How do I use Port Forwarding with a VPN?

Updated on: 25 January 2019
Updated on: 25 January 2019

Port forwarding – the most efficient way to connect one of your home devices to a remote device far away via your router. Generally, all routers are extremely secure because they make use of the NAT firewall.

Through this security protocol, streams of information are sent from the router to all the other devices, at the same time blocking any unwanted incoming data. However, while this means you’re much safer, if you want to connect to a certain device outside of the router’s range, you’ll notice that you can’t do it that easily.

Enter, port forwarding!

Also called port mapping, this technique allows you to reroute incoming connections and redirect computer signals between any LAN device and other remote computers connected to the internet. You can access resources that the VPN server is normally blocking.

At the same time, your IP and the original location of your request will remain unknown to anyone else on the network, so you’ll still be able to remain anonymous while doing it.

Pros:

  • Improves torrent speed by quite a bit
  • Gives you the possibility you access any media server set up on your LAN
  • You can access your PC when away from home

Let’s see how you can do this.

1. Setting up port forwarding

The process is a bit different depending on the router you’re using, but the general instructions still remain. Here’s how to do it fast and with no issues:

  • Log in to your router and open the port forwarding settings panel. From there, you should see all the unused port configurations.
  • A basic router will have around 65.000 ports, out of which 1000 are generally be used for the standard specific functions. As for the rest, you can repurpose them for anything you need.
  • Choose one of the configurations and enter the internal and external port numbers. It’s a good idea to go for a configuration above 1000 and under 65.000.
  • The internal and external port numbers don’t have to be matching if the devices themselves will recognize each other and use the appropriate ones when initiating the connection
  • Now that you’ve done this, type in the IP address of the device that you want to connect to on the network. Also, keep in mind that the local address isn’t the same as the router’s IP address. This is because the router hides your original IP, replacing it with a public one
  • The router is now optimally configured to redirect any requests that the port receives to that specific device. And it does this without revealing any leaks or its private IP address.

To put things into perspective, here’s how such a request would look like. Let’s assume that your router’s IP address is 987.654.321, and you want to connect to your laptop on port number 4444. The request that your router receives through the port-forwarding protocol would look like this – 987.654.321:4444. It’s basically your router’s IP address with the extension of the port number at the end.

Enabling port-forwarding on a VPN goes even smoother, but the process is different depending on the VPN you’re using. As such, let’s see how you would do this if you’re riding with Private Internet Access:

  • First things first, disconnect from any server and close the app
  • For Windows, Linux, and MacOS, click on the VPN icon and select Settings. Then, press on Advanced settings and the option to activate port forwarding will appear on the right-hand side. Enable it and click on Save.
  • For the Android app, click on the settings icon at the top of your login screen and tick the box saying Request Port Forwarding.

Once you did this, connect to one of the port forwarding gateways:

  • France
  • CA Toronto
  • CA Montreal
  • CA Vancouver
  • Czech Republic
  • DE Berlin
  • DE Frankfurt
  • Israel
  • Romania
  • Spain
  • Switzerland
  • Sweden

Once you’re connected to one of the gateways, the 5-digit port number will appear in the Menu Bar icon of your client or the System Tray. Type this port number in the listening port setting of any torrenting client and watch the magic unfold.

2. Port-forwarding with VPN

In general, port forwarding can work with VPN protocols. It doesn’t work with NordVPN though, because their apps block the majority of port communications in your device except the most popular ones.

They’re saying that they had to do this in order to decrease all the potential security risks that come with opened ports. This procedure is integral to NordVPN’s continuous functionality and excellent services, and they would surely find it impossible to keep their impeccable reputation otherwise.

Other VPN providers will have specific features allowing you to implement port forwarding and choose what port you want to use, configuring its use at the same time.

For example, you can use port forwarding with PureVPN’s add-on. This eliminates most of the security risks that come with opening a port to the digital frontiers out there.

Benefits of port-forwarding and PureVPN synchronization:

  • Privacy and security – with port forwarding, you can protect your public IP address better, and keep your privacy stronger than ever. In this day and age, netizens all around the world fall prey to many different invasive attacks and hacking attempts, and even surveillance attempts are common events.

    By tracking your IP address, hackers or other government agency can uncover a lot of information about you. They can monitor your private communication, messages, emails, browsing activities, and even steal private data.

    With port forwarding, all of this becomes a thing of the past. All your servers are protected with the added security layers of PureVPN’s encryption protocols. More than this, the port mapping is transparent to the end user.

  • A dedicated IP address – You might want to use the same IP address when conducting your business on the internet. Corporations and popular businesses will prefer to do this, in general, and PureVPN gives you this possibility from the get-go.

3. Types of port forwarding

The port mapping protocol exists in many forms. You need to know what each of them does if you want to set up the most appropriate one for your needs.

These are the most commonly used:

Local Port Forwarding

This protocol undergoes all its operations at the Security Shell (SSH) level, allowing any application which is run from this server side to access services on the SSH’s client side. Other tunneling schemes and procedures will use this method of port forwarding to achieve the same goal.

