Why forward ports? How to forward ports on a router (we open ports for games, Skype, uTorrent and other applications). Set a static IP for the computer in the settings of the Asus router

Connect to the web interface D-Link router and press the "Advanced Settings" button.

Select " Virtual servers" in the "Firewall" section.

In the window that opens, click "Add".

In the window that opens, set required parameters virtual server. And click the "Change" button.

Sample- Select one of the six virtual server templates provided from the drop-down list, or select Custom to define your own virtual server settings.
Name- Virtual server name for easy identification. Can be arbitrary.
Interface- The connection to which the created virtual server will be attached.
Protocol- The protocol that the created virtual server will use. Select the required value from the drop-down list.
External port (start) / External port (end)- Router port from which traffic will be forwarded to the IP address defined in the Internal IP field. Set the initial and final values range of ports. If you need to specify only one port, specify it in the External port (start) field and leave the External port (end) field blank.
Internal port (start) / Internal port (end)- Port of the IP address specified in the Internal IP field, to which traffic from the router port specified in the External Port field will be forwarded. Specify the start and end values ​​of the port range. If you need to specify only one port, specify it in the Internal port (start) field and leave the Internal port (end) field blank.
Internal IP- IP address of the server located in local network. You can select the device connected to the router's LAN in this moment. To do this, select the appropriate IP address from the drop-down list (the field will be filled in automatically).
Remote IP- IP address of the server located in external network(in most cases this field should be left blank).

To set other parameters for an existing server, select the appropriate server in the table. On the page that opens, change the necessary parameters and click the “Change” button.

To save an existing rule, click on the "System" button and then "Save".

Port forwarding on TP-link routers.

Login to the web interface TP-Link router. Go to the menu "Forwarding" - "Virtual Servers". Click the "Add New" button.


Fill in the fields:
Service port - Network port, by which users will access your service.
Internal port- Internal port through which your service is available (within your local network).
Note: Service Port and Internal Port may be different.
IP address- Local IP address of your service, issued by the router.

Save the setting by clicking the "Save" button.

Port forwarding on ASUS routers.

Login to the web interface Asus router, select the "Internet" menu - the "Port Forwarding" tab, fill in the fields at the very bottom of the page.

Service name- arbitrary service name.

Port range- specify the ports from which the router will redirect incoming connections, for example, the port range 1000:1050 or individual ports 1000, 1010 or mixed 1000:1050, 1100.

Local address- the address to which the router will forward.

Local port- port number on the machine with IP to which the router will redirect connections;

Protocol- what type of connections should the router detect?

After specifying all the settings, click "Plus" to add a rule, then save the settings and click the "Apply" button.

Port forwarding on Zyxel routers.

Login to the web interface Zyxel router. Go to the menu "Security" - "Broadcast" network addresses(NAT)". Click "Add Rule".
In the new dialog box, complete the following items.

Attention! The field value must be specified correctly Interface. Depending on whether your ISP uses authentication (PPPoE, L2TP or PPTP), the meaning of this field may vary. If authorization with the provider is not used, you should always select the Broadband connection (ISP) interface. If your provider uses PPPoE to access the Internet, then you should select the appropriate PPPoE interface.
If you are given simultaneous access to the provider’s local network and the Internet (Link Duo), you need to select the Broadband connection (ISP) interface to forward a port from the local network, and select a tunnel interface (PPPoE, PPTP or L2TP) to forward a port from the Internet.

Packages to address– this field is active when no interface is selected. You can specify the external IP address of the Internet center to which packets will be sent. In the vast majority of cases, this item will not be useful to you.

In field Protocol you can specify a protocol from the list of presets that will be used when forwarding the port (in our example, TCP/21 is used - File Transfer (FTP)). If you select TCP or UDP in the Protocol field, you can specify a port number or a range of ports in the TCP/UDP Ports fields.

In field Redirect to address specify the IP address of the device on the local network to which the port is forwarded (in our example it is 192.168.1.33).

New destination port number– used for “port substitution” (for port mapping, for example from 2121 to 21). Allows you to broadcast calls to another port. Usually not used.

After filling in the required fields, click the Save button.

