What ports are open on the router by default. "Reservation" of local IP

12.05.2019 In contact with

Port forwarding is a procedure for obtaining remote access to the desktop or device interface through a dedicated communication channel. can be carried out in different ways, which will not always provide the optimal result and the desired speed. Moreover, after carrying out some processes, the administration and management of them brings a lot of inconvenience.

Forwarding is performed to improve the quality of communication and send packets, as well as to evenly distribute the load on the network. Sometimes the Remote Access feature and software like Radmin do not have the desired effect. Let's consider how to forward over a local area network (LAN), how to configure ports and how to provide protection for all devices from hacking and data leaks.

Opening ports on TP-Link router

To complete the procedure, you need:

Register the standard IP address of the router 192.168.1.1 in the address bar of the browser;
Confirm the action with the "Enter" key.
In the authorization panel, specify the username and password (as a rule, the username and password are "admin").
On the left side of the screen, you need to find the Forwarding-> Virtual Servers branch and confirm the action with the Add New button.
In the "Service port" field, specify the port to open, and in the IP Address field, write the IP address of our gadget.
The "Protocol" line is used to select the type of connection - TCP, UDP or ALL.
The "Status" line must contain the "Enabled" value.
You need to save the settings with the "Save" button.

If your PC needs a web server connection, it opens through port 80. The port number for administering the router will change to 8080 (instead of the standard 80) and to connect to it you will need to enter the address http://192.168.1.1:8080 (instead of http://192.168.1.1:80).

ATTENTION! The devices for which the forwarding is carried out must be connected to the Internet.

Port forwarding on a router

Step by step procedure:

Launch a browser and write the local address of the router in the address field. By standard, this is TP-LINK (address 192.168.0.1). Username "admin", password "admin".
After entering the data, the router interface will start.
You need to look at the top left menu and find the line "Forwarding" ("Retrack" or "Forwarding") there. If your router has an alternate language, you need to download the firmware from the developer's site and install it.
Next, you need to click on the "Server" item and go to the "Virtual Servers" menu.

This procedure will allow you to configure remote access to any PC in the local network, and the machine that is connected to the local network does not have to be included in the network.
Next, look for the Add New button and click it.
Then we fill in the fields so that you can open access to another device.
The Service Port can be specified at random, for example 28. This port is indicated when accessing the device from the Internet. You need to register the value in the address field of the browser (after the colon in the host address).
Leave the line "Internal Port" empty. The standard value is "80". You can view it in the user manual.
The IP Address is the internal local address of the specified device. It can either be viewed in the "Hardware Settings" in the "Windows Device Manager".
Save changes with the (Save) button. We now have a new forwarded port that can be
Delete or Modify as desired.
You do not need to restart your device.
Click the Add New button again and forward one more port.
After pressing the Save button, two ports will be available for remote access.

Another way is to start the router in the "Test" mode (hold down the de-activation button and the function key). While the gadget is rebooting, you need to register the address 192.168.0.1 in the browser floor. When the page opens, the data will not load immediately.

To get the data, refresh the page from time to time until the connection is established. The page has 2 buttons "Return to standart settings" and "Swap port". The first is to return to the factory settings, the second is to replace the ports. Pressing the second key automatically creates a maximum of free ports that can be bound to devices. This can be done by adding a new connection.

An example of connecting a security camera on Android OS:

Go to the "Connections and connections" menu.
Press the "Add network" button.
Fill in the router information and enter the input IP address.
Come up with a password and login, set a pairing key.
After restarting, the router automatically goes to the specified port (to which remote access will open).

Next, let's look at how you can change and delete ports on a TP-Link router.
Let's take the instruction "How to open a port" as a basis. In the opened port on the router there are values "Change" and "Delete". Depending on the type of protocol, you need to select one parameter, because to remove some ports, you must first free up a new (empty) port for replacement, otherwise the operation will cause many errors.

If the reader accidentally deleted the port with the comment “UDP” and “Disabled”, after which the router stopped distributing the Internet connection, you need to download the standard firmware and install it again. An empty space in the table will still remain, and the port is not activated and will not provide remote access.

Port Forwarding: Populating the Table

The table is filled out to simplify the operation of the device and for port allocation.

Service port	IP address	Protocol	Status	Modify
1111	192.168.0.100	BOTH	Enabled	Modify delete
2222	192.168.0.100	UDP	Enabled	Modify delete

first column - random numbers;
the second is the unchanged IP value;
the protocol defines the communication method. It is strongly recommended to set the values "BOTH" and "UDP" in checkerboard
order and route ports to them until communication is established.

