What is Port Forwarding and How to Port Forward in 2024
Accessing any information you want online while maintaining your anonymity and connection speed may seem like a relatively simple request. You should be able to easily play video games with your friends, access your desktop from afar, and check your bank accounts in privacy.
Unfortunately, these tasks aren't always quite so easy in practice. Hackers, government agencies, and cybercriminals may be able to read and to track your every move with certain online indicators.
At the same time, some systems might bar you from running the servers you want, throttle your connection speeds, or prevent you from accessing certain information when outside your local network.
Port forwarding can help solve these and other problems. It can give you more control over your devices and servers so you can set them up to suit your preferences.
However, port forwarding does involve certain risks and is most effective when paired with other high-tech systems.
Below, we explain the basics of port forwarding. We go over why, when, and how to use it, and how to port forward with a VPN.
How Do Internet Ports Work?
To fully understand how port forwarding works, you first need to comprehend what an online port is. Basically, the internet uses various labels to direct online traffic to the right destination. A port is one of these markers.
Specifically, a port number describes the exact internet service you want to use.
For example, Port 80 accesses HTML information, such as web pages that begin with "http." Port 17 accesses the Quote of the Day, and Port 25 accesses email. There are actually 65,000 ports to choose from on the internet.
Once a port is assigned a function, it doesn't usually change. In this way, ports are kind of like television or radio channels. No matter what television set or radio you access the channel from, you tune it to the same number.
So, how do you use these ports? When you go online, you have two different IP (Internet Protocol) addresses: a public IP address and a private IP address.
Almost anyone who's tech-savvy enough to look can find your public IP address. Your ISP (Internet Service Provider) gives you this IP address. Your public IP address directly sends and receives information from other public IP addresses on the internet.
Other users can try to connect with you at this address, and depending on how you browse the internet, some people may be able to see your online activity by seeing which websites your public IP address has interacted with.
As its name suggests, your private IP address typically isn't available to the public. Your router uses it to direct traffic to and from your specific computer within your local network.
Unlike your public IP address, your private IP address alone cannot usually successfully connect with other websites or devices online. Your private IP address sends its requests through your public IP address to get information.
While your tablet, desktop, and PC computer would all have the same public IP address, each device would have its own private IP address. Usually, your private IP address consists of your public IP address with one or more digits added at the end.
So, your public IP address is your network's widely-available identifier, your private IP address is the unique number associated with a specific device on your network, and the port is the number that tells your router which specific internet service you want to connect with.
How Your Network Works
Essentially, your router serves as a protective middle layer between your device and the internet.
Your private IP address sends requests to your router, which then transmits them to the correct port. Your router also receives the responses to your internet requests, then sends the information it receives back to your private IP address.
In addition, many routers automatically put up firewalls to filter what they consider to be dangerous traffic and block certain ports in order to protect the devices they connect with.
This means that certain requests may get stuck at the router level, never transmitting information between your specific device and the internet service you requested data form.
Specifically, what tends to happen is that your router just doesn't let some outside internet requests access your device. This means you might not be able to use certain internet features and services, such as online gaming, remote desktop control, and more.
In addition, in some cases, this routing process may slow down your connection speed, prevent you from backing up your files as easily, and make your browsing history more public.
With port forwarding, you can take control of how your network directs information to and from your devices.
Port Forwarding 101
As we explained above, the default way most computer networks are set up can be somewhat limiting.
If you want to access your at-home desktop while you're traveling abroad, play video games with your friends, or browse the web more anonymously, you might not love the way your network is configured.
Fortunately, you can change it with port forwarding. This technique basically tells your router to always accept requests for specific ports and forward them on to your specific device's private IP address.
By specifying to your router that traffic to certain ports is okay to pass through, you basically give any internet traffic to your public IP address on those ports a direct pathway to a particular device inside your network.
The port number you've identified as safe to pass traffic on from becomes a sort of key into your private IP address. If services, users, or other IP addresses know and use the right port code, they can get directly into your device.
It would be similar to telling your doorman that you want him to always deliver packages with red bows to your front door, rather than leaving them in your mailbox or even potentially throwing them out as suspicious. Your friends who know that you have this system set up can send you letters and gifts with red bows if they want to make sure you receive them.
