How To Forward Ports


Caution: If You Are NOT Connected To The Internet Via. A Router or Switch, Do NOT Follow This Guide.


Key:

Blue = Windows Vista & Seven

Green = Windows XP

Black = Follow Instruction Regardless Of Operating System

Red = Caution - Follow This Instruction/Note!

1.) Firstly we need to set a static internal IP address, otherwise everytime you turn-on or reboot your computer its IP address will change, causing the external source to be directed to an invalid or incorrect location. To do this you need to go to:

Start > Control Panel > Network and Sharing Center > Change Adapter Settings

Start > Control Panel > Network Connections



2.) Next you need to identify your active network connection. This should be the connection that doesn't have a red cross on the icon.

If you are unsure of which one that is, right click it and then click disable. Open a new copy of your web browser, Did it open a webpage? If it did not, then you've found your internet connection. Close that browser window. Go ahead and right click the network connection again and then click enable. Once again open up a new web browser. You should see a webpage. Close the browser window. Right click on the network connection and click properties at the bottom.

Right-Click > Properties

Right-Click > Properties > Properties

You should now be faced with a window similar to this:


http://img155.imageshack.us/img155/6320/adapterproperties.pnghttp://portforward.com/networking/winxp-lacp.jpg

Double-Click "Internet Protocol Version 4 (TCP/IPv4)"

Double-Click "Internet Protocol(TCP/IP)"

You should now be faced with another window similar to this:


http://img828.imageshack.us/img828/5368/ipv4.pnghttp://portforward.com/networking/winxp-tcpip.jpg

NOTE: Before we go any further write down the current settings of this window. If something goes wrong, you can change the settings back to their original values.



3.) Now select "Use The Following IP Address" and change the following fields.

IP Address: 192.168.1.X (Replace "X" With A Number Between 1-254 NOTE: This Should Not Be The Same As Your Routers IP Address)
Subnet Mask: 255.255.255.0
Default Gateway: 192.168.1.1 (IP Address of your Router)

Take A Note Of The IP Address Used, You Will Need This At A Later Date



4.) Then select "Use The Following DNS Server Addresses" and change the following fields.

Preffered DNS Server: 192.168.1.1 (IP Address of your Router)

NOTE: You May Wish To Use An External DNS Server, Inwhich Case Ignore This Step About The DNS Server

Your Done With Setting An Internal Static IP, Apply All Settings And Close All Windows.



5.) Now We Need To Allow These Ports Through The Routers Firewall. So Open Your Browser And Head To http://192.168.1.1 or http://routerlogin.com (if you have a netgear router)

You Should Now Be Prompted With A Login System, You Can Find The Username And Password On The Back Of Your Router, Or You Can Find It Over At http://www.routerpasswords.com (Providing It Is Still Set As Default And Hasn't Been Changed)



6.) Once in you need to navigate the "Port Forwarding/Port Triggering", Then you need to click "Add Custom Service". You should now be faced with a window similar to this:


http://img29.imageshack.us/img29/6351/portsb.png
or this
http://img541.imageshack.us/img541/9424/dlinku.png

You now need to change the following fields as follows:

Service Name: Choose an easily identifieable name so you can easily edit this at a later date if needs be, i am using XBConnect for the XBConnect Tunnel Networking Program.

Protocol: Change This To Either "TCP" or "UDP" or "TCP/UDP", if unsure set to "TCP/UDP" but it is recommended you find the required protocol

Starting Port: Insert Port Number Between 1-65534. I am using 8602 for XBConnect

Ending Port: Insert The Ending Port Number Between 1-65534. If You Are Only Opening 1 Port, Set The Same As The Starting Port. I Am Using 8602 For XBConnect

Server IP Address/Connection: This Should Be The Same As The IP Address You Set Earlier Under Your Adapter Properties, You Should Have Taken A Note Of This.



