Search This Blog

Monday, May 31

The Port Forwarding Progression.....

What is port forwarding?

Your router should be some kind of box that your computer is connected to. The box might have a cable TV or phone line coming out of it. It probably has serveral flashing lights on the front of it. The cable that will run from your computer to this box is called a network cable. The ends of this cable look like the ends of a large phone cable. When you find this box, it will probably have a maker and model number on it. If you can't find the make and model number check the stickers on the bottom of the router. Write this information down. We will use it later.
Let's figure out what ports you need to forward. The first place to check is our Common Ports page. Some of the program names will be highlighted in orange. That means the name is a link, and you can click that name for further information. We have written guides for some programs. Go ahead and check the common ports page now for the program you want to forward ports for. If you find a guide for the program you are forward ports for, follow it. After you have completed that guide come back here for further information. If you did not see the program there, you will need to find that information on the internet. Usually the software manufacturer's website is the best place for that information. Sometimes it can be very hard to find out which ports you need forward for a program. Where ever you find the ports you need to forward, be sure to write that information down. There should be a series of ports listed, along with the protocol type of those ports. Usually this protocol type will be TCP or UDP.
Let's goto our Forwarding page. As you can see we have a few routers listed on that page. Go ahead and find your router on that list. If you found a guide for your router on our website, go ahead and click it to open it.
We need to setup a static ip address on the computer you are going to forward ports to. A lot of people struggle with this. Really it's not that tough, so don't worry. The first thing you need to do is to read our Understanding DHCP guide. I'm sorry but I got a little long winded on this one. I still think it is under one page. Now that you know a bit more about dhcp, take a look in the guides we have written for your router. You will probably see a Setting up a Static IP Address with your router guide. Go ahead and follow that guide now. If you can not connect to your router, make sure you are entering your computer's gateway into the web browser. If you are sure that you are entering your computer's gateway into your web browser and it's still giving you a page can not be found, your router is probably setup as bridge. Your computer would be behind your ISP's NAT. You should contact your ISP and ask them for a public ip address. If you can not connect to the internet after following that guide, it is probably because you have the wrong DNS servers. Give your ISP a call and ask them what DNS servers to use. They should be able to tell your right off. If they can't at least you can smile, because at this point you probably know more about networking than they do. Then go back to your TCP/IP configuration and put in the correct dns servers.
Now that you have setup a static ip address, you are ready to forward ports. You can use port forwarding or port triggering to forward ports. Generally you should use port forwarding. Only use port triggering when the software manufacturer provided specific port triggering settings for the program you are forwarding ports for. Never have the same port numbers defined in the port forwarding and port triggering page. Doing that basically screws things up, and neither configuration will work. Also do not put the same port numbers in more than one configuration. Doing that will also prevent those configurations from working properly. I'm not sure why people do that, but I've seen it often enough. Alright go ahead and open up the port forwarding or port triggering guide for your router. Remember those guides can be found on our Forwarding page. Forward all the ports that need to be forwarded for the program you are running. This will probably require setting up multiple configurations in your router. When you are done creating configurations remember to save those settings, and then reboot your router for the settings to take effect.
Alright! The ports should be forwarded. Now we need to make sure that there are no firewalls blocking those ports. Now there are a couple places that ports can be blocked. Your ISP can block ports in their router. Hopefully this is not the case, because there is little we can do about that. If your ISP is blocking the ports required by the program you are forwarding ports for, check the program for a port configuration. Sometimes programs will allow you set the port that it uses. You could then set that program to use some port that is not being blocked by your ISP. How can you tell which port is not being blocked? You can't. You really need to just try different ports, until you find one that works. Your router can have a firewall that is blocking ports from coming into your network. We have written a few guides for router firewalls on our Firewalling page. Take a look there for instructions on how to open ports in your routers firewall. You could have a personal firewall installed on your computer. You need to allow those ports through that firewall. Once again take a look at our Firewalling page. The ports you have forwarded need to be allowed through every personal firewall you have on your computer.
Sometimes things just don't work out. I'll give a couple suggestions here, that will hopefully help you fix any problems you encounter. If everything was done properly above, the ports should be forwarded. That is assuming your ISP is not blocking those ports.

