Port Forwarding Guide

What Is Port Forwarding?

Port forwarding tells your router to send incoming traffic on a specific port to a specific device on your local network. Without it, NAT blocks all unsolicited inbound connections.

Why You Need It

Your router's NAT (Network Address Translation) protects your network by blocking incoming connections that weren't initiated by an internal device. But sometimes you want to allow external access:

• Game servers — Host multiplayer games for friends
• Remote access — Connect to your home computer via SSH or RDP
• Security cameras — View cameras from outside your network
• Web servers — Host a website from home
• Media servers — Access Plex or Jellyfin remotely

How to Set Up Port Forwarding

Step 1: Assign a Static IP

Give the target device a fixed IP address so the forwarding rule always points to the right device:

• Router admin → DHCP → DHCP Reservation / Address Reservation
• Add the device's MAC address and desired IP (e.g., 192.168.1.50)

Step 2: Create the Forwarding Rule

In your router's admin panel, find Port Forwarding (may be under NAT, Firewall, or Advanced):

Step 3: Test the Rule

From an external network (not your home Wi-Fi), try connecting to your public IP on the forwarded port. You can use online port checker tools to verify the port is open.

Common Ports to Forward

Security Considerations

Port forwarding exposes services to the internet. Follow these practices:

• Only forward ports you actively need — Close ports when not in use
• Use non-standard ports — Forward external port 2222 to internal port 22 for SSH
• Keep software updated — Exposed services must be patched promptly
• Use strong authentication — SSH keys instead of passwords, strong passwords for all services
• Consider alternatives — VPN access (like Tailscale or WireGuard) is often more secure than port forwarding
• Monitor logs — Watch for unauthorized access attempts