Of course, the logistics of port forwarding (which we'll guide you through below) are a bit more complicated. However, the basic concept is quite simple: you tell your router to let certain internet traffic go directly to your device if it has the right port number attached to it.
What to Use Port Forwarding For
Since port forwarding fundamentally changes the way that your network interacts with online requests, it offers many benefits and uses. You can utilize port forwarding to:
- Connect to video game servers.
One of the most common reasons users want to enable port forwarding is so they can play their favorite online video games. Sometimes, routers will block internet traffic from gaming servers, since they see these connections as potentially unsafe. Similarly, if gamers set up their own private servers so they can play with their friends, their routers might not recognize the port numbers these servers are attached to. Port forwarding can help you and your friends connect to your favorite servers and enjoy playing together. - Host servers and applications for the world to view and use.
More tech-savvy users may want to set up servers and applications for their friends, family, or even internet users at large to enjoy. However, if these are linked to unfamiliar ports, your hard work might never make it past their protective routers. Port forwarding can teach routers that allowing others to visit these pages and services is safe and should be allowed. - Improve your connection speed.
As we described above, your router usually sorts out internet traffic to determine which requests are "safe" to send on to your device's private IP address. In addition to being potentially error-prone and unnecessarily restrictive, the router's methods can take time. By setting up port forwarding, you can immediately direct online traffic to your device, speeding up your connection. This may be especially helpful for heavy bandwidth online activity, such as gaming, streaming, torrenting, or running complex applications. - Protect your online privacy.
The forwarding aspect of port forwarding can also be useful if you want to protect your sensitive information online. By requiring online traffic to have the right key before it can be sent to your private IP address, you can make sure that only those with both your public IP address and your port number can access your device. In addition, when paired with other techniques, port forwarding may be able to relay internet requests sent to an IP address and port to a different IP address. Setting up this kind of system could help mask your true IP address online, so you can browse more anonymously. - Virtually access your desktop.
If you want to use a virtual machine and host your desktop on the cloud, you may need to set up port forwarding so that you can pull your information up on whatever device you choose to access it from. With port forwarding, you can retrieve your virtual desktop from whatever private IP address stores it without your router interfering. - Back up your files.
It's a good idea to save copies of your most important files in a few different online locations. Of course, once you have these backups in place, you'll also need to be able to securely access them, ideally from any device, anywhere. By setting up port forwarding and storing a backup at your private IP address, you can make sure that you can retrieve your most important data from wherever you are, as long as you know your public IP address and the proper port number. - Connect with your VPN (Virtual Private Network) from afar.
If you have a VPN installed on your router at home, you may have trouble accessing its features remotely. Port forwarding can help you enjoy all the speed, privacy, and security features of your VPN while you're out of the house by providing a fast, safe connection to your private IP address.
These are just a few of the most popular applications of port forwarding. Given this network procedure's value and versatility, there are probably many more ways to use it.
Port Forwarding and Cybersecurity
Port forwarding can have both positive and negative effects on your cybersecurity. On the plus side, as we've discussed above, it can help maintain your safety online by only providing your private IP address information to internet users with the right port "key."
When combined with other systems, it may also help hide your public IP address from government agencies, cybercriminals, and others who might want to spy on your activity.
In addition, port forwarding may help safeguard you against Distributed Denial of Service (DDoS) attacks. During a DDoS attack, hackers flood servers with online traffic to get them to crash.
This type of cybercrime is more difficult to execute on the ports for which you've set up port forwarding, since attackers would have to know not just your public IP address, but the correct port number, as well.
However, port forwarding comes with some potential cybersecurity risks. Setting up port forwarding provides an entry point into your private IP address and device information from the broader internet.
While unlikely, it's technically possible that someone untrustworthy could figure out your port forwarding protocol. From this point, a knowledgable hacker might be able to use your public IP address and the right port number to get into your computer, spy on you, and steal your information.
Furthermore, some port forwarding setups involve encrypting the data packets sent through port forwarding with Secure Shell (SSH) or other protocols, but this is not always a requirement.
If your information isn't encrypted, it may be easier to trace, especially once you've exposed the port by setting up port forwarding.
The port forwarding protocol Universal Plug and Play (UPnP) is easy to set up and lets devices automatically configure port forwarding, but using this technique could put your devices in even more danger than regular port forwarding. Using UPnP could expose your computer to malware or other cyber attacks.
