1. Knowledgebase
  2. Hytale
  3. How to Port Forward Hytale (Firewall & Router Setup Guide)

Categories

How to Port Forward Hytale (Firewall & Router Setup Guide)

Created by: Kurkin | Last modified: 20th January 2026

Complete guide to port forwarding and firewall configuration for Hytale dedicated servers

If you're hosting a Hytale server at home or on a VPS, you'll need to configure port forwarding and firewall rules so players can connect. This guide covers everything you need to know about Hytale ports, firewall setup, and router configuration.

Using LOW.MS? You don't need to worry about port forwarding or firewall rules — your server is already configured and ready for players to join.

What Port Does Hytale Use?

Hytale uses UDP port 5520 by default.

Key details:

  • Protocol: UDP (not TCP)
  • Default port: 5520
  • Technology: QUIC over UDP

Unlike many games that use TCP, Hytale uses the QUIC protocol which runs over UDP. This means you must forward UDP traffic, not TCP.

Do You Need to Port Forward?

You need port forwarding if:

  • You're hosting a Hytale server at home
  • Players outside your local network need to connect
  • You're running the server behind a router/NAT

You don't need port forwarding if:

  • You're using a hosting provider like LOW.MS
  • You're only playing on the same local network (LAN)
  • Your VPS/dedicated server has a public IP with no NAT

Step 1: Configure Windows Firewall for Hytale

Before configuring your router, make sure Windows Firewall allows Hytale traffic.

Option A: Allow via Windows Settings

  1. Open Windows Defender Firewall
  2. Click Allow an app or feature through Windows Defender Firewall
  3. Click Change settings (requires admin)
  4. Click Allow another app...
  5. Browse to your Hytale server folder and select HytaleServer.jar (or java.exe)
  6. Check both Private and Public boxes
  7. Click OK

Option B: Create Firewall Rule via PowerShell (Recommended)

Run PowerShell as Administrator and execute:

New-NetFirewallRule -DisplayName "Hytale Server UDP" -Direction Inbound -Protocol UDP -LocalPort 5520 -Action Allow

To verify the rule was created:

Get-NetFirewallRule -DisplayName "Hytale Server UDP"

Option C: Create Firewall Rule via GUI

  1. Open Windows Defender Firewall with Advanced Security
  2. Click Inbound RulesNew Rule...
  3. Select PortNext
  4. Select UDP and enter 5520Next
  5. Select Allow the connectionNext
  6. Check all profiles (Domain, Private, Public) → Next
  7. Name it "Hytale Server" → Finish

Step 2: Configure Linux Firewall for Hytale

Using UFW (Ubuntu/Debian)

sudo ufw allow 5520/udp
sudo ufw reload
sudo ufw status

Using iptables

sudo iptables -A INPUT -p udp --dport 5520 -j ACCEPT

To make the rule persistent (varies by distro):

# Debian/Ubuntu
sudo apt install iptables-persistent
sudo netfilter-persistent save

# CentOS/RHEL
sudo service iptables save

Using firewalld (CentOS/RHEL/Fedora)

sudo firewall-cmd --permanent --add-port=5520/udp
sudo firewall-cmd --reload

Step 3: Port Forward on Your Router

Router interfaces vary by manufacturer, but the general steps are similar.

General Steps

  1. Find your router's admin page

    • Usually 192.168.0.1 or 192.168.1.1
    • Check the sticker on your router for the address

  2. Log in with your router credentials

  3. Find Port Forwarding settings

    • Look for: "Port Forwarding", "NAT", "Virtual Servers", or "Applications"
    • Location varies: often under "Advanced", "Gaming", or "Firewall"

  4. Create a new port forward rule:

    • Service Name: Hytale Server
    • Protocol: UDP (important - not TCP!)
    • External Port: 5520
    • Internal Port: 5520
    • Internal IP: Your server PC's local IP (e.g., 192.168.1.100)

  5. Save and apply changes

Finding Your Server's Local IP

Windows:

ipconfig

Look for "IPv4 Address" under your active network adapter.

Linux:

ip addr
# or
hostname -I

Using a Custom Port

If you want to use a different port (e.g., 25565), configure both:

  1. Router: Forward UDP traffic on your chosen port to your server
  2. Server: Start with --bind 0.0.0.0:25565
  3. Firewall: Allow the custom port instead of 5520

Step 4: Test Your Port Forward

Online Port Checkers

Use a site like canyouseeme.org or yougetsignal.com:

  1. Enter your public IP
  2. Enter port 5520
  3. Make sure your Hytale server is running
  4. Click check

Note: Many port checkers test TCP by default. Since Hytale uses UDP, these may show "closed" even when configured correctly. The best test is having a friend try to connect.

Test from Another Network

The most reliable test:

  1. Have a friend (on a different network) try to connect
  2. Or use your phone's mobile data (not WiFi) to test

Common Port Forwarding Issues

"Port appears closed" but server is running

  • Wrong protocol: Make sure you forwarded UDP, not TCP
  • Firewall blocking: Check both Windows/Linux firewall AND router firewall
  • Server not listening: Confirm the server started without errors
  • Wrong internal IP: Your PC's IP may have changed (use static IP or DHCP reservation)

Double NAT

If you're behind two routers (e.g., ISP modem + your router), you need to:

  • Put the ISP modem in "bridge mode", or
  • Forward ports on BOTH devices

Carrier-Grade NAT (CGNAT)

Some ISPs use CGNAT, which means you share a public IP with other customers. Port forwarding won't work in this case.

Solutions:

  • Contact your ISP to request a public IP
  • Use a VPN with port forwarding support
  • Use a hosting provider like LOW.MS

Symmetric NAT

Some routers use symmetric NAT which can cause issues with QUIC/UDP connections. If players can't connect despite correct settings:

  • Try enabling "NAT loopback" or "hairpin NAT" if available
  • Consider using a VPS or hosted server instead

Why Hosted Servers Don't Need Port Forwarding

When you use a hosting provider like LOW.MS:

  • Your server has a public IP address directly
  • No router/NAT between players and your server
  • Firewall is pre-configured
  • No port forwarding required

This is one of the main advantages of hosted servers — you skip all the networking complexity and players can connect immediately.

Quick Reference

Setting Value
Default port 5520
Protocol UDP
Technology QUIC
Firewall rule Allow UDP 5520 inbound
Router forward UDP 5520 → Server IP

Still Having Issues?

If players still can't connect after configuring port forwarding:

  1. Check our Failed to Connect troubleshooting guide for other causes
  2. Verify server authentication — the server must be authenticated before accepting connections
  3. Try a different port — some ISPs block common gaming ports
  4. Contact your ISP — they may be able to help with NAT or provide a public IP

For the easiest experience, consider LOW.MS Hytale hosting — no port forwarding, no firewall configuration, just start playing.

Looking for a reliable hytale Server Hosting Solution? Managing your server has never been easier. Host your hytale server with LOW.MS and enjoy a seamless gaming experience.

Want to know more?

We'll be happy to answer any questions you may have. Get in touch!

Contact Us