idea is to have one computer only use 6881 as its trigger port, another computer use 6882 as its trigger, and so on. As long as your BT connects to a peer with that port as its client, then the router will trigger and open up the necessary ports.

Author:  bytetorrent [ Mon Mar 15, 2004 8:48 pm ]
Post subject: 

What would happen if your client tries to connect out on both 6881 and 6882 to peers who may have any part of the 6881 through 6999 range in use? It would then map both of your trigger ports to one computer and you are still back to the problem of it only working with one computer at a time.

Author:  Silphion [ Tue Mar 16, 2004 5:37 pm ]
Post subject: 

This is true. In the end, port-triggering only works for one computer at a time. Ah well, thanks for pointing that out, I forgot about such a possibility.

Then again, under such a situation, a smart group of networkers would set up one computer to be your main "download and upload junkie", and all other computers draw their files from that one. ^_^

On the other hand, two-computers using BT at once will probably slow down both downloads, unless you're on a REALLY fast connection. So it's best just to take turns getting downloads. It's what my room-mate and I do.

Thanks for reading this post, anyway. Hope it helps you guys.

Author:  Vaughn [ Sun Mar 28, 2004 10:35 am ]
Post subject: 

Why don't you all just put your computer into the DMZ zone? I mean you'll be out of the firewall for that computer and forward another port for another computer on your net work. All yougotta do then is get a Firewall protection program like Zonealarm to control what goes in and out of yoru system?

Author:  dclark [ Thu Apr 01, 2004 2:47 am ]
Post subject: 

The dmz setup that you were talking about above will not work like you are expecting. When you only have one external ip address, you can only forward one set of ports from that ip address. The dmz is basiclly just forwarding all the ports on the external ip address. When you enable dmz and do portforwarding at the same time, its just like trying to forward the same ports to two computers. Basiclly you run into problems.

But you have other options. If you want to torrent to multiple computers on your network, there are a couple things that you can do.

You can quit having your router do nat. Usually you would set your connection up as a bridge. When your router is in bridging mode, it acts just like a hub. Meaning it wouldn't really be doing any routing at all. Then you could purchase a couple public ip addresses from your isp. In this type of configuration every computer on your network would have its own public ip address. Every computer would have a full set of ports available for its use.

Another option would be to have your isp route several public ip addresses to your router. Then instead of having one external ip address, you would have multiple external ip addresses. You could then have the nat portion of your router forward one external ip address, to one internal ip address. Basiclly this works like a dmz, with multiple ip addresses.

Really to run torrent on mulitple machines, you just need to somehow have multiple external ip addresses. After you have them then you need to route them, or their ports to each machine you are BTin from.

Well I hope all that helped.


Author:  Ann-e-O [ Wed Apr 07, 2004 8:12 am ]
Post subject:  Is there a 2 minute window after a trigger event ?

I have read at another web site about a Linksys routers (BEFSR41 - firmware v1.39.2) and port triggering.

I read that there is a 2 minute period after a trigger event that the dynamic mapping for the designated port range remains active. If I understand the advice correctly then if no Remote connection is initiated at one of the target ports within 2 min the mapping expires and the target port range goes stealth or closed once again.

With the Shadow BitTorrent client S-5.8.11 I have observed via the Advanced window that it may take several minutes to an hour or more before the first Remote connection appears.

So I had reasoned that (static) Port Forwarding is the only practical solution to using the BT client.

Is somebody willing to confirm whether or not there is a 2 minute window of opportunity following a trigger event?

I cannot because my BEFW11S4 v2 router (firmware v1.42.7) is not succesfully Port Triggering.

Author:  Bossman [ Sun Apr 11, 2004 8:28 am ]
Post subject: 

I've found a quick and dirty way of getting the firewall in Linksys routers to work. You have to disable UPnP (there's two UPnP settings, the one I'm talking about is not the UPnP Forwarding settings) on the router. I've got a Linksys BEFW11S4 with version 1.50.10 firmware, so you might have to do some exploring with the BEFSR41's.

Here's what you do (for the BEFW11S4 v. 1.50.10):
1. Log into the router setup tool (
2. Click on Administration.
3. It should already be on the Management tab, so scroll down to the UPnP settings and select Disable.
4. Click Save settings.

No port forwarding is necessary for this, and I've gotten green lights on Torrents in under 10 seconds. It also works with other problems, like DirectPlay. The catch is, I have no idea what it does to circumvent the firewall. Anybody know what disabling UPnP does?

Author:  Silphion [ Mon Apr 12, 2004 9:46 am ]
Post subject: 

Honestly, it doesn't.

UPnP is something Windows uses to automatically open and close ports as their being used. In short, the firewall is only opened if the application immediatly uses the ports in question.

Disabling UPnP shouldn't have any effect other than to make the firewall MORE secure, not less. Very odd.

Unless, of course, something else is using the same ports as your Port Triggering setup. Like MSMessenger or something.

Author:  Bossman [ Tue Apr 13, 2004 11:18 am ]
Post subject: 

Silphion wrote:
Honestly, it doesn't.

UPnP is something Windows uses to automatically open and close ports as their being used. In short, the firewall is only opened if the application immediatly uses the ports in question.

Disabling UPnP shouldn't have any effect other than to make the firewall MORE secure, not less. Very odd.

Unless, of course, something else is using the same ports as your Port Triggering setup. Like MSMessenger or something.

I guess I have to be more specific, but it's going to be hard since the router in question is at my parent's house, and I'm at college now. I won't have access to it until the middle of May, so I can't fiddle with it now.

The router's management tool has two pages with settings that mention UPnP. The first page is under Security, and is called UPnP Forwarding. This is what sounds like Windows opening and closing ports as certain applications are used. The other page is called Management, and it appears under Administration. This is the page where I can change the password for the router, and underneath that is a setting called UPnP, with two options: Enable and Disable. When I have it on Enable, I get a yellow light that doesn't go away. When I have it on Disable, BitTornado's status light goes to green within seconds of starting a torrent. The same thing happens with older games that use DirectPlay to play over the Internet: works on Disable, but not on Enable. The help page for this is very vague; it says it has something to do with connecting a computer to the network, but nothing about the firewall.

Author:  juzu [ Fri Apr 30, 2004 9:42 am ]
Post subject: 

does the port triggering work with wireless network ? coz i forwarded ports for my laptop for BT but it does not seem to work .. i stll got a yellow signal ...anyone coul d offer any suggestion ?

Author:  shygril [ Wed May 05, 2004 6:11 am ]
Post subject:  how 2 log on 2 my router

can any1 plaezs tell me how i log on 2 my router and how i trigger my ports i havent a clue where to start

Author:  User [ Fri May 07, 2004 12:32 pm ]
Post subject: 

I have a linksys BEFSR41's and befor i update the fireware it seem i was in the green but now that i update from v4 to v5 its all yellow. Anyway I did try what both of said but im still in the yellow?

Author:  Helter [ Wed May 12, 2004 4:00 am ]
Post subject: 

Goddangit but there's something to be said about connecting to the dirty side of the router and slapping Zonealarm on it, wouldntcha say. No muckin about with port thingys and whatnots.
It's ideal for simple folk like me my pa' and brother Jed. We jez wannna git ahr hands on some o them thar pictures wi nekkid women on wi'owt muckin round lerking fer dem dang port things. :wink:

Page 1 of 3 All times are UTC - 7 hours [ DST ]
Powered by phpBB® Forum Software © phpBB Group