Setting NAT on the TP-Link router. So what’s the matter in statics?

What is NAT, how to set up and use it. NAT, Pat, Static Nat, Dynamic NAT

Good day, dear readers! Well, what about NAT.

Today we will touch on in more detail the topic is somewhat painful and quite incomprehensible, but more incomprehensible than painful.

To a greater extent, this problem concerns those who play multiplayer games and briefly this problem sounds something like this: “Why no one comes to me?”. For others, this problem looks a little different, namely:

  • Why doesn’t it download torrent?
  • Why are users/friends/acquaintances/unknown individuals cannot connect to FTP, Web, Voip (TS, Mamble. a bucket) and other servers that you tried to set up for so long and even checked that everything works for you?
  • Why is your personal home server empty? Maybe this is an universal conspiracy?

But, however, there is no conspiracy, the culprit of all these troubles is next to you and cunningly winks on you with light bulbs, and his name is. router, yes, the same one who gives you the Internet for all your (and maybe neighboring) devices.

setting, tp-link, router

In short, users from the Internet simply cannot connect to you, because your router does not let them in, but he does it not just out of the whim, but because he does not know that all these people want to connect to you precisely. So he thinks that they want something from himself.

Yes, I just outlined you what NAT is needed for you. And now what it is.

General definition

NAT (Network Address Translation). This is such a mechanism that allows the router to determine which services are behind the router and should be available from the Internet so that users can use these services from there (I will not take the definition from Vika, it is abstruse and not clear to everyone).

How to setup virtual server port forwarding on the TP-Link MR6400. explanation provided

NAT is present in all routers and server operating rooms in one form or another. In routers, this is usually called Port Forwarding. In the Linuxes Iptables. On Windows servers. In a special equipment. Now let’s talk about various types of NAT.

IP address colors and forms

Before you understand how to open access to your resources, you should understand how the Internet connection takes place at all. As a simple analogy, you can compare the IP address with the mailing address. You can send a letter to a specific address, ask a question in it and you will receive an answer to the return address. So the browser works, so you visit certain sites.

But people communicate with words, and computers are accustomed to numbers. Therefore, any request to the site is first processed by a DNS server that issues a real IP address.

Let’s say now that someone wants to write a letter to you. And not in response, but on its own. It is not a problem if you have a static white address. when connecting today, tomorrow, a month and a year it will not change. Anyone, from anywhere, knowing this address, can write a letter to you and get it exactly you. It is like a postal address of a family estate or family house, where you will not leave. You can get such an address from the provider only for a separate and regular fee. But with remote access, there are fewer problems. just remember the issued IP.

Usually the provider gives a white dynamic address-some of the unoccupied. This is similar to a daily arrival at the hotel when the number is issued to you by chance. There will be problems with the letter: you can get it or another guest. there are no guarantees. In this case, DDNS will help out. dynamic DNS.

The most sad but very common option is a gray dynamic address: you live in a hostel and share a single mailing address with another hundred (or even thousand) residents. You yourself can still write letters yourself, and they will reach the addressee. But the letter written to your mailing address will fall the commandant of the hostel (provider), and, most likely, will not go beyond the garbage basket.

The “gray” address itself is not a problem. in the end, all the addresses connected to your router have the address exactly what is “gray”. and this does not prevent it from using the Internet. The problem is that when you need a little more than just access to the Internet, you can change your router settings, but the settings of the provider router. no. In the case of a gray dynamic address, only VPN will save.

Who am I, where am I, what color I am?

We figured out terminology, it remains to understand what kind of address you have. Most providers have a fixed address, so if you do not have a “static IP address” service, then it is probably dynamic. But he is white or a gray goose. this needs to be checked. First you need to find out the external IP address of the router in its web-integer and compare with the address under which you are “seen” on the Internet.

In the route of the router, your IP can be found on the tabs “Information about the system”, “Statistics”, “Network card”, “Status”, etc. P. Somewhere there you need to look for wan ip.

If the address begins with “10.”, Or with” 192.168.”, Then it is definitely” gray “. most ways to open access will not work and only VPN remains.

