Set Up Port Forwarding on a Router

Port forwarding opens certain ports on your home or small business network, usually blocked from access by your router, to the Internet. Opening specific ports can allow games, servers, BitTorrent clients, and other applications to work through the usual security of your router that otherwise does not permit connections to these ports. Follow this guide to forward the ports you need, regardless of your operating system.

Steps

  1. Enter your router’s IP address in  the address bar of a web browser. This will open your router’s configuration page. For most routers, this will be 192.168.0.1, 192.168.1.1, or 192.168.2.1. However, if you want to figure out the IP, here's how to do it:[1]
    • For Windows: Open the command prompt and enter ipconfig /all. The router’s IP address is usually the same as the Default Gateway.
    • For Mac: Open the terminal and enter netstat -nr.
    • For Linux: Open the terminal and enter route.
  2. Enter your username and password. If you've already configured the security settings for your router, enter the username and password you chose then. If not, here are some of the most common default logins:[2]
    • On Linksys routers, type "admin" for both the username and the password.
    • On Netgear routers, type "admin" for the username and "password" for the password.
    • On other routers, try leaving the username empty and entering "admin" for the password.
    • You can visit sites such as RouterPasswords.com and enter in your router’s model to find the default password.
    • If you've forgotten your login information, you can press the reset button on your router to reset it to factory defaults. You can then look up the factory default settings online.
  3. Find the Port Forwarding section. Each router will be slightly different. Common labels are Port Forwarding, Applications, Gaming, Virtual Servers. If you don't see one of these or something similar, try Advanced Settings and look for a Port Forwarding subsection.
  4. Find a pre-configured entry. Many routers will have a dropdown menu with preconfigured options for well-known applications. If you need to open ports for one of these applications, select it from the list.
  5. Create a custom entry. If the program you want to add is not listed, you will need to create a custom port forwarding entry. Each router will have a slightly different way of doing this, although the required information is the same for any router:
    • Enter a name for the service. Name it something related to the program so that you know what the entry is for.
    • Choose the service type. This can be TCP, UDP, or both. The service type depends on what program you are unblocking. If you are unsure, select the TCP/UPD option.
    • Select the ports you wish to use. If you only want one port open, enter the same number in Start and End. If you wish to open a range of ports (say 5), you might type 3784 in Start and 3788 in End.
    • Select the internal IP address to assign the port forwarding to. This is the IP address of the computer running the application that you are unblocking. Check out the guides for PC or Mac to find your internal IP.
  6. Save your settings. You may have an Apply button instead of Save. You might need to restart your router for them to take effect.

Tips

  • Every time your router is turned on or off, your computer may be assigned a different IP address. If this happens, go to your routers "webpage" / admin console and change the information in port forwarding. To prevent this, set up a static IP address.
  • Make sure you type all numbers correctly. A wrong port will cause the program to not work properly, so double check everything.
  • Find out what ports (TCP or UDP) ports your specific game or software needs. In some cases, both TCP and UDP port numbers will be needed.
    • The ports to forward for BitTorrent are TCP ports 881-6889.
    • If you are port forwarding PS3 or Xbox 360 games using the manual method, the ports to forward are usually 5223 and/or 3074.
  • Understand what kind of public IP address your ISP assigns. Having a static IP address (a public, external IP address that does not change) is helpful but not required. Most broadband ISPs assign dynamic IP addresses to their subscribers that periodically change.

    If you run certain servers (such as remote access or Web servers) from a dynamic IP address and will be port forwarding on a long-term basis, consider signing up for a service that will give you a domain name for your Internet connection if you run their software.
  • Some routers (such as D-Link's) have a "trigger port" feature that can allow some games to work without changing the IP address. This feature works by monitoring the game's outbound connections and automatically setting up the specific port forwarding rule to the game's IP address. The trigger port feature usually needs to be manually enabled in the router's home page (located at the gateway IP).
  • Recognize that your computer's IP address and your connection's IP address are different. The two are different because of the NAT security built into your router, which allows multiple computers to use the same connection. The IP of your computer, considered private, often begins with 192.168. The IP of the Internet connection, an external or public address, begins with different numbers. If your computer's IP address is outside the private IP range, it is generally not connected though a router and it is not necessary to port forward.
  • If you are port forwarding PS3 or Xbox games using the Automatic method, scroll down the "Application name" box until you reach the game names that begin with "PS3" or "Xbox" respectively. If the game you wish to port forward is not on the list, click "Tools > Update application list from Web". The latest games, such as Call of Duty Modern Warfare 2 which is not usually included with the download, are added to the list. It is possible that the user hosting the private match and the user joining the private match will both need to port forward.
  • Disable all desktop firewalls if you have problems. The firewalls of Norton Internet Security and similar products can be especially problematic and the Windows Firewall should be used instead.
  • Port forwarding can only forward a specific port to one computer at a time. If you want to forward the same port to another computer, you need to delete the forwarding instruction or "rule" from the router first.
  • Sometimes you can plug the cable from your modem directly into your computer to bypass the router, but your other computers will lose the connection. Also this sometimes does not work, especially for some cable companies and almost all DSL providers.
  • Look in your router's manual for details on accessing the control panel, and how to set up the forwarder specific to your model.

Warnings

  • Be sure that you do not open all ports on your router. This allows hackers access to your computer.
  • If you forward every port (not just those that your game uses) or bypass your router, do not turn off your computer's desktop firewall. Microsoft introduced the firewall in Windows XP SP2 for a good reason. Before the firewall, millions of PCs were immediately hacked when first turned on.
  • If your computer is a laptop, and you change the IP address settings, you will need to change back to automatic settings every time you use a hotspot or other Wi-Fi connection outside home, and then return to manual settings later so that port forwarding will work again. Otherwise, your computer will fail to properly connect to hotspots and won't be able to access the Internet.
  • Don't run a home server if you do not have knowledge or experience in computer security. Every day, hackers break into poorly secured servers, using those servers to host their criminal activities. Running a home server also breaches most cable internet service agreements, which are legal and binding contracts.
  • If you find your router has a default password, be sure to set a new one. A default password is a security risk.
  • Always use anti-virus software, anti-spyware, anti-adware, and firewall protection.
  • Your computer cannot accept incoming connections when it is asleep or turned off. Today's computers are usually set to go to sleep when left idle, or in the case of a laptop, also when the lid is closed. If you are hosting a server or running a long download unattended or overnight, you can set up the computer to only turn off the monitor automatically.

Things You'll Need

  • A router
  • Local area network (LAN)
  • Internet connection

Related Articles

Sources and Citations