The remaining two columns cannot be changed !.

ATTENTION! The "Modify" column is for advanced users only. This is a graph of custom non-standard settings and bypass routes. By specifying incorrect values in it, you can break the algorithm of all active forwarded ports, so it is better not to touch it.

save the document in ".ini" format and then integrate it into another device;
save the page completely, and then open it in the browser when connected;
write down the parameters or remember them.

Conclusion

Most routers have a similar architecture and configuration, so there are enough settings and presets for each model on the Internet. By downloading a ready-made profile for your device, you can save time and effort spent on configuration. If you want to figure it out on your own, this article will help you in the best way possible.

It is recommended to perform forwarding immediately after installing the router, since the standard settings will accumulate many errors in the router, which will affect the quality of the connection and the service life of the device. Conventional data transfer protocols and algorithms are not customized for all devices.

Port forwarding is the mapping of a specific port on the external interface of the router to a specific port of the desired device on the local network.

Port forwarding is one of the functions of NAT (Network Address Translation) mechanism. The essence of NAT is to use several devices in the local network one external interface. In home networks, the external interface is the WAN port of the router, and the network devices are computers, tablets, and smartphones. And the essence of redirection is to provide access to some device on the network from the Internet using any open port of the router.

How to make port forwarding on a gateway (router, modem)

This is what the people call "how to open a port on a router."

Let's say there is a task to provide access to the remote desktop of a computer that is connected to the Internet through a router. To do this, you need to create a rule for redirecting any free port of the WAN interface of the router to port 3389 of the required computer. 3389 is the default port for accepting incoming connections from the Remote Desktop Server service. After creating such a rule and applying the settings on the router, requests received on the specified external port will be redirected to 3389 of the required computer on the network.

To do this, you need to go to the port forwarding settings on the router and add a rule.

An example of setting up port forwarding on a D-Link router.

1 Open the section Advanced.

2 Select a setting Port Forwarding.

3 Configure a redirect rule:

Enter any name of the rule that is convenient for you;
Enter the public port number (or range). The public port is the one that will be open on the router for access from the Internet via the WAN interface. If you only want to open one port, specify the same port as both the start in the range and the end.
In our case, we need to open port 3389, so we specified it twice in the top line of settings.
Specify the IP address of the computer (server) on the local network running the service to which you want to grant access. It is recommended to reserve the IP address for this server in the DHCP reservation settings on the router so that it does not change in the future. Instead, you can also specify the IP address manually in the settings of the network adapter on the computer, to which you will be forwarding on the router.
In our example, we are specifying the internal gray IP address 192.168.1.100, which belongs to a Windows Server 2008 computer with a configured Remote Desktop Server.
Specify the port for receiving incoming connections on the computer in the local network.
In our case, the server uses the default port 3389 for the Remote Desktop Server service.
Check the box on the left to enable the rule.

4 Press Save Setting

Verifying Port Forwarding Is Working

To test that port forwarding works, you need to connect to your computer using an external IP address or.

Click on win + r, enter mstsc and press Enter:

In field Computer d enter the external IP address of the router (which is assigned by the provider to the WAN interface), or.

Click on To plug:

(Thus, you establish a connection with the WAN port of the router at 3389. At the same time, port forwarding is triggered on the router according to the rule to the internal IP address 192.168.1.100 and the specified port 3389)

If you see the signature Setting up a remote session, then port forwarding is working:

As a result, you should see the desktop of the remote computer (remote desktop server).

It is very convenient to use for creating a home local network and connecting all available devices to the Internet. But, it also has disadvantages. For example, you will have problems with incoming connections from the Internet. This is because only your router will have an external IP address, while all computers on your local network will work through NAT and have only internal IP addresses. Fortunately, almost any router allows (port forwarding), which solves this problem. In this article, we will show you how to open ports on a TP-LINK router.

How to open ports on the example of a TP-LINK TL-WR940N / TL-WR941ND router

Step # 1. Enter the router settings. First, we need to enter the router settings. To do this, open any browser and enter in the address bar. Usually TP-LINK routers are available at 192.168.0.1, but if this address does not work, then you can try 192.168.1.1. After entering the IP address, a password entry form should appear. After entering the password, the settings of the router will be loaded.

Step # 2. Open the “Forwarding - Virtual Servers” section of settings. In order to open ports on a TP-LINK router, you need to open the "Forwarding - Virtual Servers" section, a link to which you can find in the side menu.

Step # 3. Click on the "Add New" button and add the required port. To open a port, you need to add it to the list of open ports. To do this, click on the "Add New" button and then fill in the form that appears.

