Modern computer networks almost always use a private IP addressing scheme.
The router then keeps track of this translation.
This process is seamless to the user in most circumstances.
It is used in all LANs and many WANs that arent on the internet.
NAT really only has one functionality issue, servers.
What happens if a server runs on an internal, privately addressed connection?
With NAT in place, the router doesnt know what traffic is intended for the server and what isnt.
Theres no existing connection.
Contents
Port Forwarding
The solution to this issue is called port forwarding.
Port forwarding is essentially manually setting up NAT for a specific service.
when you’ve got those details, you must go into your router management console.
On home routers, a web-based interface will typically be hosted on the router itself.
Enterprise-grade routers may offer a web interface.
It will generally be necessary to explicitly save the change.
One thing to note is that many applications dont allow using custom port numbers.
This situation means that the port forwarding rule has to be configured to match the default server port number.
Some applications, however, allow the destination port to be specified.
In this situation, there is no pressure to ensure that the server runs on its standard port.
Note:It is worth noting that this only works for specifically invited users rather than the larger public.
This should also not be relied upon as an alternative to security measures such as a password.
Hackers and bots constantly scan the whole Internet address space to find servers they can access.
The process happens seamlessly upon web link connection without requiring user interaction.
Unfortunately, UPnP has been shown to have multiple security vulnerabilities.
Note:UPnP and the devices that use it are generally intended to be used in home networks.
UPnP offers functionality to automatically configure port forwarding.
This is typically used on small devices such as IoT devices.
UPnP also has had several security issues identified over time that could let attackers access unintended internal devices.
As such, disabling UPnP is generally recommended unless you specifically need it.