If the address looks different, you need to look at it “outside” using one of the services showing your IP address, for example, http: //

If the address shown on the site coincides with what you saw in a web-intake, then you have an honest “white” address and access from the “big world” will not cause much difficulties-it remains only to configure “flows” on the router and connect DDNS.

Why is it needed

Above, we briefly touched the functions of NAT in the router, what it is and how it works. But the purpose of this technology deserves a deeper study. When designing a network, it implies the use of local IP addresses that are used inside the company or platform for local interaction. In other words, they are not routed in the “World Wide”. To appeal to devices outside the local platform, the private address must be transferred to a public. For this, there is NAT.

Thanks to the action of such a function, a device with a personal IPV4 address can submit requests outside the private Internet network. An additional advantage of the mechanism is to ensure confidentiality and security. In practice, NAT routers can be tuned with one or group of public addresses (NAT bullet). As soon as the equipment reached the external Internet network, the router with the support of the technology translates the internal address into a public. In this case, the NAT router, as a rule, operates on the Stub (Dead) network that has one connection (input/output).

With the help of NAT, all devices connected to the Internet networks use one IP address of an external integration. In simple words, network packages are adjusted and the IP address of the source and purpose is being replaced in them.

Summing up the intermediate results, the following features of NAT in the router can be distinguished:

  • Transformation of the local address into a public. After receiving the answer, the reverse process occurs.
  • Prevention and restriction of circulation from the outside to the devices of the local grid. In this way, the internal services of PC and servers from calls from the Internet network are hidden.
  • Settings of port redirections. The latter can be used to open access from the Internet to the NAS storage network or to the “Locals” server.
  • Replacement of the port number to turn to another port. For example, to transfer the router from the Internet to a different source, if the standard port 80 is blocked by the provider and it is necessary to get the opportunity to use port 8080 for access to settings.

�� Роутер TP-Link TL-WR840N (PPPoE, IPTV) настройка

Using NAT, a private network is connected to the Internet through the general public IP, which is issued by the provider, and the address resource is spent more economically. In addition, the use of the option is important from the standpoint of security. In particular, you can hide the locker from users from outside, which excludes unauthorized access.

setting, tp-link, router

How to use NAT function

Taking into account the above, the question arises of how to open NAT for its router. In most cases, the option is on by default. If this is not the case, its activation and additional setting are necessary. The algorithm of actions is as follows:

  • Enter any web conductor on PC, after which in the search bar enter the speed of the router (for example,
  • Autominate to enter the settings by entering the words Admin and Admin.
  • Enter the settings, and there is a network and routing.
  • Click on a new rule. In this way, it is possible to set the conditions for routing. Five directions are available here. using the DNS name, through the port or broadcast by the user, through the address of the address or the network intese.
  • Set traffic conditions by choosing one of the options. The following solutions are available to choose from. Auto, Interface, Gateway, Trunk. At the next stage, press further, and then close.

For each router, the principles of inclusion NAT may differ. For example, in ZYXEL it is necessary to enter the router settings, go to the Network. Routing section, and there in Policy Routing, there will be a toggle switch that allows you to enable the service. Next sets settings in the Criteria group. If you need to turn off NAT in a router, make the steps discussed above and deactivate the service. As an alternative to shutdown, you can transfer the router to another mode of operation.

If there is a need to change the type of NAT, enter the router settings, look at the IP and settings of the network connection. After that, call the provider to receive assistance in reconfiguration to the right type.

All about ports. And how to open the ports correctly

С недавнего времени участились случаи с вопросами, когда необходимо открыть порт на своем маршрутизаторе для игры или какой либо программы. Данная статья дополнит основную статью про порты, и прояснит ситуацию.

Everyone has long been using Lan imitators (local network), after some providers at the beginning of the new decade, disconnect all your subscribers from the local network, leaving them only the connection on the Internet channel.

It was from that moment that popularization went imitators, Since without them, it was impossible to play in some toy with a neighbor. And from that moment the question about the “opening of the ports” has become more Popular, and many Pseudo-Sis.The admins “tried to lay out the current guide how to open the ports on their iron. But not everyone knows what and how to do it right.