IN in this case, the rules for redirecting port 4000 via TCP and UDP protocol are specified.


As a result, a window with forwarding rules for tcp/4000 and udp/4000 should appear in the “Security” settings.

Technology Universal Plug and Play (UPnP) is in a convenient way ensuring any network program, which needs to forward ports without having to configure “mapping” on the router’s web interface. But not all programs have built-in support for UPnP. Unfortunately, some programs that require port forwarding do not support UPnP. In these cases it will help us UPnP Portmapper. Let's talk about its installation, configuration and use.

The main purpose of UPnP Portmapper is to take care of port forwarding for the application without configuring forwarding on the router. But if you want to manually configure all the details of port forwarding, then you will have to log into the web interface of your router and change the port forwarding rules. If for some reason you cannot log into your router, then this article on gaining access to the router will help you update your credentials for it.

But situations often arise when it is necessary to perform port forwarding, but it is undesirable to configure the router. For example, if you are in public place or visiting friends, then simply launch UPnP Portmapper and activate the preset rules.

Let me make a reservation right away that I will consider the router and the router to be the same device. Divide them into two different types makes no sense within the scope of this article. But this does not mean that they are actually the same device. This is far from true.

Installing UPnP PortMapper

UPnP PortMapper is written entirely in Java, so you need free package Java Runtime Environment, which can be downloaded from the official website. After Java installations download UPnP PortMapper, for example from GitHub.

It should be noted that UPnP PortMapper also works great on Mac OS X and various Linux systems.

UPnP PortMapper communicates with the router via UPnP protocols, so your router must support this technology and it must be enabled. However, there is nothing to worry about, all modern routers support UPnP, which is already enabled on the router by default.

To launch Portmapper, double-click on the JAR file.

UPnP PortMapper

Or run the file in command line.

$ java-jar PortMapper-1.9.6.jar

Port Forwarding with UPnP PortMapper

To get started, click the button Connect in UPnP Port Mapper. If you see a pop-up window Windows Firewall, press the button Allow access.

Connect UPnP PortMapper

If UPnP Portmapper tells you in the Log messages field that it cannot find the router.

Warning UPnP PortMapper

Means UPnP setup disabled on the router itself. You need to go to the router's web interface and enable UPnP.

Enable UPnP on the router

After clicking the Connect button, it will connect to the router and you will see a list of UPnP port mappings in top panel(this list will be empty by default), as well as the external IP address of the router on the Internet and its IP address on your local network.

UPnP PortMapper connected to router

To create a new port forwarding, click the button Create.

Enter a description for the forwarding rule and specify a list of one or more ports to forward. You can specify a range of ports using the button Add port range.

In addition, you can specify a specific remote host. When you enter an IP address, only traffic from that address will be forwarded to your computer from the router. For example, you can use this feature to only allow connections from your friend's Internet IP address.

Jackdaw Local host installed by default, it forwards ports to the address of your computer without the need to double-check local IP address Your computer. If you disable the checkbox, you can use the application to forward ports to several various computers online.

Add a port range, disable localhost forwarding

After specifying a range of ports, they will be displayed in the preset Ports. Save the selected range, select a preset and press the button Use to enable the selected range of ports.

Port preset

When you press the button Use Portmapper forwards ports to the router. You can see the prepared setting in the preset Port mappings.

Using the My Game Server preset

You can remove port mappings by highlighting a row in the table and clicking Delete.

The port forwarding settings made will be saved on the router until its cache with UPnP data is cleared. Depending on your router, this may happen, for example, when the router is rebooted. If you open UPnP Port Mapper next time and click the button Connect You will see your active port mappings.

You will also need to reapply your port mapping settings if your computer's local IP address has changed.

With UPnP PortMapper, you can quickly and easily apply port forwarding settings on any network with a router that supports UPnP. This is convenient if you use a laptop outside the home and need to forward ports for games, servers or other tasks.

Port forwarding is usually used to gain access to information and data on another device that is connected to the same network via a Wi-Fi router. What are the purposes of port forwarding? Let's say you want to connect to a computer that broadcasts a video signal in order to watch broadcast video or create a server for a general game on the Internet. In some cases, you need to open access to your PC if you want to exchange traffic through torrent applications.

