45
This, by the way, is a great security feature. If somebody connects to your home network and they
aren’t connected to a valid port, you want the connection to get rejected. That’s the firewall element
of your router doing its job: rejecting unwelcome requests. If the person knocking on your virtual
door, however, is you, then the rejection isn’t so welcome and we need to do a little tweaking.
To solve that problem, you want to tell your router “hey: when I access you with this program, you’ll
need to send it to this device at this port”. With those instructions in place, your router will make
sure you can access the right computer and application on your home network.
So in this example, when you’re out and about and using your laptop, you use different ports to
make your requests. When you access your home network’s IP address using port 22, your router at
home knows that this should go to 192.168.1.100 inside the network. Then, the SSH daemon on
your Linux installation will respond. At the same time, you can make a request over port 80, which
your router will send to the web server at 192.168.1.150. Or, you can try to remotely control your
sister’s laptop with VNC, and your router will connect you to your laptop at 192.168.1.200. In this
way, you can easily connect to all the devices you’ve set up a port forward rule for.
The usefulness of port forwarding doesn’t end there though! You can even use port forwarding to
change existing services’ port numbers for clarity and convenience. For example, let’s say you have