7.) Hit Apply And Your All Done, You Should Now Be Able To Use The Service From An External Source. You May Also Need To Allow This Port Through Your Firewall In Order For Your Service To Work. You Can Now Find Your External IP Address Here (http://www.whatismyip.com/), Give This To Other People That You Wish To Share Your Service With, Be That XBConnect, A Ventrilo Server, Etc. You IP Address Will Change From Time To Time, Unless You Have A Static External IP Address, This Can Be Enabled By Your ISP But Will Cost You A Small Fee Every Month.


--------------------------------------------------------------------------------------------------------------------------------------------


Setting An Internal Static IP For Linux users
Thanks To llawwehttam


Linux has several popular desktop enviroments. Each has a different set of tools for system settings and maintenance. If you are new to linux then I assume you will be using Gnome, KDE or XFCE. If you have used something else such as openbox, Fluxbox, or have no desktop enviroment I would assume you can set a static IP address.


Gnome Users:

1.) Firstly we need to locate the network manager in your desktop enviroment. In gnome it is usually in the notificaton area but can have a variety of icons.

2.) Once you have found the icon, right click on it and select “Edit Connections”.

3.) Choose your connection and press “Edit”.

4.) Go to the Ipv4 tab and change DHCP to Manual or static depending on what version of GNOME you have.

5.) Press 'Add' and type your IP address, netmask and gateway. You can also fill in the IP address of your DNS server underneath.


http://a.imagehost.org/0745/Screenshot_7.png

Now Refer Back To Step 5.) Of The First Section.

Thanks For Reading.

You may want to put a few more screenshots of different router's interfaces such as D-Link and Belkin etc... Apart from that small criticism, great guide. If you're interested I could do an addon for linux if I have time.

personally i got bored with the whole port fwd thing win7 firewall looks after itself
and my routers uses upnp, every program I use that need port forwarding uses UPNP so I don't have a problem myself.

You may want to put a few more screenshots of different router's interfaces such as D-Link and Belkin etc... Apart from that small criticism, great guide. If you're interested I could do an addon for linux if I have time.

Thanks :) just something i quickly put together for XBConnect as there are quite alot of new people over there asking how to set this up due to MS recently dropping support for classic games.

Yeh i will gather a few more images of other routers firmwire, although may be difficult as i don't have any access to another brand other than netgear and both of my routers use almost identical firmware.

And if you kindly would, i had a quick crack with unbuntu earlier but got completely lost :o

Thanks :) just something i quickly put together for XBConnect as there are quite alot of new people over there asking how to set this up due to MS recently dropping support for classic games.

Yeh i will gather a few more images of other routers firmwire, although may be difficult as i don't have any access to another brand other than netgear and both of my routers use almost identical firmware.

And if you kindly would, i had a quick crack with unbuntu earlier but got completely lost :o

Here's a quick one for gnome:


How To Forward Ports


For Linux users


Linux has several popular desktop enviroments. Each has a different set of tools for system settings and maintenance. If you are new to linux then I assume you will be using Gnome, KDE or XFCE. If you have used something else such as openbox, Fluxbox, or have no desktop enviroment I would assume you can set a static IP address.


Gnome Users:

1.) Firstly we need to locate the network manager in your desktop enviroment. In gnome it is usually in the notificaton area but can have a variety of icons.

2.) Once you have found the icon, right click on it and select “Edit Connections”.

3.) Choose your connection and press “Edit”.

4.) Go to the Ipv4 tab and change DHCP to Manual or static depending on what version of gnome you have.

5.) Press 'Add' and type your IP address , netmask and gateway. You can also fill in the IP address of your DNS server underneath. http://a.imagehost.org/0745/Screenshot_7.png



Obviously its very rough. Please edit it to suit your needs. I will try to do guides for KDE and XFCE when I have more time. I may also give a guide for manually setting it via the command line.

EDIT: Oh and here's a pic of my D-Link router's port forwarding table:

http://j.imagehost.org/0754/Screenshot-1.png

will this help me fixing steam to connect online and let bittorrent download stuff?

will this help me fixing steam to connect online and let bittorrent download stuff?

That would depend what the problem is but i think it probably more likely to be your firewall than your router. But opening ports is slightly different to this method.

