Bobcares

Steps to configure port forwarding on windows using netsh

by | Nov 17, 2020

Webmasters can easily configure network port forwarding on Windows using netsh, without using any third-party tools.

As a part of our Server Management Services, we help our Customers with Windows related requests regularly.

Let us today discuss the steps to configure port forwarding on windows using netsh.

How to Configure Port Forwarding on Windows using Netsh Portproxy?

Using a port forwarding rule, we can redirect an incoming TCP connection (IPv4 or IPv6) from the local TCP port to any other port number, or even to a port on a remote computer.

We can configure port forwarding in Windows using the Portproxy mode of the Netsh command. The command takes the following syntax:

netsh interface portproxy add v4tov4 listenaddress=localaddress listenport=localport connectaddress=destaddress connectport=destport
The details of the parameters in the command:
  • listenaddress – is a local IP address to listen for incoming connection (useful if we have multiple NICs or multiple IP addresses on one interface)
  • listenport – local listening TCP port number (the connection is waiting on)
  • connectaddress – is a local or remote IP address (or DNS name) to which we want to redirect incoming connection
  • connectport – is a TCP port to which the connection from listenport is forwarded to.

A support request that we handled recently dealt with making RDP service to respond on a non-standard port – 3340.

First, we redirected incoming traffic from TCP port 3340 to another local port – 3389 which is the default RDP port number.

While using any other port, make sure that no other service or process listens on the local port number that we specified in listenport:

netstat -na|find "3340"

Alternatively, we can also check that the port is not listening locally using the PowerShell cmdlet Test-NetConnection:

Test-NetConnection -ComputerName localhost -Port 3340

Now, to create a port forwarding rule, run a command prompt as an administrator and run the following command:

netsh interface portproxy add v4tov4 listenport=3340 listenaddress=IP_address connectport=3389 connectaddress=IP_address

Replace IP_address with the current IP address of the server.

Now, use the netstat tool to check that Windows is now listening on local port 3340:

netstat -ano | findstr :3340

C:\Windows\system32>netstat -ano | findstr :3340
TCP IP_address:3340 0.0.0.0:0 LISTENING 636

IP forwarding may not work in cases where the iphlpsvc (IP Helper) service is not running or if IPv6 support is not enabled on the network interface for which the port forwarding rule is created.

To make port forwarding work on Windows Server 2003/XP, we must additionally set the IPEnableRouter parameter to 1 in the registry key HKLM\SYSTEM\ControlSet001\Services\Tcpip\Parameters.

Port forwarding with a remote system

We can find out what process is listening on the specified port using its PID (in our example, the PID is 636):

tasklist | findstr 636

Let us try to connect to this port from a remote computer using any RDP client. Port 3340 should be specified as the RDP port number. It is specified after the colon following the RDP server address.

If we want to forward an incoming TCP connection to a remote computer, use the following command:

netsh interface portproxy add v4tov4 listenport=3389 listenaddress=IP_address1 connectport=3389 connectaddress=IP_address2

This rule will redirect all incoming RDP traffic (from local TCP port 3389) from this computer to a remote host with an  IP address IP_address2.

[Stuck while Configuring Port Forwarding on Windows ? Contact our Support Specialist now.]

Managing Port Forwarding Rules in Windows

Make sure that the firewall (Microsoft Windows Defender Firewall or a third-party firewall that are often included into an antivirus software) allows incoming connections to the new port. We can add a new allow rule to Windows Defender Firewall with the command:

netsh advfirewall firewall add rule name=”forwarded_RDPport_3340” protocol=TCP dir=in localip=IP_address localport=3340 action=allow

Or using the New-NetFirewallRule PowerShell cmdlet:

New-NetFirewallRule -DisplayName "forwarder_RDP_3340" -Direction Inbound -Protocol TCP –LocalPort 3340 -Action Allow

We can create any number of Windows port forwarding rules. All netsh interface portproxy rules are persistent and the system stores it even after a Windows restart.