What is an “open port” ? Yes, everything is brilliant just. any computer on the network has a certain identifier (Name, MAC address, IP), so, according to IP, a certain package enters the router, but not just enters the IP, but by A special channel (port) through which the program sends/accepts requests from the external network. According to the standard, this package will not go beyond the router, since by default (hereinafter refund), the port on which the program works. closed, and what to accept the package, it needs to be opened.

What they write on the Internet. You can open the ports, regardless of what network equipment is worth. All this is nonsense! Any knowledgeable SIS.The admin will say. that IP is divided into two types. “White” and “gray”, and only one can open ports on one to take “bags” from outside. Grey. This is when IP can cross from the hands-in-hooks many times (it is also called as dynamic), White. or real (differently static) You can be assigned only one user, and will not move from hand-in-hooks.

It is on the “white” IP that it is worth opening the ports on your equipment. To get your “white” IP you need turn to his provider, and after that, he will appoint IP on you. This service is everywhere paid, and depending on the region it can be from 50/month.

Suppose we bought a real IP from our provider, and now we need to start setting. We will deal with the settings for 4 popular models of routers (Asus/tp-link/d-link/zyxel):

Примечание: настройка производилась на оборудовании Asus RT-N12 C1 с микропрограммой (черный интеейс)

  • We connect to our router through the browser (, with a login and password (Admin/Admin). You can find out about this on the back of the router or in the instructions for it.
  • In the left menu, select “Internet” (or Wan).Port redirecting (or Virtual Server/Port Forwarding)
  • We turn on this option by setting a checkmark on the contrary “Turn on port reduction: yes“.
  • We select the given ports from the finished templates, or enter our own:
  • The name of the service. You can be any
  • The range of ports. You can introduce both one port (for example 80) and the range (27000: 27099)
  • Local IP
  • The final port. as well as in the “range” should be introduced depending on what was first introduced. One or range.
  • Protocol. TCP/UDP/Both/Other. Select one (TCP/UDP ports select)
  • After entering the data, click on the plusk (to the left of the filling form).
  • And after entering data, click “Save”.
  • We connect to our router through the browser ( Or in some, with login and password (Admin/Admin). You can find out about this on the back of the router or in the instructions for it.
  • In the left menu, select the inter.grid screen/virtual servers.
  • Choose from ready.made templates. Or enter our own (choosing a point “COSTOM“):
  • The name of the service. You can be any
  • Protocol. Choose the desired protocol.
  • External port (initial)
  • Inner port (initial)
  • Internal IP
  • After entering data, you can click “Apply“, and after” through “System“. Select item “Reboot“, and only after that the ports should open.
  • We connect to our router through the browser (, with login and password (Admin/Admin). You can find out about this on the back of the router or in the instructions for it.
  • In the left menu, select forwarding (Forwarding).Virtual servers (Virtual Server).
  • After the opening of the “Virtual Servers” section, a page with a list of open ports should appear in front of you. In order to open the port you need here, you need to click on the “Add New” button and fill out the form:
  • Service port. external port. Here you need to enter the port (or the range of ports through the deficiency sign, for example, 10100-10200)
  • Inner port is an internal port that will be used by programs on your computer.
  • IP address
  • Protocol
  • State (Status). port status.
  • After entering the data, you can click “save” (Save).
  • We connect to our router through the browser (, with login and password (Admin/Admin or Admin/1234). You can find out about this on the back of the router or in the instructions for it.
  • In the left menu, select “Security” (in the form of a shield).Network address broadcast (NAT).
  • After the section is opened, the “broadcast of network addresses (NAT)” click on the “Add” button and add by the template:
  • Inte Wee. select the necessary integer. Attention! It is necessary to correctly specify the value of the field integration. Depending on whether your provider uses authorization (PPPOE, L2TP or PPTP), the value of this field can be different. If the authorization of the provider is not used, you should always choose the BroadBand Connection Inte Week (ISP). If the provider uses PPPOE to access the Internet, then you should choose the corresponding PPPOE integust.If you are provided with simultaneous access to the local network of the provider and the Internet (Link Duo), you need to select the BroadBand Connection (ISP) integration to the port from the local network, and the tunnel integration (PPPOE, PPTP or L2TP) to spray the port from the Internet).
  • Protocol. you can specify the protocol from the list of pre.installed, which will be used when passing the port (in our example, TCP/21 is used. FTP file transfer). When choosing a protocol in the TCP or UDP protocol, you can in the fields
  • TCP/UDP ports. indicate the port number or port range.
  • Redirect to the address. indicate the local IP address of the computer.
  • Port-ons on TP-Link-step-by-step instructions

    On a computer, laptop or phone connected to the TP-LINK or Archer router via cable or via Wi-Fi wireless network, run the web browser, enter the IP of the Router 192 in the address line or through the symbolic address TPLINKWIFI.NET, which has been working on all TP-Link models since 2018.

