Jump to content


Photo
- - - - -

Confused over port forwarding

port forwarding

Best Answer Khariz, 08 December 2016 - 02:26 AM

Yeah, your router is just about irrelevant.  You have an IP connection on say TCP/UDP port 443 open to the AirVPN sever.  That's a content agnostic IP connection.  If AirVPN is opening up a port on their server, the information is still flowing back to your computer through the TAP tunnel over the IP connection.  So when that torrent program running on your computer needs to use a certain port, it's not looking for the port on your router (when its bound to the TAP adapter).  It's looking for an open port through IP tunnel you are already punching through the NAT with.

Go to the full post


  • Please log in to reply
4 replies to this topic

#1 mikedefieslife

mikedefieslife

    Newbie

  • Members
  • Pip
  • 6 posts

Posted 07 December 2016 - 05:44 PM

It seems that for P2P clients I need to setup some kind of port forwarding here: https://airvpn.org/ports/

 

Pretty confused as to what this does and how it should be setup. I've read up about here: https://airvpn.org/faq/port_forwarding/ but it hasn't really made things any clearer. 

 

Say for example I use transmission or utorrent and have the port set at 9797. On my router I set port 9797 to then be forwarded to the same port on a specific local IP address.

 

Do I then need to go to the AirVPN port forwarding page and set both the port and the local port to 9797 too? What about DDNS?

 

Do I have to change or update this every time I switch servers? How does AirVPN know to always forward traffic from that port to me no matter which server I'm on? Bare in mind the company doesn't keep any logs or records 



#2 zhang888

zhang888

    Donald Trump of IT/Security

  • Moderators
  • 2214 posts

Posted 07 December 2016 - 06:06 PM

https://airvpn.org/topic/14949-help-with-port-forwarding/?p=30873

 

How does AirVPN know to always forward traffic from that port to me no matter which server I'm on? Bare in mind the company doesn't keep any logs or records

 

Obviously since you are connected to a server, the server already 'knows' which user is connected to it, this information is also hardcoded in your certificate. The same ports for the same user are mapped across all servers.

You can see your connection state and duration in the client area. Nothing in this part requires logging of any kind.


Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees.


#3 mikedefieslife

mikedefieslife

    Newbie

  • Members
  • Pip
  • 6 posts

Posted 07 December 2016 - 06:10 PM

Excellent. I think I've got it. Seems to be working at least. 

 

On the router side of things, it seems that I must not use the same ports that I also have open my router. 

 

In which case, how does the forward traffic manage to bypass the NAT in my router? Just curious. 



#4 zhang888

zhang888

    Donald Trump of IT/Security

  • Moderators
  • 2214 posts

Posted 07 December 2016 - 06:12 PM

The traffic does not bypass NAT, because you have an IP tunnel inside your LAN, the router does not see this L3 traffic.


Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees.


#5 Khariz

Khariz

    Advanced Member

  • Members
  • PipPipPip
  • 417 posts

Posted 08 December 2016 - 02:26 AM   Best Answer

Yeah, your router is just about irrelevant.  You have an IP connection on say TCP/UDP port 443 open to the AirVPN sever.  That's a content agnostic IP connection.  If AirVPN is opening up a port on their server, the information is still flowing back to your computer through the TAP tunnel over the IP connection.  So when that torrent program running on your computer needs to use a certain port, it's not looking for the port on your router (when its bound to the TAP adapter).  It's looking for an open port through IP tunnel you are already punching through the NAT with.







Similar Topics Collapse


1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

Servers online. Online Sessions: 15239 - BW: 55025 Mbit/sYour IP: 54.162.133.222Guest Access.