The virtual server function is used only by advanced network users

How to enable port forwarding?

This is done in two ways - automatically or manually. By default, in most equipment, the UPuP function, which allows you to redirect traffic, is activated automatically, but if problems arise when you want to exchange files via torrent or create a network for a game, then it is worth checking whether the function works through the router settings.

On TP-Link models it's done like this:

• Go to the router menu, enter address bar browser your IP address, log in (usually the Admin value is entered for this).
• Select the line “Forwarding”, turn on this function, if it was not previously activated.

In Asus brand products, you need to go to the Internet menu, Connection item and check the activation box next to the UPuP function.

If you have problems distributing data via torrent, after activation, go to the program and turn on the UPuP function through the settings.

Manual forwarding method

Performing port forwarding manually is a little more difficult, but this method is considered more correct. With automatic redirection, sometimes a situation arises when the router allows access to the wrong device, and if you want to control everything for network security purposes, then choose this configuration method. There is one drawback - forwarding will stop working if you change the router data, so you will have to re-enter all the necessary information.

When you already know which port you want to open and do it for separate program for example a torrent, do the following:

• Go to the program settings, select the Connection section and rewrite the combination of numbers from the “Incoming connection port” line.
• Next, uncheck all the checkboxes from the lines located below, except for “Firewall exceptions”.

You also need the MAC address of the computer in order to use it to find your computer in the list of all devices connected to the router.

You will find out by doing the following:

• Go to the "Network and Sharing Center" menu shared access» through the Control Panel on your computer.
• Open the information for your current local network connection and rewrite the combination of numbers from the “Physical Address” line.

Now let's configure the router for port forwarding. First of all, in the equipment menu, change the method of setting the IP address to static, since opening the port requires that it remain unchanged.

Let's look at how to do redirection on TP-Link models, since they are most in demand among providers and their clients.

Do the following:

• Open the IP and MAC address binding menu, “ARP Table” item.
• Use the MAC address to determine the IP address and remember it so you can add it to the settings.
• Open “Binding Options”, check the box next to “ARP Binding”, save changes.
• Select the “Add new” line, enter the data that you previously remembered in the settings.

You have linked the IP and MAC addresses of your computer together, now all that remains is to enter the parameters for forwarding. It's done like this.

Port forwarding on a router is a procedure that allows you to establish a direct connection between a computer from an external network (for example, from the Internet) and a device located on the internal network of the router. Thanks to this, any device or application that knows the external IP address of your router and the port numbers that are forwarded on it can access from the Internet the corresponding devices on the network behind the router, for example, computers and laptops in the home local area. Provided that this is not prohibited by the firewall settings.

Figure 1. Local network diagram

There are many goals and objectives for the implementation of which it is necessary to assign port forwarding on the router. For example, for full-fledged work peer-to-peer clients, the ability to create any Internet servers - gaming (online competitions between computer players), WEB, FTP and others. If you are unable to organize a torrent distribution on BitTorrent tracker, or created by you gaming session“can’t be seen” by other remote players, which means the port on the router is not forwarded. The problem is aggravated if the router is not in your home and does not belong to you, but to the provider. This often happens to users of dedicated broadband access via Ethernet, when only a cable is installed into the apartment, and the router is reliably protected from unauthorized entry. In this case, the issue of how to forward the port is resolved directly with your provider.

What is NAT and how does it interfere?

Figure 2. When connected to the network through a router, the computer is under the NAT of the router.

For those who have their own router, for example, ADSL broadband users, it will be useful to learn how to forward a port on the router. But first, let's find out why direct access to the local grid from the outside is impossible without this procedure. The fact is that almost all user routers operate based on NAT technology - this is a special network mechanism that serves to convert the IP addresses of data packets transiting through firewall or router.

Thanks to it, separation is made global network into two independent segments, each with its own address space: external (“public”) and internal (“private”), located under NAT. The “local area” created using a router is an internal network where each computer can be assigned its own unique IP, and this will not cause conflicts or a lack of addresses in the external network, since the external and internal address spaces are independent of each other.