    For authorization, use the login and password indicated in the sticker on the back of the router case. But on the last models of TP-Link Archer routers, there is no factory login and password in the sticker. Here is an example:

    This means that when the router is first connected from the user, you need to come up with and enter the password for entering. If you do not know it or do not remember it, then you have to fulfill the full dropping of the router settings to the factory parameters and set it up again.

    After successful authorization, follow the following actions.

    How to open ports in a new integra

    If the factory login and password do not log in in the web-integse and in the additional settings of the router, open the “NAT ADVRESSION” section ⇒ “Virtual servers”:

    To create a new virtual server, click the “Add” button. A menu will appear to create a rule. You need to correctly fill the fields:

    In the “Server Type” field, we write the name of the game or program for which we want to open a port on TP-Link. In the field “External port” you need to prescribe the desired port number. In the “Internal IP Address” field, enter the IP address of the computer in the local network, for which it is necessary to pass the ports on the router. Duplicate the port number in the field “Inner port”. In the “Protocol” list, we select the “everything” option so as not to make several rules for different protocols. If you need only one protocol. then select it in the list: TCP, UDP or other. Click on the “Save” button. Now you can check the availability of the program or game from the Internet.

    How to open ports in an old inteue

    If you have one of the old Wi-Fi models TP-Link like TL-WR740N or TL-WR841ND, then there the web-intese is outwardly different and looks already like this.

    Despite the external differences, the algorithm of actions is the same as the models of Archer AX. Open the section “Predress” ⇒ “Virtual servers” and click the “Add” button to create the rule of the virtual server.

    In the menu that appears, fill out the fields following the example in the picture. indicate the port number that you want to open in the field “Port of the Service” and “Internal Port”. Then specify the IP address of the computer for which we make ports of ports and protocol. If you do not know which protocol to indicate. choose the option “All”. The condition is included. Click the “Save” button.

    How to open all ports at once on a TP-Link router

    If you have a server on the network, on which there are several services at once that should have direct access from the Internet, then you can open all the ports of the router for this IP address at once. To do this, again, in the additional settings of the TP-Link Archer router, open the section of the “NAT ADVRESSION” menu ⇒ “DMZ”.

    DMZ is a reduction from Demilitarized Zone, that is, a demilitarized zone. In this case, it is a device in a home network, on which there are one or more public services and opened by the Router Security Rules for full access from the external network.

    DMZ tunes on TP-Link is very simple! Put the box “Turn on DMZ”. Then, in the “IP address of the DMZ” field, we enter the IP address of the computer in the local network.

    Why do you need open ports on a router

    Special data transfer protocols are used to exchange information on the Internet. For example, to open a page of a site, your computer connects to the server on which the site is located and requests the connection to the port 80 for HTTP or port 443 in the case of https. If the desired virtual port on the server is closed, then you cannot open the site. In the case of torrents or a game server, your computer is already starting to accept incoming connections from other computers on the network. And so the computer is connected to the Internet not directly, but through a home Wi-Fi-rower, on which everything is initially closed with a security policy, you will have to make ports on the router. This is usually done for the following tasks:

    • creation of a game server;
    • video conferences;
    • remote computer control;
    • file distribution through file.sharing protocols (FTP, TFTP, Torrent).

    You can find out which port uses the program or server either in the manual to it, or when contacting technical support, or in the settings of this program.

    Porting ports on a router. Instruction

    On average, to open the port through a router, a professional will take 5 minutes of time. A less prepared user will take a little more time. But in any case, it is quite simple! Now I will show the general algorithm of actions, adhering to which you can do this without any problems on any modern Wi-Fi Marshrutizer.