Let's consider the main form fields for opening ports:

Service Port - a field for entering an external port. You can enter a single port or a whole range of ports here. The port range is entered with a hyphen, for example, 10200-10300. Clients from the Internet will be able to connect to the ports specified in the Service Port field.
Internal Port - a field for entering the internal port that will be used on your computer. In other words, this is the port to which traffic will be forwarded. Only one port can be entered in this field. Alternatively, you can simply leave this field blank. In this case, the same port that you entered in the previous field will be used.
IP Address - the IP address of the computer for which you open ports on the router. Traffic from the Internet will be directed to this computer.
Protocol - a menu for selecting a protocol. Here you can select ALL, TCP or UTP. If you are not sure which protocol you need, then leave the value ALL.
Status - port status. Leave the Enabled value for the port to work.

After filling out this form, click on the "Save" button. After applying the settings, check the open ports on your computer.

This review will consider the following: how to open ports on a router and what must be done before that, as well as why all this is needed.

Router DIR-300 D-Link

Let's say a packet is sent to the router from the Internet, addressed to a specific port (for example, 8080). This default packet will be ignored. If it is necessary that it be directed to one of the PCs of the local network, they perform port forwarding, or "open the port".

Before opening a port that a particular program needs for its operation, you can check: what if the port is already open? We go to the site "2ip.ru" directly from the computer of the local network. In the address bar, add: "/ check-port /". And check the required port:

But by performing certain manipulations in the settings of the router, you can make the port open. Only, in this case, you need to specify the IP of the target computer (therefore, all PCs for which port forwarding is performed on the router must be entered into the "IP reservation area").

It is important to know: you can open a port with a certain value - you can do not more than for one PC in the local network. That is, you cannot open one port for two or more computers.

An introduction to port forwarding

Typical Port Values

Information in networks is transmitted in packets. Each packet carries a destination address and a port value (an "address: port" pair). If on the receiver's side the required port is closed, the packet is simply ignored and disappears from the network.

The ports commonly use the following:

20 and 21 - ports of the ftp server
22 - port of the secure SSH management shell
80 - port of the http server (you need a site "in the public domain" - open the eightieth port)
8080 - web caching service port (hard to tell what it is)

In some programs (for example, in the DC ++ client-server), you can specify the port value directly in the settings. That is, there is no concept of "default port" in these programs. However, the port value must be in a certain range (which is highly desirable).

Let's say there is a PC with an ftp server on the local network. Let's also assume that the user - knows the IP address assigned to him by the provider. This ftp server can be made accessible from the external network. For what, they open ports on the router (20th and 21st). The route of incoming packets will look like this:

Route of packet directed to ftp server

If what you need "port forwarding" for is clear in general terms - move on to the next chapter.

Algorithm of forwarding in a router

Having received an incoming packet, the router "looks" the value of the port to which this packet is addressed. A list of the form "port -> local address: port" is stored inside the router, and the list is set by the user himself.

According to the given list, the behavior of the router should be as follows:

If the given port value is not in the list - the packet is "lost"
If there is, then the value of the IP address in the packet header will be replaced (with the IP of the target computer), and the packet will be sent to the local network

And configuring router ports is creating a list. Each line must contain 3 elements: the value of the port specified in the packet header; The IP address of the local PC to which this packet should be forwarded; the new port value (usually left the same).

Example. For a computer with an installed http server (and local IP equal to 192.168.0.112), the list string should contain the values: "80 -> 192.168.0.112: 80". Everything should be clear here.

Configuring the router

"Reservation" of local IP

The router has a DHCP server enabled, which changes the IP addresses of local devices (for example, every 3 hours or more often). To forward a port to a PC with a specific IP, the IP must be “assigned” to this computer.

Opening a port on a router should not remain "temporary". There is a solution - turn off DHCP. We will act differently by setting up a "reservation" of IP addresses for the required PCs.

In the web interface of TP-Link routers, for example, it is difficult to set up a reservation. You need to know the MAC address of the target computer (its network card). On Windows, this can be found by going to the Connection Status (by opening the Support tab and clicking on Details).

In the configuration interface, on the "DHCP" -> "Address Reservation" tab, click the "Add New" button:

Address reservation tab

A new tab will appear. Let's specify the MAC address of the target PC (as well as the IP that is "assigned" to it):

Reservation of an address for a local PC

We do "Status" - "Enabled", click "Save".

It is important to know that you will have to "reserve IP" for each PC to which we will forward a port (at least one).

