• Home
  • InControl User Guide
  • Peplink Router API Documentation
  • Peplink News
  • Home
  • InControl User Guide
  • Peplink Router API Documentation
  • Peplink News
home/Knowledge Base/Networking/Is Port Forwarding a security risk?

Is Port Forwarding a security risk?

427 views 1 27/11/2020 Erik de Bie

Port forwarding gives you access to a mapped port on a client device on your LAN.
This can for example be be a IP camera, webserver, gaming console, computer or server.
Port forwarding in itself isn’t dangerous – its what you’re forwarding to that’s always the worry.

man siting facing laptop

For example, a lot of CCTV firms port forward to the IP cameras on their customers LAN for remote management / monitoring.
Home users have done the same thing for baby cams too. They open ports for video streaming (RTP) and for the web interface of the cameras themselves. Then they walk away.

The best firms remotely manage those devices and actively maintain the firmware on the cameras and NVRs – most will not (as customers we tend to go for the cheapest quote – without management).

Imagine what happens when there is a security issue with the IP camera firmware – if the vendor is any good they will tell their customers (the installing firm) but in my experience very few firms then tell their customers if they are not under active management.

So then the customer is left with a hackable device attached directly to the internet. Anything is possible after that. Then bring IoT devices into the mix. There are so many security flaws discovered regularly with IoT devices.

But as long as firmware is up to date or a firewall is installed on the devices which ports are accessible port forwarding is absolutely safe.
This is usually the case with for example gaming consoles.

In short, if there is an alternative way for accessing a device on the LAN, for example by using a VPN or SSH, do so.
If there is no alternative make sure the client device is protected and has up to date firmware.
And finally make sure to change the default passwords for accessible devices!

Was this helpful?

1 Yes  No
Related Articles
  • Port Forwarding to a LAN Device From A Peplink Router
  • Can wi-fi Users Be Prevented from Logging into Peplink’s Web Admin Interface?
  • Port Forwarding to a LAN Device From A Fusionhub
  • Controlling Bandwidth to Users with QoS and User Groups
  • Firewall Rules & Port Mapping
  • LAN Port VLAN Mapping
Leave A Comment Cancel reply

Popular Articles
  • Obtaining IP Address
  • Firewall Rules & Port Mapping
  • How to connect using WiFi-WAN in new locations
  • What’s the difference between ‘Access’ and ‘Trunk’ Ports?
  • Port Forwarding to a LAN Device From A Peplink Router
KB Categories
  • Installation & Setup
  • InControl
  • Cellular
  • WiFI
  • Switches
  • Networking
  • General
Popular Articles
  • Obtaining IP Address
  • Firewall Rules & Port Mapping
  • How to connect using WiFi-WAN in new locations
  • What’s the difference between ‘Access’ and ‘Trunk’ Ports?
  • Port Forwarding to a LAN Device From A Peplink Router
KB Categories
  • Installation & Setup
  • InControl
  • Cellular
  • WiFI
  • Switches
  • Networking
  • General
Have an idea for an article?

    About This Site
    ninja.knowhow is an independent training and documentation rescource for Peplink products and technologes. This site is owned and operated by Slingshot6.
    Resources
    • Support Forum
    • Design Lab
    • Peplink on Youtube
    Have a Request?
    Are you looking to answer a specific question? Do you want to learn about something not covered here?
    Get In Touch
    • Privacy Policy
    • Terms of Use
    • Copyright 2020 Slingshot6 Ltd. All Rights Reserved.