UniFi Port Forwarding
Published onby Iron (edited on )
If you need to provide remote access to your network, you might want to check out Port Forwarding. It's especially helpful for hosting servers (like game servers). Setting it up is straightforward in the UniFi network, but you need to careful with configuration. We don't want your netowrk to be compromised.
In the text below, I'll walk you through the process of setting up port forwarding (in UniFi). I'll outline some info to understand its basics after which we'll start implementing and test the configuration.
Let's do it!
Table of Contents
Why use Port Forwarding
Port forwarding allows external devices to access services on private networks from an external network. It does this by remapping the destination of a communication request from one address and port number to another. Within UniFi networks, port forwarding is managed through the UniFi Controller software, which can configure UniFi Security Gateways (USGs) or UniFi Dream Machines (UDMs) to forward traffic appropriately.
Alright, so why use Port Forwarding practically?
- Remote access: Allows users to access devices and services within a private network from remote locations.
- Hosting servers: Essential for hosting any server that needs to communicate with the internet, such as email, FTP, or web servers.
- Gaming: Necessary for online gaming where you might host a game server on your local network.
How to set up Port Forwarding in UniFi
Here’s how to configure port forwarding using the UniFi Controller:
Step 1: Access the UniFi Controller
Log in to your UniFi Controller. You can do this through a web browser by navigating to the IP address of your UniFi device.
Step 2: Open the gateway settings
- Navigate to devices: Click on the ‘Devices’ tab and select your UniFi Security Gateway or Dream Machine.
- Access the configuration panel: Click on the gateway and then go to the ‘Configuration’ section.
Step 3: Configure Port Forwarding rules
- Find Port Forwarding options: Within the configuration panel, find the section labeled ‘Port Forwarding’, ‘Firewall’, or ‘Routing & Firewall’ depending on your version of the UniFi Controller.
- Add a New Port Forward Rule:
- Name: Give your port forward rule a name.
- Enabled: Ensure the rule is enabled.
- From: Typically, this will be set to ‘Any’ unless you are restricting access to a specific IP address.
- Forward IP: Enter the internal IP address of the device to which you want to forward traffic.
- Forward Port: Enter the port number on the internal device that will receive the traffic.
- Protocol: Select the protocol (TCP, UDP, or both) used by the service.
- Destination Port: The port number that will be used externally to access the internal service.
- Apply changes: Save and apply the changes to activate the port forwarding rule.
Step 4: Test the configuration
After setting up port forwarding:
- External testing: Test accessing the service from outside your network using the external IP address of your USG or UDM and the destination port.
- Monitoring: Use the UniFi Controller's tools to monitor traffic. Make sure that the ports are being forwarded correctly.
Notes and tips
- Security considerations: Only forward ports that are necessary and always keep your devices updated to mitigate issues.
- Use Static IP addresses: Assign static IP addresses to devices that require port forwarding to ensure that the internal IP address does not change.
- Document your configuration: Keep a record of which ports are forwarded and why. This can help in troubleshooting and maintaining your network’s security.
Final thoughts
Alright, there we have it. Setting up port forwarding can come in handy to manage remote access to devices within your network. It's actually a poweful tool that be used correctly. Please make sure it does not expose your network to risks.
If you are managing complex networks (or have an advanced setup), consider working with a managed provider like UniHosted. We provide managed UniFi Controllers to improve your network efficiency. Especially, if you are an MSP or IT-service business looking for reliable, secure and scalable UniFi network deployments, this is something for you. If you would like me to personally walk you through UniHosted, you can schedule a call with me here.
We host UniFi Controllers in the Cloud
Are you ready to take your UniFi Network to the next level? Deploy a UniFi Cloud Controller in minutes and manage your network from anywhere.
Free tier available
Get the best support
Join 1660+ customers
No credit card required