how to forward ports on a network router

Network Routers are an integral part of your home network. Most applications and services works without having to open up ports on your router. But sometimes there are some applications, such as multiplayer games, p2p networks and web servers that necessitates the need for certain ports to be open or forwarded so that they can function correctly.

The network router sits between your devices in the home network and the internet. If any device outside of the home network needs to initiate a connection to one of the devices inside the network then the corresponding port on the router need to be forwarded to a port on the corresponding device.

There are two things you need to know before you start with setting up the port forwarding: the device identified by its IP address and the port number you want to forward. You will also need administrator permissions for your router.

Access the Router Interface

You can access the router's web interface by entering the router IP address or the Gateway IP address from a web browser. This IP address is usually something like 192.168.0.1 or 192.168.1.1. If you don't know your gateway address, you can use the route command to find it.

$ route -n
route-gateway-address.png

Login into the router interface by using your administrator login and password. So, assuming that you Gateway address is 192.168.1.1 you can access the interface with the URL http://192.168.1.1 or if it is https then something like https://192.168.1.1:8443

Port Forwarding Section

Now, you will need to find the port forwarding section with in the admin interface. Every router has a different interface and sometimes it is also named differently in the interface. The most usual terminology will be something like Port Forwarding, Virtual Server, Applications, Gaming etc. Many times, this option is buried in the Advanced Settings section and/or under the WAN.

In the ASUS Router, you will find this under the Advanced Settings -> WAN -> Virtual Server/Port Forwarding.

asus-router-port-forwarding.png

Enable Port Forwarding

Once you have found the appropriate section in the UI where you can configure the port forwarding, it is pretty easy. Many of the router interfaces provide you with a preconfigured list of ports that are usually used. This includes the port for FTP, SMTP, DNS, HTTP and other protocols. You might also find a list of popular games such as Warcraft, Age of Empires, WOW etc.

If you find what you want in the list, then it is as easy as selecting it. That will pre populate a row with the necessary values (usually default). You can choose to accept it or modify the necessary values according to your requirements.

You can also add a custom entry if there is no pre-defined entries in the list that matches your requirements. There are several fields that you will need to fill out

Service Name: This can be any name you want. Give it a name that you can easily identify and remember what it is for. Port Range: This is the range of ports on the router that you want to forward. This can be comma separated list of ports. You can also provide a range of consecutive port using the colon (:) separator. Eg. 2302:2400,6073 will forward all ports from 2302 through 2400 and 6073. Local IP: This is the IP address of the machine or device on the local network that will handle the data or traffic at this port. Eg: 192.168.1.36 Local Port: This is the port that will handle the traffic on the local machine (as defined by the Local IP above). This is needed only if the port of the local device is different than the port you are opening on the router. If they are the same, you can leave it blank which is usually the case if you provide a port range rather than a single port. Protocol: The protocol that is used. This is either TCP or UDP or You can also select to both that will handle both the protocols.

A custom entry can look like in the screenshot below.

asus-router-port-application.png

There are several reasons as to why you should have a network router. One of the important reasons is Security. The router protects the devices inside the network from attacks from the public network or internet. When you open or forward a port on the router, it is always a security hole. You will need to be aware that your device is now open to traffic and other attacks from the outside.

Most times, the network configured using DHCP which means that the devices have dynamic IP addresses. These addresses can or may change over time, which means you will need to update the entry every time the IP address of the device change. In a local network, it is usually not much of an issue as IP address do not change very often.

But it is also a good idea to assign static addresses to devices that you are forwarding the ports to. When you assign static IP address to your device, then the port forwarding rule need not be changed unless you change the static address.