What is Port Forwarding?

Port Forwarding is often associated with gaming, but it has other uses as well. In today's post, TipsMake will explain what ports are, why they need to be forwarded, how to set up Port Forwarding on a regular router, and common problems that can be solved with Port Forwarding.

What is port?

You probably already know what an IP address is. Every device on the network (smartphone, computer, console, or any other device plugged into a router or connected to WiFi) is assigned an IP address. But there are two types of IP addresses: Public and Private.

A public IP address is what other computers on the Internet see when you connect to them. It is assigned to your modem by your Internet service provider (ISP). You can use Google or DuckDuckGo to check your public IP address.

What is Port Forwarding? Picture 1

On the other hand, private IP addresses are used on internal networks - devices that are connected to the same router. Sometimes they need to "communicate" with each other, such as transferring files between two computers or using a network printer.

In a nutshell, the public IP is like your home address - including your zip code, street/street name, and building - while the private IP will be the apartment number, useful only once you're inside the building.

When you visit a website, you are requesting some data back to your device. To do that, the web server must be given your public and private IP addresses. The data is sent back from the website, first to the router using the public IP, then to your device using the private IP.

This is pretty straightforward when it comes to browsing the web, but what about when you're asking for different types of data - like emails or where enemies have moved in a multiplayer game -? How does your computer know to which application the data will be provided? Because sending your latest email to the game Call of Duty won't make any sense.

That's where ports come into play.

How does the network port transfer data?

What is Port Forwarding? Picture 2

Ports are like the mail sorting pipes inside a computer. When data arrives at your device, the operating system checks the port number for that data. Each port can correspond to a different application and has up to 65536 ports.

The first 1024 of these ports are standardized. For example, unsecured web traffic goes through port 80, while a secure website uses port 443. Email over POP3 uses port 110, and outgoing SMTP email uses port 25. Wikipedia has a full list. standard ports.

So, when you open an HTTPS website, the data will return to your computer in the following order: public IP (modem/street name), private IP (your computer in the router's internal network/base number) household) and finally port 443 (the app used HTTPS/your name on the envelope).

From port 1025 to 65536, there is no clear regulation. New applications are created daily and need to have links to the website available. If a single piece of software exclusively uses one of these ports, other tools will no longer be able to use that port.

Applications connected to the web can choose which port they want to use. Although it sounds difficult and time consuming, there is a solution to this problem: Universal Plug and Play (UPnP).

What is UPnP and how does it work?

Keeping all ports open is a huge security risk, so any non-standard ports (port 1025 onward) are blocked by default on most routers. This prevents malicious requests from reaching services that may be running on the network. However, closed ports also cause problems for online applications - the router will block them as a security feature. Therefore, the application needs to tell the router: "Hey, I'm using this port; leave it open".

UPnP was invented to automate this process. Applications can request a port to be opened and the router will automatically set up the required Port Forwarding rules. This is not without risk. For example, if malware is installed on your computer, that malware will be trusted by the router, which in turn can open ports for malicious activities.

Since UPnP can be dangerous if exploited, many people have disabled it. A common example where UPnP would be disabled is in the IT team at a large company. Typically, each department requires a specific set of programs. Everyone uses email, but managing payroll online is primarily for the Human Resources department, and it's unlikely that someone outside of customer support would need ZenDesk.

In such cases, UPnP is disabled and the ports required for each team's workflow are opened only to the computers that need them. However, even if you haven't turned off UPnP, sometimes it won't work properly. So let's see how you can create a Port Forwarding rule manually.

Disable UPnP and use Manual Port Forwarding

Anyone can disable UPnP at home for added security - this allows granular control over which ports are opened for each device. Just follow the instructions below.

Step 0: Things Needed for Port Forwarding

To set up Port Forwarding successfully, you need some information.

1. The router's IP address to access the router's admin page. Usually, there is a sticker listing this on the router, along with the default username and password. If you are not sure, will list the factory default router addresses.
2. Which port (or port range) should be forwarded - the software that requires Port Forwarding will list them.
3. The private IP address for the device that will open the port.
4. Some applications also specify whether they use UDP or TCP packets. The difference doesn't matter, and you can choose both - there's no problem or security risk in doing so.

