Port forwarding and VPN: what is it and how does it work?
If you’re not afraid to get your hands dirty with a router, you may have already been interested in port forwarding on your router or Internet box. But this comes with security risks. A VPN can mitigate them. Explanations in this article.
Talking about port forwarding necessarily requires going back to the basic operation of an Internet router. You don’t necessarily know this, but your internet box or your router protects you from computer attacks every day, without you having to do anything. How? Quite simply by prohibiting any incoming connection from entering your local network.
What is port forwarding?
When you connect to external servers, your Internet router sees no problem when it comes to external traffic which can take the form of consulting websites, downloading or uploading files, or watching videos.
On the other hand, by default, these routers prohibit as much as possible that someone uses your internet connection in the other direction, for example to break into your computer, access your local network or smartphone.
A router is like a carousel exit turnstile: you can leave, but the entrances are blocked from outside to guarantee your security.
For a normal use of the internet, this does not traditionally pose a problem. But if you share files using peer-to-peer technology from your computer or need to access your PC or a security camera remotely, it is necessary to authorize incoming connections.
This is where port forwarding comes into play. Port forwarding simply allows certain incoming connections to be authorized for a specific use. For example, in the case of peer-to-peer file sharing, you need to specify to your torrent software which port ranges are open for seeding files. Which doors are open to allow other users to come and download the files present on your computer.
Your router will then redirect a port range to a specific application (the torrent client), in order to allow the sharing of files present on his computer.
The risks of port forwarding
If Internet routers prohibit incoming connections by default, there is obviously a reason. And as often when it comes to computing, it is a security reason. At home, every evening, you lock the door of your house or your apartment.
From the outside, you cannot tell if it is locked or not. But it only takes one ill-intentioned person to check that the door is open to end up, at best, with traces of dirty shoes at the entrance. At worst with a ransacked house.
Opening ports on your box or your router is the same thing: a hacker or a malicious person can take advantage of this open door to steal your data or install a malware or worst on your machine. It’s not systematic, but there are potential risks.
A VPN to mitigate port forwarding risks
Opening or redirecting ports of your router is risky because these ports are linked to an IP address, the one given by your internet provider. This IP address – which changes relatively little – is particularly exposed. All a hacker needs to do is identify your IP address and understand that ports are open to easily access your local data.
This is where a VPN gets interesting. A VPN is quite simply a remote server on which you’re routing your connection. It’s a kind of virtual router, which replaces your physical router. By connecting to a VPN that allows port forwarding, you have a much lower chance of a hacker finding your IP address. And if he ever finds it, just cut the connection and connect to another server.
This is indeed the main advantage of a VPN service: it is possible to easily change VPN servers, and therefore your IP address. Since the connection tunnel between the VPN server and your computer or phone is encrypted, it is impossible to know which data is passing through this tunnel.
What are the use cases?
You can therefore open ports on the VPN server so that you can access your computer, an application, or a connected device remotely more securely. This allows:
- Accessing your computers or connected devices (surveillance cameras, plex server) from your home remotely in a more secure way
- Better secure call-back functions for developers who use a server on a given IP
- To be able to better secure incoming connections during peer-to-peer file exchanges
- In some cases, to more securely open ports for online gaming services
Which VPN offers a port forwarding option?
The problem is that only a few VPN providers allow port forwarding on their services.
ExpressVPN – The fastest VPN with port forwarding
ExpressVPN is a reliable solution appreciated by millions of users in all corners of the world. While ExpressVPN does not allow port forwarding at the VPN client level, users are able to activate this feature at the router level when using ExpressVPN!
Our Pick
ExpressVPN
ExpressVPN is a top tier VPN service that offers great speeds, excellent privacy and is also very user-friendly. You can get your online VPN protection up and running in no time with ExpressVPN modern VPN client and access to a wide network of servers across the world!
Mostly known for its high-speed servers with amazing speeds, this VPN is packed with interesting features.
It allows you to hide your IP address and encrypts all your traffic to keep prying eyes away.
It is an excellent VPN with port forwarding that will allow you to switch seamlessly from one server to another, from one protocol to another, and implicitly from one port to another.
Find more on ExpressVPN by reading our review!
PureVPN: one of the cheapest VPNs on the market
PureVPN is one of the few VPN providers to offer it. It offers it more exactly as an option, in addition to its traditional subscription. Two options are available:
A simple port forwarding option for a few euros per month.
A port forwarding option associated with a fixed IP for a flat fee per month.
PureVPN is one of the few VPN providers that offer port forwarding as an option on top of its subscription. Purevpn is also one of the cheapest VPN providers on the market.