In addition, as an automated system, UPnP might not always set up port forwarding with the proper security measures in place, creating even more cybersecurity problems.
In sum, port forwarding has both pros and cons when it comes to cybersecurity. Since it is a network configuration approach, how safe it truly depends on how you use it and what other strategies you combine it with.
For instance, utilizing only UPnP might be insecure, but combining manual port forwarding with a secure option like a VPN would usually be quite safe.
Port Forwarding vs a VPN
VPNs and port forwarding are often discussed together since both affect the way your network operates.
They share similarities in the ability to manage internet traffic based on your preferences and in enabling remote access to online data. Beyond these points, however, the parallels largely end.
Port forwarding modifies just one aspect of how your network and router work. It allows internet data from a particular type of service to flow to and from your private IP address on a single device by opening up a specific port on your router. This is a potentially very useful but relatively narrow adjustment.
In contrast, VPNs rework the way your network operates on multiple levels. First of all, a VPN transports information through a sophisticated process called tunneling.
Sometimes, people refer to port forwarding and tunneling interchangeably, but they are not the same.
Port forwarding adjusts the port settings on your router so that it sends traffic directly from the internet to your device. Tunneling, however, is much more complex. It involves two steps: encapsulation and encryption.
When transmitting information, the VPN wraps it in layers of additional data, masking it so it's more difficult for potential hackers to identify and read. This is encapsulation.
The VPN also encrypts the information, translating it into a special code that can only be deciphered once it reaches its proper destination.
Furthermore, while port forwarding conducts a specific type of internet traffic (with the right port number) to a particular location (your device's private IP address), a VPN completely reroutes online information to protect your public IP address.
When you go online with a VPN, your requests go first to a separate VPN server, which is often in a different country. This VPN server then gets the internet information you want and relays it back to you.
This helps keep your IP address secure and prevents your ISP from snooping on your activity. All your ISP can see is that you've contacted a VPN, and all the sites you use can see is that a VPN has accessed them.
Furthermore, routing your internet activity through the VPN's server can allow you to access geo-restricted content, find lower prices on airfare, and enjoy many other benefits.
For additional security, many VPN providers also have no-logs policies, meaning they don't keep records of your activity with their services.
They also often include kill switches, which cut off all internet connection if the VPN drops out. This prevents your IP address or other sensitive information from being exposed if the VPN disconnects.
Port forwarding is just one facet of a possible network setup, while a VPN provides a comprehensive network configuration, optimized for privacy, security, access, and anonymity.
Port Forwarding with a VPN
While they are notably different from each other, port forwarding and VPNs do have some overlap. In fact, they can even be combined.
Firstly, you may be able to use port forwarding, among other strategies, to create and manage your very own VPN.
However, this would take great technical skill, time, and effort to accomplish successfully, so we don't necessarily encourage you to try, especially when there are great VPN providers who've already done the work for you.
In addition, if you have a VPN installed directly onto your router, you can use port forwarding to access your VPN while you're not within your local network.
High-performing ExpressVPN provides a guide on how to do so.
Finally, and most conveniently, many VPNs include port forwarding as one of their features. Just as with a regular network, port forwarding can help a VPN more easily access certain sites that its routers or firewalls might intercept.
VPN providers that utilize port forwarding recognize the speed, accessibility, and other advantages this technique provides, so they integrate it with their other offerings.
In many ways, port forwarding is best used as part of a VPN. The VPN provider usually carefully monitors it to ensure that users enjoy everything it has to offer without the security risks it sometimes presents.
Editor's Note: Transparency is one of our core values at vpnMentor, so you should know we are in the same ownership group as ExpressVPN. However, this does not affect our review process.
Step-By-Step Guides to Setting up Port Forwarding
Port forwarding is highly adaptable, and how effective it is largely depends on how you set it up.
Based on the specific aspects of your device, your local network connection, the services you wish to access, and other factors, there are virtually limitless ways to configure port forwarding.
Below, we cover three general ways you can go about implementing port forwarding on your network.
Port Forwarding with UPnP
Setting up port forwarding with the automatic UPnP protocol is simple, but potentially quite unsafe.
