Featured Post

HOW TO: Install VPN server on Ubuntu when server is behind firewall

The whole point in this post is to run your own VPN service, and allow you to connect remote devices to your home network. To start off yo...

Feb 2, 2013

Port Forwarding

Port forwarding is a bit of a necessity, because your only alternative is UPNP, which is a huge vulnerability.

http://en.m.wikipedia.org/wiki/Universal_Plug_and_Play

UPNP allows programs to automatically configure port redirection (NAT traversal) and therefore if you happen to get a malicious program on your computer it could reek havoc if UPNP is available.

Port forwarding, as I discuss here, is the act of manually configuring your router to redirect ports to specific computers on your network.

What is the point of port forwarding, you may ask?

Lets take an simple example, imagine you have three computers on your network, and one of them has a web server, port redirection will allow all webpage requests coming to your WAN IP to be routed to the appropriate device.

To expand.
WAN IP: 72.67.180.4
Internal Computer 1: 192.168.1.1
Internal Computer 2: 192.168.1.2
Internal Computer 3: 192.168.1.3

If the web server is running on Internal Computer 2, you must forward all web request (assume HTTP, port 80 here) to it.

The router will request ALL external requests from ANY source to port 80 to be redirected to port 80 at internal address 192.168.1.2.

A more complex example would be Remote Desktop. Lets say you want to access any of your PCs from outside your home network, while at work possibly. If all computers are running Windows the RDP (Remote Desktop) port associated with this service is 3389. You can't use the same external port redirection, that is to say you can't redirect 3389 to multiple destinations - it's just not possible.

There are a couple of options to overcome the problem. One is to change the OS (Operating System) RDP port, the other much simpler method is to use a different external port.

To expand.
WAN IP: 72.67.180.4
Internal Computer 1: 192.168.1.1
Internal Computer 2: 192.168.1.2
Internal Computer 3: 192.168.1.3

Lets say you redirect port 1 to Internal Computer 1 port 3389, port 2 to Internal Computer port 3389, and port 3 to Internal Computer port 3389.

Now, to access your PC from an external location all you need to do is start the Remote Desktop application and enter the following:

72.67.180.4:1 to RDP to Internal Computer 1

72.67.180.4:2 to RDP to Internal Computer 2

72.67.180.4:3 to RDP to Internal Computer 3

Using ports 1-3 are not recommended by ICANN. You should use anything above 49151. See the following link for more information.

http://en.m.wikipedia.org/wiki/Registered_port

As for actually configuring Port Forwarding on your router you can either check the manual, the manufacturers website, or the following web page:

http://portforward.com/
Post a Comment