From the outside, the entire local area will be visible under one single public IP assigned to a specific router. Accordingly, the internal address space will not be visible from the outside, and all the private addresses that the user has assigned to computers in his personal network will simply not exist for external users - only the router “knows” about them. (FIG. 1)

Why is port forwarding necessary?

Routing technologies with using NAT great for solving most daily tasks ordinary Internet users.

Figure 3. In order to enter the router configuration menu, you need to start it and connect it to your computer.

When one of the local network computers needs access to a server on the Internet (for example, to load a web page in a browser), at its request, the router connects to the server using its external IP, then receives and redirects the necessary data to the internal address to the computer that requested it . From the server side, this computer conditionally “does not exist”, since it is under the NAT of the router, and the server can only “communicate” with the router itself via its public IP. (FIG. 2)

This mechanism is widely used by Internet providers because it has many advantages:

1. Saving address space. Thanks to NAT, there is no need to give each user a unique external address; it is enough to create your own internal network and freely manage the private address space, using only one or several public IPs to access the outside world.
2. Increased security. All computers on the local network are protected from detection and use from " global web" The connection is initiated only from within. A public address can receive data from a private one only as part of the broadcast it initiates.
3. Ability to manage addresses and ports, perform port-address translations, etc.

https://site/

However, in some cases, the main advantage of this mechanism is invisibility and inaccessibility internal computers from the outside - turns into a serious obstacle. To fully operate in a peer-to-peer network or in server mode, it is necessary that any user from the Internet can freely connect to the computer. Is it possible to do this if the computer is behind the router, that is, on its private network, and NAT hides it from detection? This is precisely why port forwarding is configured on the router.

How port forwarding works

Figure 4. After completing the virtual server setup, the router needs to be rebooted.

The essence of the technology is that the router redirects the data flow for specific TCP/IP ports from its public address to a private address specific device in "local". Simply put, to gain access from outside to internal address, just contact the external IP of the router to one of the specified ports corresponding to the desired private address.

To do this, you need to enter a table of correspondences between certain ports and addresses so that he “knows” what traffic to send to which computer. Such a “table” in many routers is called a “Virtual Server”, because the server is physically created on an internal node, but is accessible from the outside via public IP and specific number port.

There are two ways to forward ports: automatically (when UPnP help) and manually. During the forwarding procedure, you must manually select port numbers for each address that should be accessible from the Internet. These numbers, along with the public IP of the router, are then reported to the client program on the other side of the connection. The router, having received a request to its address on the corresponding TCP/IP port, redirects the data directly to the device that is assigned to this port. At the same time, the private IP still remains invisible, and no other client number savvy port, it will not hit it.

How to forward a port on a router?

Let's look at an example of how to forward a port on a router D-Link any models with firmware 1.4.X or later. This procedure is not much different for different manufacturers and on various models, That's why this instruction It is quite suitable for any modern router with a web interface.

Figure 5. Router settings allow you to set both one and several ports.

First you need to enter the router configuration menu. To do this, it must be running and connected to the computer. In the line of any Internet browser, enter the internal IP of the router, under which it is visible in the private local network. In our case it is 192.168.0.1. In the authorization window, in the “username” and “password” lines, enter the same word: admin. First of all, let's look at automatic forwarding using a wizard. Having entered the menu, look for the link “Virtual Server Setup Wizard” and click on it. (FIG. 3)

On the configuration page that opens, we see several fields. In the “Template” field you can select one of the built-in templates. Below you can enter any convenient name. Next, we need to select the interface with which our virtual server will be connected. Then enter the private address of the local network node for which ports will be opened, and the remote public address to which access will be allowed. If the Remote IP field is left blank, access will be open to everyone. Save the settings and reboot the router. (FIG. 4)

https://site/

To install the server manually, you need to go to the advanced settings and select “Virtual servers”, on the page that opens, click “Add”. In addition to the already known previous method fields, we see 4 new ones: external and internal start/end ports. Data flow from external port is redirected via the internal port to the private address specified in the “Internal IP” field. You can specify a whole range of ports using the start and end numbers. If you need to use only one port, fill in the “start” field and leave “end” empty. The port number can be any number from 0 to 65535, values ​​above 49152 are recommended. (FIG. 5)

Good day everyone!