We would only recommend you use UPnP if you don't have sensitive information on the device you're configuring it for, or you're not concerned about your cybersecurity for whatever reason.
To set up port forwarding with UPnP, you can:
- Sign in to Google Fiber.
- Click on the "Network" button.
- Choose "Advanced," and click on "Ports."
- Switch "Universal Plug and Play" On (it will be set to Off by default).
- Click "Apply" to save your new preferences.
- Adjust your manual and automatic port forwarding rules and settings from the list that follows.
You can go back into these settings and disable UPnP at any time.
Manual Port Forwarding
Setting up port forwarding manually is typically a better option overall than using UPnP, but it requires the most complex setup of our three choices.
These steps may vary based on your specific device, router, and preferences, but generally, to manually configure port forwarding, you'll need to:
- Make sure your device has a static IP address. If your IP address is dynamic, or changes from time to time, this will mess up your port forwarding configuration.
- Log in to your router.
- Find the port forwarding tab. The label for this particular information may be different depending on the make, model, and type of router you're working with.
- Input the port(s) you want to forward traffic with, along with the protocol you'd like to use to do so.
- Enter your static IP address.
- If applicable, click the "Enable" button or box, then save your updated settings.
Since manual port forwarding is complicated and variable, the above is a very simplified version of the steps needed to implement it.
Before starting, we suggest that you look up guides specifically designed to help you implement port forwarding on those particular devices.
Port Forwarding with a VPN
Using a VPN to serve your port forwarding needs is ideal. Your VPN provider makes sure your port forwarding system is secure, plus it offers a host of other features you'll likely appreciate.
Premium services, like PrivateVPN, offer port forwarding.
To use port forwarding with a VPN, all you'll need to do is:
- Ensure your VPN provider offers port forwarding. Many do, but some don't, so you'll want to check.
- Pay for and download your chosen VPN service. (If you don't want to spend money on your VPN, there are some free providers, but you'll want to make sure they're trustworthy and high-quality. We advise choosing from our list of the top seven free VPN services.)
- Open your VPN's settings.
- Turn on port forwarding, if this is not the default.
- Follow the VPN's directions for implementing port forwarding. The VPN itself may provide manual or automated (UPnP) port forwarding.
Most VPNs (and definitely those on our "best of" lists, such as PrivateVPN) offer intuitive interfaces and detailed guides to help you adjust their features. They also tend to offer helpful customer support, user forums, and FAQs.
For these reasons, setting up a VPN with port forwarding is probably just as easy, if not easier, than configuring UPnP for your device - plus, it's much safer and offers many more benefits.
General Suggestions for Port Forwarding
Whichever strategy you decide to use when setting up port forwarding on your network, we advise you to:
- Research your options thoroughly so you know how port forwarding will affect your online activity, security, and privacy.
- Consider your purposes for using port forwarding. This way, you can make sure the setup you choose truly serves your needs and preferences.
- Read guides (like this one!) and watch video tutorials so you know the proper procedure for configuring port forwarding.
- Have a backup plan in place, just in case something goes wrong when you try to set up and run port forwarding.
- Monitor your port forwarding activity after you've set it up to ensure it's working the way you want it to. Especially if you choose a non-VPN port forwarding option, we recommend that you monitor your cybersecurity very closely. Keeping an eye out for potential threats may help you minimize the dangers of cyber crimes.
By following the above recommendations, you can enjoy all the merits of port forwarding without suffering any of its possible downsides.
Further Reading
Do you want to learn more about cybersecurity, VPNs, and the latest strategies for putting you in charge of your network? We suggest you read the following articles:
- 5 Best VPNs for Gaming - Which is the Fastest?
- 4 Super Easy & Fast Ways to (REALLY) Hide Your IP
- How to Choose the Best VPN - 8 Tips for VPN Beginners
- Best VPN Services Reviewed & Compared | Is Yours Safe?
Your data is exposed to the websites you visit!
Your IP Address:
Your Location:
Your Internet Provider:
The information above can be used to track you, target you for ads, and monitor what you do online.
VPNs can help you hide this information from websites so that you are protected at all times. We recommend ExpressVPN — the #1 VPN out of over 350 providers we've tested. It has military-grade encryption and privacy features that will ensure your digital security, plus — it's currently offering 61% off.
Please, comment on how to improve this article. Your feedback matters!