Verizon Fios G3100 Router Fort Forwarding

Verizon Fios G3100 Router's manual doesn't explain clearly how to set up port forwarding. This is just a note to clarify a few concepts related to it, in particular, I saw there were a few discussions about port forwarding. 

To set up port forwarding, we go to https://192.168.1.1/. Note that the certificate is self-signed, and we have to accept it when the browser complains about it. 

Port Forwarding Rules

From the UI, follow the navigation path of "Network | Advanced | Network Settings | Port Forwarding Rules", we arrive at the UI to set up "Port Forwarding Rules". This is actually for you to define a network service you may wish to expose from you home network, i.e., to define an incoming port to the router from the outside the home network. 

With this in mind, the following example is to most is a mistake because we specify the source port as 80.

 

The source port is actually the port of the application that attempts to connect to port 80 at your home web server. It is very unlikely a web client is connecting from port 80. So the correct setup is likely to be the following for the Web service.

 

What is the service used for? This service is used to create port forwarding firewall rules. To set up port forwarding for a network service hosted at your home, you can select one of these rules to populate some fields for setting up port forwarding for a network service, so these rules only provide some convenience, but isn't necessary. I would say, forget about these.

Setting up Port Forwarding

To set up port forwarding, from the UI, follow the navigation path of "Network | Firewall  | Port Forwarding". The router's manual does not say much, in particular, advanced port forwarding. So, I believe that there is a confusion among users. 

The UI looks like this,

I marked "Add" and "Advanced". These are actually "buttons" you can click. To create advanced port forwarding rules, i.e., forwarding the traffic coming in to one port on the router to a different port on a host at your home, click "Advanced. Once, you are done, don't forget to click "Add".

The actually confusion comes from the UI of the "Advanced Port Forwarding Setup" interface, which is different from many other routers where you only specify two ports, like "external" and "incoming". Here you are given 3 fields to fill up 3 ports as shown below,

 

Source Ports

These aren't the ports open on your router. These are the ports belong to the network application running on a host outside of your home in the world. Let's say, you want to connect to the Plex server at your home from your office, these are the ports of your web browser on your office computer. For most applications, we don't know these ports since they are assigned by the operating systems dynamically. In generally, they should be "Any"

Destination Ports

These are the ports on the Fios router. We often call them the "service" ports. At your office, you open your home plex server at URL like http://your_home.example.com:51400/web/index.html, then you fill it up with 51400. Don't confuse this with the port open on a home server behind the Fios router. 

Forward to Port

This is actually a port open at your home server, in this figure, at 192.168.1.55. Using the example in the above, at your office, if you open your home plex server at URL like http://your_home.example.com:51400/web/index.html, the browser at your office computer connects to port 51400 at the Fios router at your home. The router then forwards the incoming network traffic to the home server at the "Forward to Port" you specify.

Testing Your Ports

You should test your ports. But you are at home. So we have to rely on some services. I saw a few recommended services like https://www.yougetsignal.com/tools/open-ports/. Be ware that lots of these tools only check TCP ports, e.g., if your game runs on UDP ports, find a better tool to test your ports.