In your router you can DMZ your computer's ip address. Almost every router has a DMZ. The DMZ forwards all ports to the ip address that is specified in the DMZ. DMZs are really easy to setup, you just enter the ip address to forward the ports to. To test ports that are forwarded to your computer, you would enter your computers ip address. If the ports look like they are forwarded after you dmz your computer, you know that the ports were not forwarded properly. Disable the DMZ. Then go take another look at the port forwarding configuration in your router. If the ports are still not forwarded after you dmz your computer, there is probably a software firewall on your computer that is blocking those ports or your isp is blocking the ports. Take a really good look for a software firewall on your computer.

You can also simplify the port forwarding problem, by disabling firewalls. Turn off all firewalls on your computer and then disable the firewall on your router. NAT(Network Address Translation) will act as a pretty good temporary security system. NAT is already enabled if you are forwarding ports. If the ports are forwarded after turning off the firewalls, you know that one of the firewalls was causing the problem. Turn the firewalls on one at a time, to figure out which one was causing the problem. Then open the ports that you forwarded in that firewall.
Well I hope you found this guide helpful. Good luck!

Port forwarding NAT/router/firewall for any VNC flavor

UDP port is not used, if possible don't open unused port by VNC

If your ISP provide you a dynamic IP to you, you need to subscribe to a dynamicDNS service provider supported from your NAT broadband router and put your hostname freshly created and configure it to forward external port to your internal ip address port of your NAT/ broadband router
If your ISP provide you a static IP to you, you need to forward external port to your internal LAN port IP address configure it to your NAT/router.
Single Port Forwarding

Application | External  | Internal | Protocol |   IP Address   | Enable
    vnc0    |   5900    |   5900   |   TCP    |  |  yes
    vnc1    |   5901    |   5900   |   TCP    |  |  yes
    vnc2    |   5902    |   5900   |   TCP    |  |  yes
    vnc3    |   5903    |   5900   |   TCP    |  |  yes
-------------------------------------------------------------------------------------- --> redirected internally to --> redirected internally to --> redirected internally to --> redirected internally to --> redirected internally to

Incoming from WAN to LAN
port 5500 TCP protocol --> ip/hostname --> vncviewer listening
port 5800 TCP protocol --> ip/hostname --> winvnc http VNC server http
port 5900 TCP protocol --> ip/hostname --> winvnc rfb VNC server
port 5901 TCP protocol --> ip/hostname --> ultravnc repeater
port 0443 TCP protocol --> ip/hostname --> https ssl (and repeater_ssl)

Outgoing from LAN to WAN
(necessary only for enabled firewall like XP SP2 Windows Firewall or any strong software/hardware firewall)
port 0443 TCP protocol --> ip/hostname --> https ssl or repeater_ssl (SingleClick III aka SCIII)
port 5500 TCP protocol --> ip/hostname --> winvnc reverse connection (SingleClick)
port 5800 TCP protocol --> ip/hostname --> web browser act as vncviewer
port 5900 TCP protocol --> ip/hostname --> vncviewer

Just select your broadband router brand, then the router model, then select VNC from the list of programs to forward. It will show, pictures and all, how to forward a port for VNC.


FQDN= Fully Qualified Domain Name
A fully qualified domain name consists of a host and domain name, including top-level domain.
For example, is a fully qualified domain name.
www is the host,
uvnc is the second-level domain,
.com is the top level domain.

For reach your vnc server from vncviewer:

for reach your vnc server from web browser:

port 80 is standard http port and not usable if you have web server
but 5800 is not a standard port for http so you need follow step below:

don't forget to put http:// in header
  • external usage (outside of your office, home from your web browser)
    reach vnc server over Internet with FQDN address (with right access Wink)
    or your own rent a static public IP address ((you know because is on your contract)



  • internal usage (inside your home/office LAN from your web browser

Dont Miss to post your comment on