Port Forwarding for Beginners
Port forwarding is a method of allowing Internet data to
flow more swiftly and efficiently to a certain computer, device or application.
If you've ever had a problem with video game latency, security camera
monitoring device (DVR, NVR or IP Camera) or an app (such as Skype or Netflix)
failing to connect to the server or poor connection issues, port forwarding can
really help and solve your problem.
It's easier to grasp how your home network connects with the
Internet if you have a technical understanding of port forwarding. If you don't
care about any of this, simply navigate to your router's port forwarding area.
What is NAT (Network Address Translation)?
Each Internet-connected gadget has its own IP address. This
IP address is needed to inform the server which device is receiving the data
("packets").
Each IP address is further divided into ports. These ports
tell the device to which application the packet will be sent.
When your computer tries to access google.com, it connects
to Google's IP address, which is 74.125.224.7. In order for your browser to
connect to the Google web server program, it must do so over port 80, which is
a standard port for sending HTTP data (i.e., web pages). So, when you go to
Google.com network in your browser, you're actually linked to 74.125.224.72 :
80. ( ipaddress: port ).
Consider it as though you were writing a letter to a
1,000-person office building. Putting a street address on an envelope sends it
to the post office, but the post office has no idea who will receive the letter
among its tens of thousands of employees. As a result, you include the address
alongside ATTN: Mr. Steve. That way, the post office will know to deliver it to
Mr. Steve immediately away. The worker had to walk up and down the cubes,
asking if anyone was expecting a letter from the sender without the ATTN mail.
It's possible he would have never located the intended recipient.
A router is most likely the equipment that connects your
home to the Internet. Your router, like the post office in an office building,
serves as a link between all of your computers, smartphones, and tablets, as
well as the Internet. The router accomplishes this by allocating private IP
addresses to each device on the network. On the Internet, these secret IP
addresses are not visible. Rather, all packets meant for your computer are
transmitted through a router, which selects which computer receives what. This is
referred to as Network Address Translation (NAT).
What is the use of Port Forwarding?
One of NAT's drawbacks is that Internet servers and clients
are unaware of your computer's private IP address. As a result, they are unable
to deliver data directly to your computer. Instead, they transmit it to your
router in the hopes that it would resolve the issue. It is classified in broad
applications and sorted out (eventually).
However, in less frequent applications like games and
peer-to-peer clients, the router may be unable to determine which machine needs
to receive the data, causing the connection to fail (return to the sender).
This is where you'll find port forwarding valuable.
Router port forwarding is a method of instructing a router
to send data sent on a specified port to a certain machine or device. Returning
to the post office analogy, it would be equivalent to sending an organization
chart to the post office containing all of the building's employees' names,
units, and roles.
When the mail arrives ATTN: Mr. Steve, they can glance at
the organization chart and spot Steve's name at the top of the ladder.
Forwarding a port assures two things: (1) that the packet arrives at the
correct machine, and (2) that it arrives as soon as possible.
Is port forwarding safe?
Yes, port forwarding is not intrinsically unsafe. The
procedure's safety is determined by a number of factors. If you use an
unsupported service with a lot of unpatched vulnerabilities, for example,
you're putting your computer and network at risk.
If you merely wish to host a public gaming server, you
should be alright. However, while the game server is down, you must ensure that
no other software or service accesses the ports you originally assigned.
By setting limits in place, you may improve your security.
You can, for example, set traffic limits based on devices or even IP address
(whitelist). Limiting bandwidth is also a smart idea so you don't get hit by
DDoS attacks.
The bottom line is that port forwarding is not intrinsically
insecure as long as you monitor what passes over those ports. Closing the port while you are not using it is
one of the safest practices.
How to Forward Ports in a router?
Depending on the router's make and type, the particular
forwarding steps for router ports change slightly. Fortunately, the folks over
at PortForward.com have compiled a vast database of Port Forwarding Guides for
almost every router and model. Simply click Search after selecting the router
brand and model.
The first thing you should do if we
want to open the ports is find out the Router configuration page of our router. Currently
almost all new routers have a sticker under them where they indicate:
management IP address, username and access password. If in your case you
do not have this information, we advise you to look for a user manual to access
it correctly since we are sure that you will find this information. Normally
the access credentials are "admin / admin", "1234/1234" or
similar, to get the IP address of your router, you must open a cmd console in
Windows putting in the Windows search engine simply "cmd" and press
intro. Once we are in the console, we simply have to put
"ipconfig" and we will get something like this:
Enter the default gateway IP address to the web browser address bar and you will be able to open the Router Configuration access page via browser. Most routers have a default IP Address like 192.168.1.1 or 192.168.0.1 you could always refer the router manual if you could not find.
Find the NAT, Virtual Server or Port Forwarding section in the router
Depending on the router manufacturer, in the firmware we
can find the menu as «NAT», «Virtual Server» and also as «Port
Forwarding». We will have to find this option by navigating through the
different menus of our router, normally it will be found in the advanced
options section, or simply in the "Port Forwarding or Port Mapping" section.
You only have to open ports in the event that we have to
make a communication from the Internet (from outside the NAT) to the inside,
for example, to access an FTP server, FTPES, SSH server, OpenVPN server or any
other service to which we want to provide connectivity. In these cases, we
will have to open a port in the NAT to let the data packets pass to their
destination (a service from a PC or server).
Open ports on any router
Once inside the ports configuration menu, you will have to add the following data to the router port forwarding menu.
Name of the service :
Here we will introduce the name of the application that will use the port we
want to open, we can put what we want.
Protocol :
Here we must indicate if you use the TCP, UDP or BOTH protocol (both protocols)
External Port :
This is the port that we must open in the router, it is essential that, if the
game console or the server needs a certain port, we use this one in particular. We
must bear in mind that we cannot open the same external port to two different computers
on the LAN.
Internal Port :
Some routers allow you to forward internal ports, that is, if we only fill in
the external port, the internal port will be exactly the same, but we can
change this on demand, for this reason, this is optional.
Internal IP address :
Here we have to enter the IP address of the destination computer or device within our
network.
Once this is done, all that remains is to apply the changes and we will have the configuration made for the ports entered.
Once we have configured the port, we apply changes and check access from outside (Internet). We also want to recommend that, once you have configured the configuration to your liking, it is advisable to make a backup of the router configuration, since if you do a RESET or your operator updates the router, it is very possible that it will return it to factory settings. With this backup you can restore it later to avoid having to manually configure the ports again.
There are multiple tools on the Internet to perform port
scanners, and check that we have effectively opened the port on our router
correctly, it is highly recommended to use this type of port scanners to verify
the configuration.
Testing the port forwarding configuration
There are a number of free tools you can use to check your
port forward is online or not.
https://www.yougetsignal.com/tools/open-ports/
https://canyouseeme.org/
https://portchecker.co/
are some of them.
You may need to restart your router after adding the port
forward.
Also note that even if the router port is forwarded
correctly, your computer may be blocking the ports using Windows Firewall or
another security program.
0 Comments