How To Do It

From your Technical Cavalier!

User Tools

Site Tools


You've done everything right. You're sure it should work. You've don'e this a thousand times, it should work!!!

But it just won't answer up … says your port is closed says your port is closed

It's driving you nuts!

There are a dozen or so reasons your port forwarding may be failing. It might even be working and your internals are wrong. This article will address a few common issues.

The biggest culprit I've found is you may not actually own the IP. It may be behind one or more routers that you have no access to or the IT people in charge of it are unwilling to program for you or even check if that's the situation. Such is the case if you are on a cellular connection, satellite, or other shared / resold connections.

You can check this by doing a traceroute. Look up for your operating system how to do that iP command. Check something like or that you know will answer up. You will see the IP's of the routers in between - usually you can tell by names or the IPs when your test packet leaves your location and service providers system.

Sometimes we find we have double nat right on the location. The service providers 'modem' frequently has a router in it, (telltale sign is that it has several ethernet ports) and the client or another tech followed that with their own router. You will see this with your traceroute test.

If this is the case in many instances we can 'DMZ' the first router to the second, then port forward from there. In the case where we have several routers behind the main router, we will have to forward each port from the main router to its secondary, then from the secondary to the receiving device.

While we're here, take note that DMZ can be a good test tool. Sometimes your port forwarding DOES work, but some kink in compatibility causes a failure. In some cases DMZ will move your traffic where port forwarding will not. I use DMZ frequently to eliminate forward issues during testing. IF you really have no clue what ports are being requested and you don't have the tools to figure it out, DMZ can oft be the solution if there is only one device on the network receiving incoming traffic.

Sometimes a modem / router wants to control the IP assignment, or uses something other than the IP such as the MAC to control identifying the receiving computer or controlling the forward. In this case we need to set the device to DCHP in the router and reserve its address so that we can find it within the network. Some instances of ATT Uverse and several other services require you to use DHCP in order to successfully forward incoming traffic.

why_isn_port_forwarding_working.txt · Last modified: 2020/07/18 14:06 by technicavolous