What is Router Port Forwarding?

Port Forwarding for Beginners

Port forwarding is a method of allowing Internet data to flow more swiftly and efficiently to a certain computer, device or application. If you've ever had a problem with video game latency, security camera monitoring device (DVR, NVR or IP Camera) or an app (such as Skype or Netflix) failing to connect to the server or poor connection issues, port forwarding can really help and solve your problem.

It's easier to grasp how your home network connects with the Internet if you have a technical understanding of port forwarding. If you don't care about any of this, simply navigate to your router's port forwarding area.

What is NAT (Network Address Translation)?

Each Internet-connected gadget has its own IP address. This IP address is needed to inform the server which device is receiving the data ("packets").

Each IP address is further divided into ports. These ports tell the device to which application the packet will be sent.

When your computer tries to access google.com, it connects to Google's IP address, which is 74.125.224.7. In order for your browser to connect to the Google web server program, it must do so over port 80, which is a standard port for sending HTTP data (i.e., web pages). So, when you go to Google.com network in your browser, you're actually linked to 74.125.224.72 : 80. ( ipaddress: port ).

Consider it as though you were writing a letter to a 1,000-person office building. Putting a street address on an envelope sends it to the post office, but the post office has no idea who will receive the letter among its tens of thousands of employees. As a result, you include the address alongside ATTN: Mr. Steve. That way, the post office will know to deliver it to Mr. Steve immediately away. The worker had to walk up and down the cubes, asking if anyone was expecting a letter from the sender without the ATTN mail. It's possible he would have never located the intended recipient.

A router is most likely the equipment that connects your home to the Internet. Your router, like the post office in an office building, serves as a link between all of your computers, smartphones, and tablets, as well as the Internet. The router accomplishes this by allocating private IP addresses to each device on the network. On the Internet, these secret IP addresses are not visible. Rather, all packets meant for your computer are transmitted through a router, which selects which computer receives what. This is referred to as Network Address Translation (NAT).

What is the use of Port Forwarding?

One of NAT's drawbacks is that Internet servers and clients are unaware of your computer's private IP address. As a result, they are unable to deliver data directly to your computer. Instead, they transmit it to your router in the hopes that it would resolve the issue. It is classified in broad applications and sorted out (eventually).

However, in less frequent applications like games and peer-to-peer clients, the router may be unable to determine which machine needs to receive the data, causing the connection to fail (return to the sender). This is where you'll find port forwarding valuable.

Router port forwarding is a method of instructing a router to send data sent on a specified port to a certain machine or device. Returning to the post office analogy, it would be equivalent to sending an organization chart to the post office containing all of the building's employees' names, units, and roles.

When the mail arrives ATTN: Mr. Steve, they can glance at the organization chart and spot Steve's name at the top of the ladder. Forwarding a port assures two things: (1) that the packet arrives at the correct machine, and (2) that it arrives as soon as possible.

Is port forwarding safe?

Yes, port forwarding is not intrinsically unsafe. The procedure's safety is determined by a number of factors. If you use an unsupported service with a lot of unpatched vulnerabilities, for example, you're putting your computer and network at risk.

If you merely wish to host a public gaming server, you should be alright. However, while the game server is down, you must ensure that no other software or service accesses the ports you originally assigned.

By setting limits in place, you may improve your security. You can, for example, set traffic limits based on devices or even IP address (whitelist). Limiting bandwidth is also a smart idea so you don't get hit by DDoS attacks.

The bottom line is that port forwarding is not intrinsically insecure as long as you monitor what passes over those ports.  Closing the port while you are not using it is one of the safest practices.

How to Forward Ports in a router?

Depending on the router's make and type, the particular forwarding steps for router ports change slightly. Fortunately, the folks over at PortForward.com have compiled a vast database of Port Forwarding Guides for almost every router and model. Simply click Search after selecting the router brand and model.

The first thing you should do if we want to open the ports is find out the Router configuration page of our router. Currently almost all new routers have a sticker under them where they indicate: management IP address, username and access password. If in your case you do not have this information, we advise you to look for a user manual to access it correctly since we are sure that you will find this information. Normally the access credentials are "admin / admin", "1234/1234" or similar, to get the IP address of your router, you must open a cmd console in Windows putting in the Windows search engine simply "cmd" and press intro. Once we are in the console, we simply have to put "ipconfig" and we will get something like this:

Enter the default gateway IP address to the web browser address bar and you will be able to open the Router Configuration access page via browser. Most routers have a default IP Address like 192.168.1.1 or 192.168.0.1 you could always refer the router manual if you could not find.

Find the NAT, Virtual Server or Port Forwarding section in the router

Depending on the router manufacturer, in the firmware we can find the menu as «NAT», «Virtual Server» and also as «Port Forwarding». We will have to find this option by navigating through the different menus of our router, normally it will be found in the advanced options section, or simply in the "Port Forwarding or Port Mapping" section.

NAT is a technology that allows us to go to the Internet with multiple devices through the same public IP address. With Network Address Translation, the router will be in charge of translating the internal private IP addresses into the external public IP address, and vice versa, so that we can have communication without problems. If we want to communicate from inside the NAT (from the private IP addresses) with the Internet, we can do it without having to open any port, since the NAT takes care of it.

You only have to open ports in the event that we have to make a communication from the Internet (from outside the NAT) to the inside, for example, to access an FTP server, FTPES, SSH server, OpenVPN server or any other service to which we want to provide connectivity. In these cases, we will have to open a port in the NAT to let the data packets pass to their destination (a service from a PC or server).

Open ports on any router

Once inside the ports configuration menu, you will have to add the following data to the router port forwarding menu.

Name of the service : Here we will introduce the name of the application that will use the port we want to open, we can put what we want.

Protocol : Here we must indicate if you use the TCP, UDP or BOTH protocol (both protocols)

External Port : This is the port that we must open in the router, it is essential that, if the game console or the server needs a certain port, we use this one in particular. We must bear in mind that we cannot open the same external port to two different computers on the LAN.

Internal Port : Some routers allow you to forward internal ports, that is, if we only fill in the external port, the internal port will be exactly the same, but we can change this on demand, for this reason, this is optional.

Internal IP address : Here we have to enter the IP address of the destination computer or device within our network.

Once this is done, all that remains is to apply the changes and we will have the configuration made for the ports entered. 

Once we have configured the port, we apply changes and check access from outside (Internet). We also want to recommend that, once you have configured the configuration to your liking, it is advisable to make a backup of the router configuration, since if you do a RESET or your operator updates the router, it is very possible that it will return it to factory settings. With this backup you can restore it later to avoid having to manually configure the ports again.

There are multiple tools on the Internet to perform port scanners, and check that we have effectively opened the port on our router correctly, it is highly recommended to use this type of port scanners to verify the configuration.

 

Testing the port forwarding configuration

There are a number of free tools you can use to check your port forward is online or not.

https://www.yougetsignal.com/tools/open-ports/

https://canyouseeme.org/

https://portchecker.co/ 

are some of them.

You may need to restart your router after adding the port forward.

Also note that even if the router port is forwarded correctly, your computer may be blocking the ports using Windows Firewall or another security program.