When exchanging files with other computers on the Internet, in various network games, when using instant messengers (Skype for example) - an error related to NAT can often occur (approx. : network address translation) .

It is also not uncommon for a program (or game) to not connect to other users on the Internet at all. (for example, no one can download anything from uTorrent, the game does not connect to the server, Skype refuses to connect, etc.). All this happens because no one is on the router didn't forward the ports (note: forward = means open) .

The essence of "forwarding" is that access is granted to some program on specific computer to connect to it from the Internet (by default, this is disabled in all routers for security reasons).

Actually, in this article I will try step by step to accessible language lay out what needs to be done. I hope the instructions will help you deal with this “problem”...

Port forwarding // step by step

1) Enter the router settings

It is logical that the first necessary action is to enter the router settings. Most often, it is enough to type the address in any browser http://192.168.0.1/(or http://192.168.1.1/) and press Enter.

Use as login and password admin(or fill in the login field and do not enter a password at all).

If suddenly the IP address does not work, but you have a network and it’s working, then try opening command line and enter ipconfig. Among the heap of parameters that appear, you should see the line "Main gate" - this is the IP address of the router settings.

ADDITION!

If you still cannot enter the router settings, use the recommendations from this article:

2) Assign the computer a permanent local IP address

Every time you turn on your computer or laptop, after connecting to the router, it receives its IP address on the local network (i.e., the home local network that the router organizes). For example, your laptop may have an address of 192.168.0.101, and your computer may have an address of 192.168.0.102.

This address is local (internal) and it can change (unless specifically configured)! Those. today your computer had IP 192.168.0.102, and tomorrow it was 192.168.0.101. And for port forwarding, it needs to be constant and not change over time.

To do this in routers, as a rule, you need to know the MAC address network adapter, through which you connect to it. For example, in laptops - this is usually - wireless adapter, in computers - Ethernet.

You can also find out the MAC address in the command line - command ipconfig/all will show the physical address of the device (this is the MAC address). See screenshot below.

Actually, then in the local network settings in the router (where the binding of a specific static IP to MAC is set), specify your local IP address and the MAC address of the network adapter. Thus, even after shutting down your PC (rebooting), etc. - your IP will be permanent (i.e. in our example, 192.168.0.102, i.e. the router, in fact, will assign it to you and will not give it to any other device!).

(Each router has its own firmware, and the layout and location of the buttons can vary significantly. Below are two photos of the Tenda and ASUS router settings)

Static IP address (clickable)

3) Open the port for the desired program

Now all that remains is to open the port for a specific program. But first, one small question...

Some people have a question about which port to open.

For example, in uTorrent the port can be found in the connection settings (see screenshot below).

In my case, 16360 (but it can be changed). Browsers use port 80, Skype - like uTorrent, you can see in the settings (and change if necessary).

Typically, the ports (that need to be opened) are specified in a help file, in the application settings, or simply in an error that will tell you about NAT problems!

As for some games, this point needs to be clarified in technical specifications games, or from the developers (also possible on thematic forums).

Let's continue...

In the router settings in the section for setting Internet parameters (often the WAN section), you can set port forwarding ( Port Forwarding). In the Tenda router this is the section "Extra options" .

It is enough to specify the internal local IP address (which we tied to the MAC address in the previous step of this article), and the port you want to open. Please note that you may also need to specify TCP protocol or UDP (if you don’t know which one to open, open both).

A couple of screenshots are presented below (for ASUS and Tenda routers).

Actually, the ports are forwarded. You can save settings and use programs - everything should work...

4) A few words about the DMZ host

We did everything that is written above only for one or two ports. Imagine if you need to open all ports?! For example, this is often needed to create game server, for organizing video surveillance and other situations.

To do this, all modern routers have special function DMZ host. By turning it on and specifying the desired local IP address on your network, you open all ports on this computer. An example of settings is shown in the screenshot below.

Enable DMZ host / Also enable UPnP

I note that this should only be done when necessary. Still, in such a quick and simple way, you open up your entire PC for access from the Internet (which is not very good in terms of security).

And that’s all I have on the topic of the question for now.

Additions are welcome...

Happy setup!