Port Forward
Last updated
Last updated
Port forwarding applies network address translation (NAT) and redirects a communication request from one address and port number combination. Port Forwarding allows remote computers to connect the outdoor router within a private local-area network (LAN).
To configure the port forwarding, log in to the router and go to "Network > Firewall."
Under the tab of "General Settings," change forward to "Accept."
In the Zones section, change the Forward on the WAN row from "Reject" to "Accept."
Click the Save & Apply button on the bottom right corner.
Click the tab "Port Forwards" to enter the configure section on the New port forward section:
Name: Enter the reference name. e.g., Test
Protocol: Select "TCP, UDP, or TCP+UDP."
If you don't know the protocol, please choose TCP+UDP. If you know whether it is TCP or UDP, select TCP or UDP. This can effectively reduce resource consumption.
External Zone: Select "WAN"
External Port: Set the port number you want to access from the external network. We suggest selecting the WAN port between 1025~25534. Do not use the standard ports occupied by other services, such as 23, 80, 433, 3389, 7700, 10080, etc.
Internal Zone: Select "LAN"
Internal IP Address: Select from the list of connected intranet hosts.
Internal Port: Enter the port number that needs to be forwarded from the intranet host
Click the button "Save & Apply" to execute the new settings.
The above example forwards a local host 192.168.30.113:80 to WAN port 1180. Thus, we can access the 80 port on the host of 192.168.30.113 from the public IP address plus port number 1180.
The public port forward does not change the accessing port in the local networks.
NAT Loopback is turned on after saving a new port forward rule. It allows the intranet terminal to access the local hosts using the public IP address of the routed external network interface. To reduce the consumption of router resources, you can click the "Edit" button on the saved port forward rule list to disable it.
Public port forwarding relies on a public IP address, which most 4G/5G SIM card internet connections require. Please get the public IP from the 4G carrier to activate the public port forwarding.
Except for a public 4G IP address, you can also try forwarding it to an OpenVPN or WireGuard server through the VPN tunnel.
To access another host from the local network, we can set up intranet forwarding based on IPtables and the firewall settings.
Go to "Network > Firewall," and click on the tab "Custom Rules." Add the new iptable rules. Below are the example codes to forward 192.168.30.113:80 to router IP 192.168.30.1:1180.
iptables -t nat -A PREROUTING -d 192.168.30.1 -p tcp --dport 1180 -j DNAT --to-destination 192.168.30.113:80 iptables -t nat -A POSTROUTING -d 192.168.30.113 -p tcp --dport 80 -j SNAT --to 192.168.30.1
After accessing the router, go to "Network > Firewall > Traffic Rules: Open port on router" to add a new port on the 4G router.
Name: Input name of the new port
Protocol: Choose from TCP or UDP
External port: The new port number
After entering the above parameters, click the "Add" button. Then click the "Save & Apply" button in the bottom right corner. The new port will appear on the "Traffic Rules" list.
