Nowadays, a home network often contains more than a few computers or smartphones. You may also want to connect a smart thermostat, a few IP cameras, a home automation system, a NAS or your own web server. Of course you also want to be able to access it via the internet from another location, but that can sometimes be disappointing. We will go deeper into a few techniques that ensure that specific devices in your home network are also easily accessible from outside. Here we focus on port forwarding in combination with dynamic dns (ddns), technical interventions that can mainly be set at the router level.
Tip 01: IP addresses
In principle, every device that is linked to your home network has a unique IP address. Let's disregard ipv6 here and discuss ipv4: such an IP address is made up of four numbers between 0 and 254, for example 192.168.0.10, 10.0.1.50 or 172.16.2.100. On a Windows PC, you can find out such an address by entering the command ipconfig to be carried out: you read it at IPv4 Address. Here you will also discover the IP address of your router or Default gateway. When you enter this address in your browser, you will arrive in the web interface of your router after your registration. We will need this configuration window more often later in this article. By the way, you can also request the IP addresses of the connected devices in this window, in a section with a name like List of devices (or something similar).
If you cannot find the IP address of certain network devices here, you can run the free Advanced IP Scanner tool from a PC. An installation is not even necessary. Basically you don't have to do much more than the button Scan to press. A little later, the enabled devices show up, with their IP address and MAC address.
Tip 02: Ports
We assume that you have found out through which IP address your network devices can be reached, but you also want to be able to reach the services that are active on such a device. Each service uses a specific port number, a number between 0 and 65,535. You can see such a port as a data channel along which the associated data packets are sent.
For example, the default port to exchange data between a browser and a web server (http) is 80, smtp uses port 25, pop3 uses port 110, and so on. An extensive list of almost all known services with the typical ports can be found here. The manual or configuration file for your device or server will usually tell you which port(s) the associated services use. In our own network, for example, we can connect from our browser to the Disk Station Manager of our Synology NAS via port 5001 (//192.168.0.200:5001) or access one of our IP cameras via port 88 (//192.168 .0.111:88).
Great, you now have both the IP address and the port number of the network device or network service that you want to reach via the Internet.
The first stumbling block: internal IP addresses are not reachable from the outside Tip 03: External address
The problem is that these IP addresses are non-routable. In other words, these are IP addresses that can only be reached from the same internal network (subnet) – in this case your home network. This means that these IP addresses cannot be reached from outside.
There is an IP address within your home network that is accessible via the internet: the external or public address of your router. You will find this in the configuration window of your router, but you will also find out if you surf from your own network to www.whatismyip.org and there My IP Address clicks.
Now we can already hear you thinking: then I only have to go from the outside : to surf to reach the desired service. Too bad, but unfortunately: that request does reach your router, but it does not know on which device (read: with which internal IP address) that service is running.
You can tackle this problem in several ways. We do it with a relatively simple one: port forwarding.
Tip 04: Port forwarding
Port forwarding means that your router automatically forwards all requests on a certain port number to a specific device within your network. Open your router's configuration window. Here you will find a section called Port forwarding or Forward port (or something similar), but on our Linksys E6400 router, for example, we found this option at Security / Applications & Games / Single Port Forwarding. If necessary, refer to your router's manual or visit the site, which has instructions for many router models.
You now add an item to the table and you usually need the following information: Application Name (e.g. IP camera), Device IP Address (the internal ip address), Internal port (the port number on which the target service is running), protocol (usually TCP, but sometimes too UDP or Both: refer to the manual supplied with the device or service), External port (usually the same as the internal gate, unless you deliberately want to enter through a different gate). You may also find something like Source IP fill in: unless you want to restrict access to (ip addresses of) specific external devices, leave this on All or any set. Confirm your choice so that the new referral rule is added.
