Hardware firewalls can be used to block ports to prevent unauthorized access in and out of a LAN. However, there are situations when specific ports must be opened so that certain programs and applications can communicate with devices on different networks. Port forwarding is a rule-based method of directing traffic between devices on separate networks. This method of exposing devices to the Internet is much safer than using a DMZ.
When traffic reaches the router, the router determines if the traffic should be forwarded to a certain device based on the port number found with the traffic. Port numbers are associated with specific services, such as FTP, HTTP, HTTPS, and POP3. The rules determine which traffic is sent on to the LAN. For example, a router might be configured to forward port 80, which is associated with HTTP. When the router receives a packet with the destination port of 80, the router forwards the traffic to the server inside the network that serves web pages.
To add port forwarding, as shown in the figure, follow these steps:
Step 1. Click Applications & Gaming > Single Port Forwarding.
Step 2. Select or enter an application name. You might need to enter the external portnumber, Internet port number, and protocol type.
Step 3. Enter the IP address of the computer to receive the requests.
Step 4. Click Enable > Save Settings > Continue.
Port triggering allows the router to temporarily forward data through inbound ports to a specific device. You can use port triggering to forward data to a computer only when a designated port range is used to make an outbound request. For example, a video game might use ports 27000 to 27100 for connecting with other players. These are the trigger ports. A chat client might use port 56 for connecting the same players so that they can interact with each other. In this instance, if there is gaming traffic on an outbound port within the triggered port range, inbound chat traffic on port 56 is forwarded to the computer that is being used to play the video game and chat with friends. When the game is over and the triggered ports are no longer in use, port 56 is no longer allowed to send traffic of any type to this computer.
To add port triggering, follow these steps:
Step 1. Select Applications & Gaming > Port Range Triggering.
Step 2. Type the application name. Enter the starting and ending port numbers of the triggered port range, and starting and ending port numbers of the forwarded port range.
Step 3. Click Enable > Save Settings > Continue.