Many modern routers have built-in applications for easy router configuration.

Step 1: Disable UPnP

What is Port Forwarding? Picture 3

Before continuing, here are a few notes:

1. The following Port Forwarding instructions use the Nokia G-140W-H modem/router combo device. Routers from other manufacturers use different menus, but the basic content will be the same.
2. If you use a modem/router combo device and cannot find the Port Forwarding/UPnP options, your ISP may block these settings. In such cases, contact the vendor's customer support.
3. Port Forwarding needs to be set up for each application on each device. UPnP only needs to be turned off once because it affects the entire router.

The router's home page will be displayed after logging in. For the Nokia G-140W-H, the menus are on the left side, with UPnP and Port Forwarding under Application.

What is Port Forwarding? Picture 4

Disabling UPnP in most cases is as easy as unchecking the toggle button and clicking Save/Apply . If this option is disabled, no action is required.

Step 2: Enable Port Forwarding

What is Port Forwarding? Picture 5

With UPnP disabled, it's time to open the necessary ports for your applications.

Many routers list dozens of common software/devices that need Port Forwarding. Most of them are games, but there are also IoT gadgets, file sharing apps, instant messengers, etc.

If the app or device isn't listed, you'll need to create a custom Port Forwarding rule. It's easier than you think, and everything you need is listed in Step 0 at the beginning of this tutorial. Enter the port (or port range), and then give the new rule a name. The WAN and LAN port numbers must be the same.

What is Port Forwarding? Picture 6

Whether the application or service is listed or not, you need to indicate which device needs that Port Forwarding. World of Warcraft will not work if linked to your phone instead of the computer running the game.

Some newer routers remember devices by name, set in the device itself. This way, the Port Forwarding feature works even if the private IP address changes. For routers that don't have this feature, you will need a private IP address, which is also mentioned in Step 0.

Double check everything, click Save/Apply and you're done. Restarting the router isn't necessary, but it doesn't hurt either.

It is important to remember that each application that requires Port Forwarding must have a Port Forwarding rule set up on each device on which the application is installed. For example, if you have 3 computers running the same software, you will need to create a rule on each computer. The same goes for a computer that has different programs that require Port Forwarding. Every software requires its own rules.

Troubleshoot Port Forwarding

What is Port Forwarding? Picture 7

If you have UPnP turned off and Port Forwarding is set up, but you launch the application and. no connection. Try some solutions.

First, double check that the settings are correct. It is very easy to mistype "192.168.1.29" instead of "192.168.1.19" or write the wrong port number.

On the Port Forwarding page, confirm the same device still uses the private IP address you selected for Port Forwarding. If the router has restarted, the IP address may be changed. Many routers automatically reboot after any configuration changes, and modem/router combo devices that handle ISP settings restart frequently.

For example, you have configured Port Forwarding 10.0.0.4 for your phone, but after rebooting, the router assigns this address to the TV again.

In this case, you will need MAC binding, which binds the MAC address (Media Access Control, a unique identifier for the network adapter) to a static IP. This way, whenever that device connects to the router, it will have the same IP.

Is it possible to fix the Port Forwarding Double-NAT problem?

Another common Port Forwarding problem is Double-NAT.

Port Forwarding will only be useful if you have a single public IP address. In some cases, your IP address will be shared with other users. In fact, you have another layer of routing beyond your control before reaching the wider Internet.

This is quite common in college dormitories and some apartment complexes with limited Internet options. Port Forwarding won't be helpful in this case because the ports will still be blocked on another router that you can't control, so the packets will never reach your router. Unfortunately, it is not always possible to remedy the Double-NAT situation.

If you can configure both routers, the router closest to the public side (usually provided by the ISP) will be switched to Bridge mode. This disables all routing features, including any built-in WiFi, effectively turning it into a simple modem.

This may be necessary to fine-tune home connections. For example, advanced users can prioritize their router to run OpenWRT and some mesh networks become more reliable when using the modem in Bridge mode.

Some ISP-provided routers do not allow you to do this. If that's not possible, you can also try setting up a DMZ that points to your other router. This is beyond the scope of the guide, but essentially means "trust everything and forward it all onto another device for processing."

Lesley Montoya

Update 11 March 2023