To display a list of all active TCP port forwarding rules on Windows, run the command:

netsh interface portproxy show all

You can also list port forwarding settings in portproxy as follows:

netsh interface portproxy dump

#========================
# Port Proxy configuration
#========================
pushd interface portproxy
reset
add v4tov4 listenport=3340 connectaddress=IP_address connectport=3389
popd
# End of Port Proxy configuration

To remove a specific port forwarding rule:

netsh interface portproxy delete v4tov4 listenport=3340 listenaddress=IP_address

To remove all existing mapping rules and completely clear the port forwarding rules table:

netsh interface portproxy reset

Another portproxy feature is an opportunity to make it look like any remote network service is running locally.

For example, let us redirect the connection from the local port 5555 to a remote HTTP server with IP address 157.166.226.25 (CNN website):

netsh interface portproxy add v4tov4 listenport=5555 connectport=80 connectaddress= 157.166.226.25 protocol=tcp

Now if we access http://localhost:5555/ in the browser, the CNN Start page will open. So despite the browser is accessing the local computer, it opens a page from an external web server.

[Need any further assistance to configure port forwarding in Windows? – We’re available 24*7]

Conclusion

In short, port forwarding rule helps us to redirect an incoming TCP connection from the local TCP port to any other port number. Today, we saw how our Support Engineers configure port forwarding on windows using netsh.

 

PREVENT YOUR SERVER FROM CRASHING!

Never again lose customers to poor server speed! Let us help you.

Our server experts will monitor & maintain your server 24/7 so that it remains lightning fast and secure.

GET STARTED

var google_conversion_label = "owonCMyG5nEQ0aD71QM";

2 Comments

  1. br

    Is this a permanent setting? Does it persist through a reboot?
    Or is there a way to automate this?

    Reply
    • Maheen Aboobakkar

      Hello,

      All netsh interface portproxy rules are persistent and the system stores it even after a Windows restart.

      Reply

Submit a Comment

Your email address will not be published. Required fields are marked *

Never again lose customers to poor
server speed! Let us help you.

Privacy Preference Center

Necessary

Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.

PHPSESSID - Preserves user session state across page requests.

gdpr[consent_types] - Used to store user consents.

gdpr[allowed_cookies] - Used to store user allowed cookies.

PHPSESSID, gdpr[consent_types], gdpr[allowed_cookies]
PHPSESSID
WHMCSpKDlPzh2chML

Statistics

Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.

_ga - Preserves user session state across page requests.

_gat - Used by Google Analytics to throttle request rate

_gid - Registers a unique ID that is used to generate statistical data on how you use the website.

smartlookCookie - Used to collect user device and location information of the site visitors to improve the websites User Experience.

_ga, _gat, _gid
_ga, _gat, _gid
smartlookCookie
_clck, _clsk, CLID, ANONCHK, MR, MUID, SM

Marketing

Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.

IDE - Used by Google DoubleClick to register and report the website user's actions after viewing or clicking one of the advertiser's ads with the purpose of measuring the efficacy of an ad and to present targeted ads to the user.

test_cookie - Used to check if the user's browser supports cookies.

1P_JAR - Google cookie. These cookies are used to collect website statistics and track conversion rates.

NID - Registers a unique ID that identifies a returning user's device. The ID is used for serving ads that are most relevant to the user.

DV - Google ad personalisation

_reb2bgeo - The visitor's geographical location

_reb2bloaded - Whether or not the script loaded for the visitor

_reb2bref - The referring URL for the visit

_reb2bsessionID - The visitor's RB2B session ID

_reb2buid - The visitor's RB2B user ID

IDE, test_cookie, 1P_JAR, NID, DV, NID
IDE, test_cookie
1P_JAR, NID, DV
NID
hblid
_reb2bgeo, _reb2bloaded, _reb2bref, _reb2bsessionID, _reb2buid

Security

These are essential site cookies, used by the google reCAPTCHA. These cookies use an unique identifier to verify if a visitor is human or a bot.

SID, APISID, HSID, NID, PREF
SID, APISID, HSID, NID, PREF