How To Make A Server Without Port Forwarding?
Let’s say you have a local area network with many computers, but outside your LAN, no one can access the server. Don’t know what to do with it, and want to host something. Or maybe you’re just curious about how servers work under the hood. The good news is that in every router configuration available there’s a way of setting up a server without needing port forwarding .
What we’re going to do
We’re going to set up a UDP Server on our computer and then we will turn off ICMP request handling on our router – guess why that way all requests not related to the initial handshake (SYN) will be ignored by the router.
This way our UDP Server will be available to the outside world, but only if a client first connects. It makes no difference whether or not that client has a static IP because all traffic coming from a particular port to a particular host and port combination is ignored by the router as being an attempt to establish a connection with itself. I know it’s confusing, this is what you have to keep in mind: once your server starts sending data packets (UDP), those packets will hit the router because they are addressed to its WAN IP, but as soon as one of those packets contains the 3-way handshake, your router will see it as “connection established”, even though port numbers don’t match. That’s why we need this “connection established” packet to be UDP.
In order to make a handshake, we need to send a request from the client. We already know that those packets will be ignored so we need an application which can create its own data transfer mechanism – this is what Generic Raw Sockets are for.
Example of UDP traffic generated by Raw Socket Generator (the software used in this tutorial). It contains 3 types of packets: information, handshake and data packets. Information packet is just some quick “Hello!” text sent before the main transfer begins, then comes the TCP/IP three-way handshake and finally the data transmission process begins.
How To Make A Server Without Port Forwarding?
First open the UDP Server Software. Then go to connection->options and set the following parameters: IP Address : local IP of our computer (make sure you’re connected to your router with an ethernet cable)
Port Number : any available at this moment but keep it in mind for later on.
Block incoming connections : YES. Test the server using the Test button, if everything works fine, click OK and close the UDP Server window.
Now let’s turn off ICMP request handling . Open your internet browser and type in address bar http://192.168.1.1 or whatever is your default gateway address, then login and go to Administration tab -> Misc settings -> Q sub-menu , now find and turn off ICMP request handling.
Now you’re almost done. We just need to add some firewall rules in order to prevent any packets from hitting our computer. Go to your router’s web-interface again (it can be accessed using Internet Explorer or Mozilla Firefox) and login with your login/password, for me it’s: root/admin . After logging in go to Administration tab and in Security sub-menu choose Customize button and add two custom rules:
1st rule :
Protocol Type TCP UDP IP Address Any IP Subnet Mask 255.255.255.255 Destination Port Range * 65500 Action Block
2nd rule :
Protocol Type UDP IP Address Any IP Subnet Mask 255.255.255.255 Destination Port Range * 65500 Action Block
*You can choose any available port range, just keep in mind that this particular UDP Server uses ports from 65500 to 65535 so you might want to open a broader range.
Now re-open your UDP Server software and set the following parameters: IP Address : local IP of our computer (make sure you’re connected to your router with an ethernet cable)
Port Number : 65000 or whatever was available when you added the firewall rule above in your router web interface.
After setting these options click OK and close the UDP Server window. Now we need a Raw Socket Generator program in order for all packets sent by our server to also contain the 3-way handshake before data transfers begin.
Download Raw Socket Generator program, install, open it and go to Options tab -> Connection , set the following parameters: Remote Host : local IP of our computer (make sure you’re connected to your router with an ethernet cable)
Transmit Delay : enter some random number here (1 second is good enough), this will make your packets look more like “hackers” would send them.
Now we need to know what our Public IP address is . Go to http://www.canyouseeme.org/ and type in your server port number and press Check – you should get a reply “port XXX is OPEN”. you can check what is your local IP address here http://www.whatismyip.com/ .
Now just run your UDP Server program, you’ll see that all of its packets are being sent to the same port number on our computer AND the Raw Socket Generator will catch them and send them via the Internet.
We have successfully made a UDP Server in this case but the methods described above can be used for creating all other types of servers.
As you can see it’s very easy to create a UDP Server without port forwarding. Just some firewall rules in your router and that’s it! With this simple trick you can basically host any game on your computer, just go to Options tab -> Games and add the game executable file path there.