Opening a Port in a Firewall (Port Forwarding)

When most people say "open a port in a firewall", what they are really talking about is Port Forwarding. This refers to telling your network router to take all traffic coming in to a particular port or range of ports and send it to a particular IP address, or device within your network. By default, routers keep most ports closed unless the user specifies otherwise. This is done for obvious security reasons.

You can think of ports like docks in a marina. Different types/sizes of ships need different types/sizes of docks. Well, different internet protocols (or methods of transferring data) use different ports within your router. For instance, basic web browsing uses port 80, so by default routers are automatically set to forward all traffic coming in on port 80 to every device on the internal network. That way, any device can do basic web browsing at the very least. Many online games and/or gaming systems use their own ports, so those ports need to be forwarded to the device playing those games. This is the most common scenario of why end users start looking into Port Forwarding. Another common reason is to access internal security camera DVRs from outside of the internal network.

NOTE: Setting firewall rules is something at a high level that typically only Network Administrators do or anyone techie enough to want to mess with it. This is separate from Port Forwarding, which is what most end users are actually talking about when they say something like "opening a port on a firewall".

NOTE: These steps are very generalized with the intent of giving the reader a basic conceptual idea of how to set up Port Forwarding. Individual routers vary greatly and port forwarding options are not always in the same place from one router to the other. However, once the general idea is understood, it's not hard to find the specific place on your router to set up Port Forwarding.

Step 1

Access the configuration page of your router. The best way to do this is to obtain the internal IP address of your router and type that into the URL bar in your web browser. If you are using Windows, you can do this by opening up the CMD prompt and typing ipconfig. The default gateway listed will likely be the IP address of your router, unless you have a more complex network in which case you are probably not reading this article because you already know how to do port forwarding.

Step 2

Find the port forwarding options. Some routers will put these settings under the firewall settings and others will put them under applications and gaming settings. Others yet will have an actual Port Forwarding heading. In fact, some routers won't even call it port forwarding specifically. Basically, just poke around until you find the right settings or do a quick internet search based on the specific make/model of your router. Often you will know you are in the right place, because you will come a across a default list that shows port 80 being forwarded to every internal IP address, denoted often times by an asterisk (*).

Step 3

Add the specified port(s) that your device is trying to use along with the IP address of that device. Again, every router does this slightly different, so you may have to play around with these settings to get it just right. Remember, the basic idea is that you are adding a line that says all traffic coming in on a certain port needs to be forwarded to this specific IP address. If you are not sure what ports to open up or the IP address of the device you are trying to forward traffic to you can do a quick internet search to find out. That type of information is public knowledge and should be easy to obtain. If your router has the option for selecting the port type (UDP or TCP), you can safely select both if you are uncertain.