In short, remote port forwarding gives you an uninterrupted connection at the server side of a tunnel to any remote service that’s located at the tunnel’s client side.

Dynamic Port Forwarding

This protocol gives you access to all the information and services on the other side of a NAT firewall by exploiting a so-called firewall pinhole. This method allows your client to connect safely to a secure server that acts as a middle-man sending and receiving data to a destination server or more.

4. A few reasons why you’d use port forwarding

The port mapping has a lot of uses and it’s very efficient in creating a connection between a device in your home network and a remote device that’s out of range. There are plenty of things you can use it for, like:

  • Forming a direct connection to a gaming server
  • Connecting to your home server remotely
  • Allowing other users to connect to your public web server
  • Connecting to an IoT device on your home network
  • Creating and maintaining direct access to a VoIP call server
  • Accessing services on a Synology NAS or a Plex
  • Recover lost router passwords
  • To access restricted websites
  • To enhance the security protection against any DDoS attacks
  • Setting up servers at home like TeamViewer

5. Port forwarding and torrenting

Torrenting, technically known as the file-sharing P2P protocol, is based on a system of seeding and peering. Incoming connections allow all the other torrent users to connect to your BitTorrent client and download bits and pieces from a certain file.

In short, this allows you to seed, and the more you seed, the faster your download speed will be.

The problem doesn’t cease to appear. A VPN router’s NAT firewall prevents other people from initiating unsolicited new connections. Even though further incoming connections are permitted once the initial connection is established, this severely cripples the torrenting and seeding potential.

When a BitTorrent user wants to download a file or pieces of it from you, his client will ask for permission to initiate a connection with you. The NAT firewall won’t allow this, so your system will get a notification about this. You can choose to accept the request, and the connection will be created successfully, thus bypassing the NAT firewall.

However, when both users have a NAT firewall implemented, seeding and torrenting connections are impossible to pull off. None of the two parties can initiate connections.

More and more people use VPNs to protect themselves and their private data, so this issue is not as simple as it seems. In fact, it could cripple the whole P2P system altogether.

Thankfully, port forwarding solves this issue quite easily. However, this will only be useful if both parties are working from behind a NAT firewall. In any other case, it’s useless, and it will not positively impact the download speeds.

6. Is port forwarding safe to implement?

Think of it like this – you have about 60.000 doors, and most of them are closed. No one can get access to them unless you break them open yourself. And this is what you do once you implement port forwarding and repurpose some unused ports.

The router checks the information that arrives from the internet into those open ports. However, anyone who knows the address of that port can hop over the fence and storm right in with nothing stopping them. Like a hot knife cutting butter, the intruder meets no resistance in connecting to the opened port.

If it leads to a security camera, the port will allow the intruder to see everything that the camera records, and even to control it. Weak security protocols will always be exploited, port forwarding or not.

If the port leads to your computer, however, the situation becomes a lot more complicated because a hacker can get access to the rest of your network with the admin privileges present on your PC.

As such, you need to make sure that any device at the receiving end of the opened port is encrypted with some serious cyber-protocols. Generally, manually configured ports will always remain open unless you close them yourself.

So, the greatest threat appears when you’re not using it because an occupied port is next to impossible to hijack.

However, when talking about VPNs, there are other issues to talk about. In 2015, Perfect Privacy went out with a security warning on VPN port forwarding, which it dubbed Port Fail.

This security chink makes use of a relatively simple combination of time correlation and social engineering to uncover and expose your real IP address. It’s not the victim’s fault for using the port forwarding protocol, but the attacker that uses this Port Fail glitch.

The good news is that this issue can easily be circumvented by any VPN provider by simply setting up different incoming and exiting IP addresses on its servers. The bad news is that only four of the nine VPNs that Perfect Privacy tested implemented this very basic procedure.

The other five are still suffering from same cancer, and it will eat them from the inside unless they deal with it. Now, after four years since that controversy, chances are all the VPN providers have addressed this issue.

7. Conclusion

Port forwarding is extremely useful if you want to gain access to a personal server or other LAN resources behind a VPN connection. If they are out of the range of your LAN connection, port forwarding makes them become accessible.

However, if you are file-sharing and torrenting, then you don’t expressly need to set up port forwarding. It can improve performance on eMule though, so you might want to consider this.

While there have been quite a lot of security issues with port forwarding in the past, now most VPNs implement many security patches and encryption protocols that override the native weakness of opened ports.

As for its uses, the potential is limitless, and it will make your life a lot easier by covering the distance between two devices instantly. The access to your home network is right at your fingertips, and the same goes for any VPN-protected devices.

The port forwarding protocol doesn’t work with all VPNs, but when it does, it brings about many advantages. In the end, it’s a very efficient and handy tool to have.

Written by: Bogdan Patru

Author, creative writer, and tech-geek. Bogdan has followed his passion for the digital world ever since he got his hands of his first pc. After years of accumulating knowledge and experience, the good Samaritan in him whispered him one day about the virtue of sharing that knowledge with those who needed it. It was 2014 when that idea would grow into a life-defining passion. One that keeps driving him to this day.

Leave a Reply

Your email address will not be published. Required fields are marked *