How to configure port forwarding in Keenetic?

How to configure port forwarding in Keenetic?

By default, incoming connections from the Internet to computers or network devices on the home network are prohibited in Keenetic Internet centers. Suppose you have a webcam running at home and connected via Keenetic to the Internet. Computers on the home network will be able to connect to it, but it will not work to connect from the Internet to a webcam without port forwarding. In this case, sometimes they say "you need to open the port on the router". The term "port forwarding" sometimes they are replaced with similar "port forwarding", "port forwarding" or"port translation".
Port forwarding is part of the NAT (Network Address Translation) mechanism. The task of port forwarding is to provide access from the Internet to the services of your network using an open port.

Using the UPnP service, home network devices can resolve the connections they need themselves. UPnP allows you to programmatically redirect ports. Now torrent clients, messengers, game consoles, media servers and others use UPnP. Enable the UPnP service on your home network device or in the app. In order for Keenetic to accept UPnP settings, you only need to make sure that the system component "UPnP Service" is installed, which will automatically configure the necessary NAT and firewall rules. You can do this on the "General Settings" page; in the "Updates and Components" section, click on "Change the set of components".

In some cases, you may need to open certain ports manually. For example, to provide access from the Internet to a network storage (NAS) or server (WWW, FTP, etc.) of a local network; to provide remote access from the Internet to a computer on a home network using special services for remote desktop connection (Remote Desktop from Windows OS, or through Radmin, VNC, etc.); perform substitution of the destination port number (port mapping) to address another port.

Important!Port forwarding will only work if the Internet center uses a white (public) IP address to access the Internet. For more information, see the article "What is a static IP address?"

Let's consider an example of setting up port forwarding in the Keenetic Internet Center.
Suppose you need to provide access to connect from the Internet to your home computer through an application (server) Windows OS"Remote Desktop connection" (Remote Desktop; RDP).
In the Keenetic settings, you will need to open a specific TCP/UDP port that is used for incoming connections. In our example, RDP uses the TCP port number 3389 by default.

Register the device on the home network to which port forwarding will be performed. When registering, you need to enable the "Permanent IP address" option so that the computer in the home network always gets the same IP.

1. Port forwarding.

Go to the "Redirection" page" and click "Add Rule".

Keenetic Redirection Add rule

In the window that appears, "Port Forwarding rule" perform the rule setting.

Keenetic Port forwarding rule

Select the interface or specify the subnet for incoming traffic, the protocol and the port to be passed to the local network. Select the device or interface to which the appropriate traffic will be forwarded.

You need to correctly specify the value of the "Input" field. In this field, you need to select the connection or interface through which Keenetic gets access to the Internet. In most cases, you should choose the "Provider" interface. If you have an Internet connection via PPPoE, PPTP or L2TP, you need to select the appropriate connection. When connected to the Internet via a 3G USB modem/4G it is necessary to specify this connection, and when connecting via WISP, select the connection with the name of the network to which Keenetic is connected.

In the "Output" field, select the device, connection or interface to which the appropriate traffic will be forwarded (in our example, this is a PC computer registered in the home network). In the "Output" field, you can select the value "Other device" and specify the IP address. When selecting the value "This Internet center", the destination address will be Keenetic itself.

In the "Protocol" field" you can specify the protocol from the preset list that will be used when forwarding the port. If you select the value "TCP" or "UDP", you can manually specify the port number or port range (in our example, the protocol "TCP" is used and the application port 3389 is specified in the "Open Port" field).

In the "Work Schedule" field" you can add a schedule according to which this rule will work.

Keenetic Work Schedule

Important!To check the port forwarding functionality, you can access the WAN interface of the router from the Internet. It can also be done from a local network, because in Kinetics, by default, the NAT loopback address translation mechanism is enabled in the "Home Network" segment.

Now to connect to the desktop from the Internet, you will need to use an address of the form WAN_IP-address_keenetic:port_number
For example: 109.210.53.211:3389

Important!There is no need to make additional configuration of the firewall, because when using the forwarding rule, the Internet center independently opens access to the specified port.

The Council:If you need to open a range of ports, when creating a forwarding rule in the "Rule type" option" select the value of "Port range" and in the "Open Ports" fields, enter the start and end number of the range. For example, to open the range of TCP ports 45000 - 65000, the following rule is created:

Keenetic port range forwarding
 

2. Port forwarding with substitution of the destination port number (port mapping).

Sometimes there is a situation when you need to replace one port number X with some other Y. Port substitution can be used in case of blocking common port numbers on the provider's side or when the required port numbers are already occupied.

2.1. Consider an example when the RDP server is running on the TCP port number 3389, and accessing it from the Internet will go to the port with the new number 4389.In this case, an incoming connection to an external WAN IP address on port 4389 will be redirected to a specific local IP address and port 3389.

Keenetic open port

In the "Open Port" field, specify the new destination port (for calls from the Internet), and in the "Destination port" field" enter the real port number that is used on the server in the local network.

Important!When creating a port forwarding rule, port substitution will only work in the direction from WAN to LAN (from the Internet to the local network).

Keenetic destination port

Now to connect to the desktop from the Internet, you will need to use the address of the form WAN_IP-the address of the_keenetic:new_port_name
For example: 109.210.53.211:4389

2.2.Let's consider an example when two identical IP cameras (with IP addresses 192.168.1.101 and 192.168.1.102) are located in the local network of the Keenetic Internet Center and their web interfaces are available on port 80. You need to set up remote access from the Internet to IP cameras.
In this case, we use port mapping so that the web interface of the first camera is accessible when accessing from the Internet via port 10101, and the second camera via port 10102.

Keenetic port forwarding

Keenetic open port

Keenetic port forwarding

Now, to connect to IP cameras from the Internet, you will need to use an address of the form WAN_IP-address_keenetic:new_port_name
For example: 109.210.53.211:10101 to access the first camera and 109.210.53.211:10102 to access the second camera.

Share this article:
How to make money on traffic arbitration?
How to work effectively with Instagram accounts?