EDIT: I See 'Doc Got You Sorted :)

personally i got bored with the whole port fwd thing win7 firewall looks after itself
and my routers uses upnp, every program I use that need port forwarding uses UPNP so I don't have a problem myself.
You are brave.
From ...http://www.nist.org/news.php?extend.125

UPnP as implemented in many small office / home office (SOHO) routers is vulnerable to being reconfigured without your knowledge. If you are using NAT this exploit can map ports through your router to your computer, or any computer on your network. Basically it can defeat the security your router is providing you. The fix? Turn off UPnP. Firmware updates are being quietly released by several router manufactures to repair (or work around) this problem. Many manufacturers aren't telling anyone that they are fixing this problem because they don't want people know it exists. So check with your router manufacturer for firmware updates. But the best thing you can do is turn off UPnP on your router. Turning off UPnP on your router won't prevent other devices on your network from from using UPnP safely.

UPnP is a security hole.

iirc Didn't the FBI at one point recommend that UPNP be turned off in XP?

iirc Didn't the FBI at one point recommend that UPNP be turned off in XP?





like I said I really CBA messing about with programs ports and my network


it became a real pain in the a** forwarding ports for our computers
adding new devices and stuff

iirc Didn't the FBI at one point recommend that UPNP be turned off in XP?
Off for their own computers On for everybody else.

But they were also told that, (and re-told) XP/NT5.1 (when it came out) was the safest and most secure OS money could buy, there is only one that is less safe out of the box, or post install at default settings,

...and that was Vista.

I never have understood routers. With a dynamic ip address how many times and when is the ip address changed?

Is setting a static ip address the only way to forward a port and what is upnp?

Nice thread btw theres a few things I learnt from 1st post that I didnt know before.

I never have understood routers. With a dynamic ip address how many times and when is the ip address changed?

Is setting a static ip address the only way to forward a port and what is upnp?

Nice thread btw theres a few things I learnt from 1st post that I didnt know before.

Well an external dynamic IP can change, possibly, when you reset your modem, However even with resetting your modem, most of the time it still wont change. An internal dynamic IP will change almost every-time you turn on or disconnect from the network so its important you set on internally, but the only way to set an external one is to buy one off your ISP, but that really isn't necessary

By external i mean your public IP address what everyone else can see.

By internal i mean your private IP, 192.168.x.x, this is only what you, and other people connected to your network can see.

Setting an internal static is a must, or you will be port forwarding every-time your router turns off, or your computer turns off/disconnects from the network.

UPNP is Universal Plug 'N' Play, basically that means that if i plug a new xbox into my network it will work on the internet without the need to forward any ports, and that applies to any device on the network. However, even with UPNP server clients such as TeamSpeak 3 will not work as your router will block any information on any port other than 80, 8080 and a couple of others. That is why we need to manually open ports to allow services such as TeamSpeak to work.

Im a student with the openuniversity and we use eluminate, a program that sounds similar to team speak but I didn't open any ports for this. I have upnp turned on in router though and dynamic ip address. Its a program for online tutorials where many people can join in on a conversation.

Is port forwarding only for allowing access for external connections from the internet or does it have another use as well?

Im a student with the openuniversity and we use eluminate, a program that sounds similar to team speak but I didn't open any ports for this. I have upnp turned on in router though and dynamic ip address. Its a program for online tutorials where many people can join in on a conversation.

Is port forwarding only for allowing access for external connections from the internet or does it have another use as well?

Im running a virtual server of TS3, so im hosting the server. I was granted a free 519 slot, non-profit license for family and clan to use.

Yeh pretty much, everything other than default ports and the ports that are open will be blocked if they are incoming. UPNP only works for out-bound connections. Even though my server runs on port 9987, the client will operate on a different port, which is why you didn't need to port forward.

If some ports are open by default why do we need to open more ports for certain applications, is it cos a port can only be used by one app at a time?

If some ports are open by default why do we need to open more ports for certain applications, is it cos a port can only be used by one app at a time?

Because that would cause insecurity and also it allows for data to be easily identified rather than having all your traffic running through one port. May be wrong, don't really know much on that subject.