The first time I heard the term Port Forwarding, I thought:
"Why are we forwarding ports? Where are they going? And what even is a port?"
If you're confused, you're not alone.
Most networking guides jump straight into router settings and configuration screens.
The problem is that if you don't understand why port forwarding exists, the settings won't make much sense.
So let's start from the beginning.
No jargon.
No networking degree required.
Just simple examples.
Imagine Your House
Let's say your house has one street address:
221 Cyber Street
Anyone sending mail to your house uses this address.
Simple.
Now imagine inside the house there are multiple people:
Dad
Mom
Brother
Sister
You
All share the same house address.
The mailman only knows:
221 Cyber Street
He doesn't automatically know which person should receive each letter.
Somebody inside the house must direct the mail.
This is exactly what your router does.
Your Home Network Works The Same Way
Inside your home network:
Laptop
Phone
Smart TV
Gaming Console
Kali Linux VM
All these devices share a single public internet address.
Example:
Public IP:
49.36.100.50
But internally:
Laptop = 192.168.1.10
Phone = 192.168.1.20
TV = 192.168.1.30
The internet only sees:
49.36.100.50
Not the internal devices.
Why This Is Actually A Good Thing
Imagine if every device in your house were directly visible on the internet.
That would mean:
Laptop
Phone
Printer
Camera
TV
could all be contacted by anyone.
That's dangerous.
So routers hide internal devices by default.
Think of it as a security guard standing at your front gate.
The Problem
Suppose you install a web server on your computer.
Maybe:
Apache
Nginx
NodeJS
The server is running perfectly.
Inside your network:
http://192.168.1.10
works.
But your friend across town can't access it.
Why?
Because the router blocks incoming traffic.
The request reaches the router and stops there.
What Happens Without Port Forwarding?
Your friend tries:
http://49.36.100.50
The request arrives here:
Internet
|
Router
X
Router says:
"I don't know which device should receive this."
Connection denied.
Game over.
Enter Port Forwarding
Port Forwarding gives the router instructions.
You tell it:
"Whenever traffic arrives on this port, send it to that machine."
Example:
Public IP:80
↓
192.168.1.10:80
Now the router knows exactly what to do.
Visualizing It
Without Port Forwarding:
Internet
|
Router
X
With Port Forwarding:
Internet
|
Router
|
Laptop
The router becomes a traffic director.
Wait... What's A Port?
This is where many beginners get confused.
A port is not a physical thing.
Think of ports as apartment numbers.
Your building address:
49.36.100.50
Apartment numbers:
22
80
443
3306
3389
Different services listen on different ports.
Examples:
22 SSH
80 HTTP
443 HTTPS
21 FTP
25 SMTP
The IP tells you the building.
The port tells you the room.
Real Example: Web Server
Suppose:
Laptop
192.168.1.10
Running:
Port 80
Port Forward Rule:
49.36.100.50:80
↓
192.168.1.10:80
Now anyone visiting:
http://49.36.100.50
reaches your website.
Real Example: SSH Server
Suppose you want remote terminal access.
Your machine:
192.168.1.10
Running SSH:
Port 22
Forward:
Public Port 2222
↓
192.168.1.10:22
Now:
ssh user@49.36.100.50 -p 2222
reaches your internal machine.
Why Change The Port Number?
Many people ask:
Why 2222 instead of 22?
Because the external port and internal port don't have to match.
Example:
Public Port 8080
↓
Internal Port 80
or
Public Port 4444
↓
Internal Port 22
The router simply redirects traffic.
Port Forwarding In Virtual Machines
This is where cybersecurity students encounter it most.
Suppose Kali runs in NAT mode.
Host PC
|
Kali VM
Kali gets internet access.
But your host cannot directly SSH into Kali.
So VirtualBox creates:
Host Port 2222
↓
VM Port 22
Now:
ssh kali@localhost -p 2222
works.
Even though the VM is hidden behind NAT.
This is often the first real port forwarding setup beginners use.
How Attackers See Port Forwarding
Security professionals immediately ask:
What services are exposed?
Imagine an administrator accidentally forwards:
3389 -> Windows RDP
22 -> SSH
3306 -> MySQL
Suddenly those services become reachable from the internet.
If poorly secured, attackers may discover and target them.
Many real-world breaches begin because a service was exposed through port forwarding and forgotten.
The Security Risks
Port forwarding is useful.
It's also dangerous.
Opening a port is like opening a door.
Every open port becomes a potential entry point.
Good practice:
✅ Only forward required ports
✅ Use strong passwords
✅ Enable MFA where possible
✅ Keep software updated
✅ Remove unused rules
Bad practice:
❌ Exposing everything
❌ Using default credentials
❌ Forgetting old services
The Hotel Analogy
Imagine a hotel.
The hotel address is:
49.36.100.50
Rooms:
22
80
443
3389
Visitors arrive at reception.
Without instructions:
Visitor
↓
Reception
X
Reception doesn't know where to send them.
With Port Forwarding:
Room 80 → Website
Room 22 → SSH
Room 3389 → Remote Desktop
Reception forwards each visitor to the correct room.
That's literally what Port Forwarding does.
The One-Sentence Explanation
If you remember nothing else, remember this:
Port Forwarding tells a router which internal device should receive traffic arriving on a specific external port.
Everything else is just details.
And once this concept clicks, NAT, VPNs, reverse shells, cloud networking, firewalls, and penetration testing become much easier to understand.
Top comments (0)