    Connect to a home local network via a cable or via Wi-Fi and enter the router settings. The IP address of the router can be viewed on its sticker (usually or, as well as the factory password for the entrance to the Personal Account.

    Open the additional settings of the router. On some models you need to go into the expert regime.

    Find the subdivision responsible for the passage of ports. It is usually called “virtual servers”. If it is not, look in the settings of the inter.grid screen or NAT.

    Create a new rule for Port Forwarding’a. In this rule, indicate the number of the right port and the IP address of the computer in the local network, which is carried out.

    Save the settings and check open ports using online services. For example, after 2ip. link.

    Despite the fact that this is a very, very general instruction, it will be relevant on any model of the router. Just attach your hands and head a little and you will succeed!

    Now let’s look at the examples of how to open ports on a router for the most common and popular models for today!

    Router TP-Link Archer

    Wi-Fi TP-Link routers and their most recent models from the Archer family are the most popular in routers. According to statistics, in the 2020s, it was the devices of this brand that most often bought. To open the port on TP-Link, follow the following actions.

    Open the section of additional settings and find the section “NAT ADVRESSION” ⇒ “Virtual servers”. So you will get on the list of created rules. If the port of the port on the router was not made earlier, then the table will be empty. Press the “Add” button.

    Next, you need to create a rule. To do this, in the field “Type of service” we write the name of the service. I have this game and I will call the rule as “game”. Below we prescribe the port number, which must be opened and the local IP address of the computer, to which we make. Choose all (all) protocols at once, so as not to add additional rules. If this option is not, put TCP/UDP. Put the checkplace “Turn on”. Press the “Save” button. Check.

    Open ports on kinetics (Keenetic Zyxel)

    Previously, these routers were called ZYXEL, and now they are called keenetic. To open a port on kinetics (they are now called Keenetic, and the old models were called Zyxel), you can adhere to the next order:

    Put the daw “Turn on the rule”, write its name in the “Description” field. In the list “Input” you need to select an Internet connection integration. I have it pppoe. If you use a dynamic IP type, then you need to choose an IPOE option. In the “Exit” list you need to select the computer or other device on which we do Port Forwarding.

    Next, you need to select the necessary protocol and option. one port or range. It remains only to prescribe the number of the right port and click the “Save” button.

    Port redirecting on ASUS

    Now let’s look at an example of how to open ports on an ASUS router. The beginning is the same, like the previous ones. we go to the router through its IP, log in in your personal account for configuration.

    In the menu of the ASUS personal account, select the Internet section, and then select the “Port Adverse” tab, where put the “Yes” flag in the line “Turn on the port” forwarding ”. After that, a list of forwarded ports will appear below, which is initially empty and it must be correctly filled:

    In the field “Service name” we write the name of the program, game or server for which we make a passage. In the “port range” field we write one port or several through a colon, if you need a range. In the column “Local IP address” we select the desired IP address. In the column “Local port” again we write the desired port number. In the “Protocol” field, select the desired protocol. TCP, UDP or other. Press the button with a plus to add the rule to the list.

    Do not forget to press the “apply” button to save changes in the settings of the router.

    setting, tp-link, router

    Port Forward D-Link Dir

    D-Link Mashrutizers were very popular more than 5 years ago, now their position was seriously shaken. Nevertheless, now they still often meet. To open a port for a game or torrents on a d-link router, take the following steps. In the browser we enter the address http: //, login Admin and password. After authorization, open the section of the “Interseter Screen” menu ⇒ “Virtual servers”:

    How to go to the TP-Link router

    Before showing how to make ports of ports on TP-Link, we will show you how to go into the settings of the TP-Link Archer router, since many are not even aware of how it is done.

    We begin by picking our Wi-Fi router in our hands, turn over and look what is written on the sticker, namely, in the field “Data for the default entrance”:

    The first thing you will need is the address of the device in the local network. TP-Link routers usually use TPLINKWIFI address.Net. as in the picture above, or IP address The ADSL modems sometimes have the address TPLINKMODEM.Net. You must enter this address in the address line of the web browser on a computer connected to the router, laptop or smartphone:

    After that, a page for entering the login and password for input should open after this. In these fields, enter the login and password from the sticker. If the factory password has not come up, then it has already been changed before. What to do in this case is written in the instructions not suitable for the password for the router. After successful authorization, you can perform the following actions.

