Port Forwarding is used to allow external devices (PlayStation network for example) to connect to your internal devices (PS4). With port forwarding, we can tell the router where to forward the packets that are meant for your PS4 for example.
By default, our firewall will block all incoming traffic, which is good. Otherwise, a hacker could gain easily access to your network. By opening and forwarding specific ports in your firewall you can safely run a web server or FTP server on your computer or host or join an online game.
What is Port Forwarding
With port forwarding, you can make a computer or other network device (the security camera for example) accessible from the internet. You only allow specific traffic (that comes through a port number) to travel into your network to the network device (or computer). This is commonly used for security camera’s, gaming, hosting a (web)server or making you NAS accessible from the internet.
Let say we have the network below. The router/modem has a built-in firewall. Let’s say we want to host a game on our PlayStation for example. Our friends need to be able to connect to our PlayStation for that.
By default, the firewall in the router will block all unknown incoming traffic. If our friends try to join our game, a package is sent through port 3074. But our firewall has no idea who needs that, so it will drop the package.
By setup a port forwarding rule in our router, we can tell the router to forward all data package that is sent through port 3074 to forward it to our game console. The PlayStation will handle the data further.
Making multiple devices accessible
Every network device in your network has it’s own IP Address. But to connect to the internet all devices share one public IP Address (in the examples above it’s 220.127.116.11) that is supplied by your ISP. Now every application uses there own port number, for example, webservers are accessible over port 80 and an Unifi Security Camera can be accessed over port 7080.
With Port Forwarding we can forward every port to the correct network device. So we can send the traffic for our website that comes in over port 80 to our server that is listing on port 80 and the traffic for the PlayStation to the console itself.
Now let’s say you have two Unifi security camera’s that you want to access directly from over the internet. Both camera only responds to a request over port 7080. So internally you can access camera 1 on Ip Address 192.168.0.100:7080 and camera 2 on 192.168.0.120:7080.
To access the camera from the internet you would need to connect to your public Ip Address, for example, 18.104.22.168 followed by the port number: http://22.214.171.124:7080. But if you forward this port to both camera’s it wouldn’t work.
With most routers, you can change the destination port, so this allows you to make camera 1 accessible on http://126.96.36.199:7081 and camera 2 on http://188.8.131.52:7082. In the forwarding rule, you would forward the traffic to another port number, simply 7080.
How to setup Port Forwarding
Now setting up Port Forwarding might seem complicated, but it really isn’t. We are going to give the computer, network device or game console to which you want to forward the port to a static Ip Address, next we are going to login into the router and forward the port to the network device. Sounds simple right?
Setting up a static Ip Address
By default, most network devices get an Ip Address from the DHCP server. This server is built-in your router and assigns the internal network devices an Ip Address. But when you turn the device off and on again it might get another Ip Address. This way you port forwarding will only work until you turn it off.
To setup a static Ip Address you will need to go to the network settings page of your device. Change the Ip Address settings (or IPv4) from automatic DHCP mode to manual. Next, you will need to specify an Ip Address. You can look up the DHCP scope in your router to see which range is used by the router. Or you can try to find an Ip Address that is not used, most of the time setting IP which ends with a number between the 200 and 250 is pretty safe.
Log into your router
Next, we need to login to the router. To find your router you can lookup the gateway address on your computer.
- Press Windows Key + R
- In the run dialogue type cmd and press enter
- Type ipconfig and press enter
- Note Ip Address on the line Default gateway
- Enter that Ip Address in your browser
Now you need to login to your router. If you didn’t change the password and don’t know it, you can try some of the following common combinations. If none works, then look it up in the manual or on Google:
- admin / admin
- admin / password
- admin / <blank>
Setting up the Port Forwarding
Ones logged in to your router you will need to find the port forwarding section. Now it depends on your router brand where you can find this, but the most common places are:
- Advanced and then Port Forwarding
- Applications and Gaming
- Advanced and then virtual server
- Firewall and then Port Forwarding
When you found the correct page on your router you will add a new forwarding rule. Below is a screenshot of the Edge Router X (my personal favourite). Most routers will have a similar layout, you enter the Original port, this is the port number as listed by the application, then you required protocol, when in doubt, just set it to both.
The forward-to address or Ip Address is the network device you want to give access, in this case, the Ip Address of the PlayStation and the internal port number (which you can leave the same as the original in general)
If you need to open multiple ports you can, depending on your router, open a range, by entering 3074-3080 or multiple by separating them with a comma (3074,3075 etc). If your router doesn’t support it, then you will have to create multiple forwarding rules.
Port Forwarding Test
When you created the port forwarding rules you will need to test it to see if the settings are correct. One way is to just simply open the application and check if you can gain access. If that isn’t possible you can use one of the many online port forwarding checkers.
A good one is for example Canyouseeme.org. With this tool, you can test if your port forwarding rules are set up successfully.
Port Forwarding for PS4
To setup port forwarding for PS4, we first need to give it a static Ip Address. Because otherwise, it will get a new Ip address every time you turn the PS4 off and on, braking the forwarding rules.
To give the PS4 a static address you will need to do the following:
- From the Main menu open the settings
- Select Network
- Select Set up Internet Connection
- Depending on how you connected the PS4, choose Wifi or Lan Cable
- Choose Custom
- In the screen Ip Address Settings, choose Manual
- Select the IP Address, press X
- Change the last part of the IP Address to another number, let’s say 205.
So you Ip address may look like 192.168.0.205
- You can leave Subnet Mask, Gateway and DNS as they where.
- Click Next
- Leave the MTU on Automatic
- Select Do Not Use for the Proxy Server
- And finally select Test Internet Connection
The PS4 should be able to connect to the internet. So we can now set up the port forwarding rules in our router. Login to your router and go to your Port Forwarding page.
We need to forward the following ports to our PS4:
- TCP: 80, 443, 3478, 3479, 3480
- UDP: 3478, 3479
Now depending on your router, you need to create the following rules forwarding rules:
If your router doesn’t support a range (3478-3480), then you will need to create multiple rules for each port number. On some routers, you don’t need to or can’t enter the Forward-to port. That isn’t necessary, by default the port forwarding rule will use the same port number.
As you can see setting up port forwarding rules isn’t really difficult. Al you need to do is give your internal device a static Ip Address and forward the correct port numbers to the new Ip Address.
If you have devices that require the same port number you can use different ones on the external side and map the correct port number internally.
Always make sure you open only the required port number for the device, otherwise, you will make your network vulnerable for hackers. If you have any questions, just drop a comment below.