Saltar al contenido principal

Configure port-forwarding

If you are self-hosting at home and without a VPN, you will probably want to forward ports on your home router ("Internet box") if you want your server to be reachable from outside your local network. The sketch below tries to briefly summarize the role and necessity of port forwarding when setting up a server at home.

Illustration of the importance of port-forwarding
Illustration of the importance of port-forwarding

0. Diagnosticar los puertos abiertos

The diagnosis tool can be used to verify that all necessary ports are exposed to the Internet.

1. Acceder a la interfaz de administración de tu router/caja/box

En general la interfaz de administración está accesible desde http://192.168.0.1 o http://192.168.1.1. Luego, es posible que tengas que autenticarte con los ID provechos pour tu proveedor de acceso a Internet.

2. Descubrir la IP local del servidor

Identify the local IP of your server using one of the method listed on the corresponding page.

En general una dirección IP local se parece a 192.168.xx.yy, o 10.0.xx.yy.

The local IP address needs to be static, so that the port forwards that you are going to configure in the next step will always reach your server. You should go into your box/router and make sure that the local IP address of your server is static instead of dynamic.

3. Redirigir los puertos

In your router admin interface, look for something like "router configuration" or "port forwarding". The naming differs among the various kinds of router models.

Luego tienes que redirigir cada uno de los puertos listados a continuación hacia la IP local de tu router para que los varios servicios de YunoHost funcionen. Para cada uno de ellos, una redirección 'TCP' es necesaria. En algunas interfaces, tal vez encontrarás referencias a un puerto 'externo' y un puerto 'interno' : en nuestro caso, se trata del mismo número de puerto, que sea interno o externo.

  • Web: 80 (HTTP), 443 (HTTPS)
  • SSH: 22
  • Email: 25, 587 (SMTP), 993 (IMAP)

If you use both a modem and a router, then you need to do the following:

  1. first on the modem (the box closest to the internet) create rules to forward the above ports to your router;
  2. then on the router (the box between the modem and your devices) create rules to forward the above ports to the static IP address for your server.
aviso

Many internet service providers (ISP) block outgoing traffic on port 25 by default, to fight spam. Port 25 is however necessary if you want your server to be able to send email. In other extreme cases, some ISP may not even allow to use port 80/443 (web) freely... Depending on the ISP, it might be possible to open them in the admin interface... Check this page for more info.