    Portgs on Archer

    In a modern web-integrator TP-Link, setting is divided into three options. Fast, basic and additional. To open the port on Archer C5, C6, C60 you need to open “Additional settings” and in the menu on the left select the “NAT ADVRESSION” section “Virtual servers”.

    To open ports on TP-Link Archer, in the “Virtual Servers” menu, click the “Add” button. This menu will appear:

    • In the “Type of Service Type” field, we write the name of the program, game or server for which we make ports of ports. Below we indicate the number of the port of the external and internal. If you need to specify the port range. we prescribe the number of the initial one and through the hyphen. the number of the final port.
    • It is also necessary to specify the local IP address of the computer or device for which a sprout is made and select the protocol used. Well, or set the meaning of “everything” there, so that the port is open for all protocols at once. Do not forget to put the checkplace “turn on” so that the rule is active.
    • Click on the “Save” button to apply the settings.

    A new line will appear in the virtual server table! You can check the availability!

    Why do not open ports on the TP-Link router-possible problems

    Even if you do everything right, then there is a probability of encountering a mistake that the ports on the TP-Link router do not open-why?

    If when contacting the internal device via the Internet you get to the main page of the TP-Link router, then try to change the Web port (http port) and media port to other values ​​and throw them. Also, keep in mind that the operation of porting ports should only be from the external Internet, and not from the device included in your local network.

    If, when contacting an internal device via the Internet, nothing happens at all, then check:

    • Whether antiviral agents (firewall, firewall) are disabled or exceptions to connect to your ports should be configured in them.
    • There is also a chance that in the absence of an external static IP, when using the DDNS service, the provider prohibited the use of some ports.
    • The following that it makes sense to check whether the NAT function is included for the connection through which you get the Internet from the provider.
    • In the network settings of the device/computer on which the ports are carried out, it is necessary that the default gateway IP address is equal to the LAN IP address of the router (by default This is relevant if you manually indicate network settings on the device/computer. If the device/computer is a DHCP client, t.e. Automatically receives an IP address, a subnet mask, a default gateway and DNS address, in which case the default gateway will be equal to the lan IP address of the router.
    • It is also possible to eliminate part of the problems by turning on the function of the open DMZ server. His work will be to redirect absolutely all external requests from the Internet to the same IP address inside your local network.

    Solving possible problems when passing ports

    It is important to remember that when passing the standard port 80 for HTTP, it is possible to lose access to the control panel of the equipment.

    To prevent this from happening, you need to change the cell in the parameters of the device.

    Through “security” go to “remote management”. Where the “port of the web control” to establish a different meaning and save.

    If in the future it will be required to open the control of the Wi-Fi Router, after the IP-Address via the digital sign (:) it is necessary to enter the port value.

    Port Samples: Filling the Table

    The table is filled to simplify the operation of the device and for the distribution of ports.

    • The first column is random numbers;
    • The second is the unchanging value of IP;
    • The protocol determines the communication method. It is strictly recommended to set the values ​​of “Both” and “UDP” in the chess
    • order and send ports to them until the connection is established.

    The remaining two counts cannot be changed!

    ATTENTION! The column “Modify” is filled only by experienced users. This is a count of custom non.standard settings and bypass routes (BYPASS). By indicating the wrong values ​​in it, you can break the algorithm of all active ports, so it is better not to touch it.

    After setting, you need to save the parameters so that the router remembers them. You can save this:

    • Save the document in format “.ini “, and then integrate into another device;
    • save the page completely, and then open in the browser when connecting;
    • write down the parameters or remember them.

    Most routers have similar architecture and configuration, so there are a sufficient number of settings and presets for each model on the Internet. By loading the finished profile for your device, you can save time and effort spent on setting. If there is a desire to make out this independently. this article will help the best way as possible.

    It is recommended to carry out a passage immediately after installing the router, since the standard settings will accumulate many errors in the router, which will affect the quality of communication and the service life of the device. Ordinary protocols and data transmission algorithms are not configured for all devices.