In D-Link routers, the same is easier to accomplish. We go to the "Setup" -> "LAN Setup" tab:

Setting up a local area network (LAN)

We see the "DHCP Client List" block (here - all PCs of the local network). Remember the name "Host Name", further in the block below - select the required from the list. Click on the button "<<». IP-адрес

from the middle cell - we assigned to this PC.

How to open ports through a router will be discussed using the example of D-Link devices (for others, everything is very similar).

Configuring port forwarding ("old" interface)

Go to the "Advanced" -> "Port Forwarding" tab, check the box on the left:

Port forwarding tab

Further, the following is performed:

You must specify the target PC (Host Name, or - just a local IP)
We set the used protocol (for most programs - TCP, also, you can create two identical rules for TCP and UDP)
We indicate the value of the forwarded port (in the example - "35000")
Check that the rule is always on (Always On)
Click "Save Settings"

Thus, we looked at how to open a port on a router. In the modern version of the interface, you can specify the "range" of ports (by setting the minimum and maximum number). Also, there is a "change" option for the internal port value (a packet addressed to port 80 can be routed to port 81). Let's take a closer look at this.

Configuring port forwarding ("new" interface)

First of all, in the new version of the D-Link router, you need to turn on the firewall. Then, the administrator creates "Virtual Servers" for him:

Creating firewall servers

Click the Add button. On the tab that appears, we will create a port forwarding rule:

Forwarding port "23" on the PC 192.168.0.100

Above you need to set "Custom", then, come up with a name for the rule. We are looking at how to open ports through the router for packets directed "from the outside" (and therefore choose the "WAN" interface). Then everything is standard: select the protocol used (TCP / UDP), specify the port value (in this case, "internal" - does not differ from "external"). Finally, specify the "target" IP address and click "Change".

Port forwarding with changing its value

In the header of the IP packet, you can change, firstly, the recipient address (which is performed by the router), and also the port to which the packet is directed. It is easy to use this option, it is enough to specify the "internal" port (it may differ from the "external" one).

How to forward ports on a router by changing their values is clear from the example in the previous chapter. It is necessary to specify the value required by the program in the "Internal port" field. If the external port is "23", this does not mean that the "internal" will only be the same.

Possible difficulties

Having opened a port on the router, you can get a negative result (the port will still be unavailable).

Which is possible for the following reasons:

The "reservation" of the local address was not performed correctly (which is needed for each target PC)
The 2ip service is useless when the "internal" value of the port is obviously not equal to the "external" value (there will be a message "Port closed")
We looked at how to open a port through a router, but it may be blocked by the ISP

At the same time, if the port is not open, there is no need to try to call the provider right away. Better to try to solve the problem "locally".

Here's how to open a port in the classic D-Link interface (which differs from the one discussed - here you can specify an "internal" and "external" value):

Details about setting up the forwarding of the Tp-Link router

By the way, about port forwarding. We have come to the section "Forwarding" and the first item "Virtual servers". Yes, this is such a cunning name for everyone familiar with Port Forwarding. This is what the main menu looks like. As you can see, I have 2 rules here for my desktop PC - on port 8888 and on port 3389. These are WebUi uTorrent and Remote Desktop RDP.

So, we need to create a rule for, say, the Minecraft server (or 1c of Accounting), which you run on your computer and want to play with friends without any Hamachi. We press "add" and see:

What is what?

The service port is a public port, that is, the port that your friends should indicate when trying to connect to your server. I have set 1313 for clarity that it does not have to be with an internal port.

But the internal port must match the port of the Minecraft server, which by default is 25565.

This is followed by the IP address of the computer on the network to which we want to connect, and this is where we need to reserve IP addresses. Enter the IP address of your Minecraft / 1 From the server.
The protocol, most often, UDP, but if you are not sure, you can put everything.

We turn on the rule and score it on the "Standard service port", we have already done everything ourselves.

Moving on to Port triggering... Long meditation allowed me to conclude that it is like UPnP, only manually.

In general, the bottom line is that we have an application that uses a port group, in my example it is 15550-15590. In order to forward this heap (40) of ports to the external network and back, a trigger port is created through which all this passes.

DMZ, or Demilitarized Zone. A function that opens ALL ports to your computer. That is, only those closed on the computer will remain closed. Needless to say, how safe is it? In the settings there are 2 items, this is ON / OFF and the IP address of the device.

UPnP(Universal Plug and Play). Few settings - ON / OFF. A collection of networking standards and protocols designed to do one thing - to make your life easier. Automatically "adjusts" the router for various applications (Skype, uTorrent) and network activities. Of course, we include.