PortForward.md 2.3 KB
title: Port Forwarding Guide x-toc-enable: true ...
Port forwarding allows clients to access services running behind your router. For example: you can access a file share on your home server by telling your router to forward connections on a specified port on the WAN (internet) side to your home server.
Many of the following steps require configuration on your router. If you use an old machine as your router then you probably don't need specific instructions. For the majority of regular users with a consumer router + access point, I recommend using OpenWrt. OpenWrt is well documented, with a large community, so you won't have to go hunting around for guides on your specific router firmware. Another benefit of OpenWrt is that you get frequent updates long after your router is abandoned by the manufacturer. Additionally, you won't have to relearn how to configure your router every time you get a new one. There is almost always a detailed installation guide on the OpenWrt website for all supported routers. If your router is too old for OpenWrt, it still might support dd-wrt Port forwards are generally simple in any router interface, but I'll be demonstrating how to do it in openwrt via the gui interface (LUCI).
First, navigate to your router's IP address from your web browser (generally 192.168.1.1 in openwrt). From there, navigate via the top bar to Network > Firewall. Click on 'Port Forwards' on the top of the firewall tab, then 'Add' on the bottom left. You'll see a menu like this:
Let's say I have service X running on port 5055 on my server machine and I want to access it from the internet. To allow access in openwrt, edit the fields as follows:
- Name: service X
- External Port: 5055
- Internal IP address: 192.168.1.47
- Internal port: 5055
Remember to replace the example IP address with your server's actual IP address. Click 'Save' then 'Save & Apply' from the port forwards menu. The name section isn't technically relevant, it only helps you keep track of your rules.
If you want to be able to manage your server from the internet, use port forwards to allow through the port you specified for ssh (3033 in this example). You could then manage your server from outside your LAN with something like:
ssh myserver@1.2.3.4 -p 3033