Permitting FTP access to a host on a private LAN from the Internet.Permitting Secure Shell access to a host on the private LAN from the Internet.Running a public HTTP server within a private LAN.Typical applications include the following: Often, the port numbers of well-known Internet services, such as port number 80 for web services (HTTP), are used in port forwarding, so that common Internet services may be implemented on hosts within private networks. External hosts must know this port number and the address of the gateway to communicate with the network-internal service. When configuring port forwarding, the network administrator sets aside one port number on the gateway for the exclusive use of communicating with a service in the private network, located on a specific host. The computers behind the router, on the other hand, are invisible to hosts on the Internet as they each communicate only with a private IP address. The NAT device's external interface is configured with a public IP address. Hosts on the private network are connected to an Ethernet switch or communicate via a wireless LAN.
In a typical residential network, nodes obtain Internet access through a DSL or cable modem connected to a router or network address translator (NAT/NAPT). Port forwarding allows remote computers (for example, computers on the Internet) to connect to a specific computer or service within a private local-area network (LAN).