TechSpot

Port forwarding

By jobeard
Aug 4, 2012
Topic Status:
Not open for further replies.
  1. How to setup Portforward(ing) in three steps.

    (I) First, the system to receive this data must always be at the same IP address on your LAN.
    There are two ways to do this:

    a) use your router to RESERVE an address specifically for that system​
    b) manually set all the TCP fields (not recommended, too easy to get it wrong and then too it's easy to forget that you did it).​


    (II) Once you have a fixed IP address for your system, you can then add the Portforward.

    (III) The system receiving the data from the portforward needs to have the FIREWALL allow inbound traffic

    To implement (I.a), you need to have the MAC address for the target system NIC,
    and you get that by getting a command prompt and entering: IPCONFIG /ALL
    It will show you something like:
    Code:
    Ethernet adapter Local Area Connection:
     
      Connection-specific DNS Suffix  . : socal.rr.com
      Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
      [color="BLUE"]Physical Address. . . . . . . . . : AA-BB-CC-DD-EE-FF[/color]
      DHCP Enabled. . . . . . . . . . . : Yes
      Autoconfiguration Enabled . . . . : Yes
      IPv4 Address. . . . . . . . . . . : [color="red"]192.168.0.5(Preferred)[/color]
      Subnet Mask . . . . . . . . . . . : 255.255.255.0
      Lease Obtained. . . . . . . . . . : Friday, August 03, 2012 3:42:03 PM
      Lease Expires . . . . . . . . . . : Tuesday, September 10, 2148 1:53:49 PM
      Default Gateway . . . . . . . . . : 192.168.0.1
      DHCP Server . . . . . . . . . . . : 192.168.0.1
     
      DNS Servers . . . . . . . . . . . : 216.116.96.2
                                          216.52.254.1
                                          209.18.47.61
      NetBIOS over Tcpip. . . . . . . . : Enabled
    
    You need the Physical Address for the portforwarding setup.

    Now use your browser to access your router configuration;
    You need the Router Address, USER/PWD and Physical Address above.
    The Router Address is shown above as the Default Gateway.
    The USER/PWD is specific to every brand of router; try this link to find it.
    http://www.routerpasswords.com/

    You will need to hunt and peck about the tabs or links to find the page
    you need. On my Netgear, reservations are on the Lan IP Setup page.

    There are two required entries for an address reservation,
    the IP Address to be given to the specific MAC Address.

    Note: The address you are assigning should be within the DHCP Range.
    On my Netgear, I've set the DHCP to 192.168.0.2 thru 192.168.0.32.
    My Laptop has the association of 192.168.0.5 -> AA-BB-CC-DD-EE-FF
    Once you've entered the data, be sure to SAVE it. If this reservation is
    for the same system you are performing this setup on, you may see the browser disconnect,
    so you will need to login again.

    Now we can address (II) Portforwarding.
    Find the proper page in your router.
    The task is to forward Port X(-thru-Y) to your Reserved Address from above.
    My Netgear portforwards a range of ports X-Y so if I need only one, then make X=Y.
    Be sure to [x] ENABLE the settings you create and SAVE the page when you are done.

    (btw: HIGHLY recommend you change the default router password before you exit.
    Perhaps something like GW-yourPcPWD).

    SAVE (and or RESTART your router).

    To verify that {I} has taken effect, disconnect the server system from the router,
    wait 30 seconds and reconnect. You should see that 192.168.0.5 -> AA-BB-CC-DD-EE-FF has forced
    this systems IP address to what you wanted.

    The setup for (III) is dependent upon the firewall you are using.
    The concept is to:

    ALLOW IN/OUT TCP/UDP From ANY Local Port X-Y


    Now start the program that needs this port forwarded data.

    To test that the portforward is correct, go to WWW.GRC.COM
    (Home->Services->ShieldsUP! click proceed)
    Just above User Specificed Custom Port Probe there is an input field:
    enter the PORT NUMBER of your router portforward setp and click
    User Specificed Custom Port Probe

    If you have setup the firewall and portforwarding correctly,
    then this test will show FAILED Status OPEN.
    [from a security standpoint, GRC is saying SECURITY FAILED as the port is OPEN,
    but that is the whole point of what YOU wanted to do:) ]
    boybrushdred likes this.
  2. boybrushdred

    boybrushdred TS Member Posts: 26

    Good day. I've read that port forwarding can improve online gaming and downloads. So I looked up portforward.com and searched for port forwards for specific programs. I'm using a Dlink DIR-300 router that is flashed with DD-WRT. I've already set up static IPs for my main PC and PS3 using the router interface.

    The thing that's confusing me is that there are ports that are needed to be forwarded on both PS3 and PC. For example, on PS3, PlayStation Network need ports 3478-3479. At the same time, my PC need port 3478 for steam client, and 3478-4380 for Team Fortress 2. How will I setup forwarding for those ports?

    Here is the screenshot of my port forwards for my PS3 and PC. As you can see there are a number of duplicate entries. Can you help with correct entries?
    [​IMG]
    thanks
  3. jobeard

    jobeard TS Ambassador Topic Starter Posts: 13,403   +314

    Consider this network:
    Code:
    isp==modem---router---{xbox/PS3}
                    |
                    +---- PC
    the router has NAT and (for this discussion) is the source.
    the PC, Xbox or PS3 are the target devices (ie they need the data on the port(s) in question.

    SO: the portforwarding is done on only the ROUTER and targets the PC, Xbox or PS3 device addresses (all fixed).
    The PC, Xbox & PS3 never need portforwarding unless you try a network like this:
    Code:
    isp==modem---router---- PC---{xbox/PS3}
    Portforwarding is done on a PER APPLICATION basis: If an application uses a range of ports,
    then we can PF x->y in one line on the router. If it also needs x->y + z not in that range (oh goodie :( ),
    then the Z port must be added separately.

    If you have multiple application, then obviously you need multiple portforwards.

    Lastly, applications that are on specific devices (targets) must use that device's static ip address.
  4. boybrushdred

    boybrushdred TS Member Posts: 26

    Ok. So I still got a couple of questions.
    1. If a game on the PS3 requires port 3478, and then a game on the PC requires the same port 3478, how do you set port forwards for those?

    2. And I have a port range forward entry for port 27000~27050 for PC. And then another application on PC requires a single port forward for 27015. Do I still have to enter 27015? Or is it already covered by the previous range forward entry of 27000~27050?

    I'm a noob at this stuff so forgive me because I still can't get the hang of it but I really like to improve my ping for online gaming and also improve download speeds.
  5. jobeard

    jobeard TS Ambassador Topic Starter Posts: 13,403   +314

    1-2 are the same question - - how can I resolve the issue that two systems need the same port?
    This is a user choice - - you can have one or the other but not both at the same time.

    The easiest solution is to move both applications to the same device and then just use the applications one at a time.
    If that is not possible, then that's life - - make a choice.

    NONE of this will improve your PING and frankly, there's nothing anyone can
    do to improve it - - it is a function of how many nodes on the internet you traverse to get to your gaming host.
    You can see this using a command prompt and entering tracert gamingHost.domain-name.

    @boybrushdred: your questions were generic to the problem of portforwarding and thus I elected to answer them here.
    I will not answer further question on the subject as I feel that this thread is sufficiently complete.
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.