Who needs port forwarding and why
Port forwarding is a procedure that opens external access to devices in your home wireless network. In the settings of operating systems and routers, this process can be hidden behind the abbreviation NAT (Network Address Translation). Let’s figure out what it is, why and who needs forwarding, and whether port forwarding works with VPNs.
Ports are numbered virtual “devices” that provide data transfer over the network. To make it clearer, let’s draw an analogy with a sea power. Let it be France. Cruise liners dock in the port of Marseille, warships call at the base in the port of Brest. LNG carriers drop anchors in ports equipped with LNG terminals.
Computer programs and services that work with the network can also have their own “home ports”, numbered from 0 to 65535. For example, mailers use port 25 for incoming mail (POP3) and 110 for outgoing (SMTP). In browsers, encrypted traffic (https) goes through port 443, and unencrypted traffic (http) through port 80.
Forwarding converts the internal IP addresses of devices to external ones that can be accessed from the Internet. And vice versa. Forwarding opens access to specific devices through specific ports.
Redirects are often needed for multiplayer games. So, to play Destiny 2 on a PC, UDP ports 3097 and 3074 must be open on the PC. The PlayStation only needs one port, 3074. For the Xbox, you will need to open port 1200.
Examples of situations in which port forwarding is necessary:
- Using a home PC to host your site.
- Opening a game server on your computer.
- Enables remote configuration of a router or PC.
- Provide remote access to home IP cameras.
Setting up forwarding
Port forwarding is configured in the web interface of the router. The location and name of the corresponding section depends on the router model. This can be the section “NAT”, “Network Address Translation”, “Virtual Servers” or “Forwarding”. Read the documentation for your network equipment.
In general, you will need to enter:
- Internal IP address of the device to be accessed.
- Data transfer protocol (TCP, UDP).
- The name of the virtual server (arbitrary).
- Port number.
- DDNS service provider (not needed with static IP).
If you are using DDNS, after choosing a provider, you will need to register on the service website. In some routers, you can specify the external address from which access will be made. So, if ports are open for a specific game, you should enter the address of the game server here. This will increase the level of network security.
Does NAT work with VPN, forwarding restrictions
NAT support depends on VPN service provider. Not all VPN services will be able to set up forwarding.
Other restrictions are also possible. Namely:
- game (service, program) works only with UDP ports, but UDP is blocked by the provider;
- NAT is not supported by the router.
Please note that forwarding can reduce your network security. For example, in 2019, a group of hackers exploited NAT vulnerabilities to subscribe thousands of devices to the YouTube PewDiePie channel.