Redirect incoming connections to local hosts

[This page is outdated. See this post for information ]

Click on the screen shots to enlarge them

Let us say you want to forward incoming VNC connections to a computer on your LAN. VNC uses the TCP port 5900. You can easily achieve that by creating a firewall rule that will forward the incoming traffic to the local  computer.

In the GUI, go to “Advanced Settings”, “Lan Servers” and click “New Entry”.

We now need to define the port that will be forwarded under “Public start port” and “Public end port”. For VNC, the port should be defined as “TCP” and address should be 5900. The local IP address refers to the computer you want to reach.


Click Apply and return to the main “Lan servers” screen. Click Apply again and you are set. From now on, all incoming connections on port 5900 will be redirected to your internal computer.

  1. Hello!
    I have BBOX2 rouuter at home and among others devices three HONYWELL controlers with web interface connected to router. The IP addresses of HONEYWELL are: –
    How to configure BBOX2 to redirect incoming connections to these controllers separately, they are using port 80 to access. I somebody can help me?
    Thank you!

    • You can only redirect one incoming port to one internal device.
      What you could do is to define several incoming ports, each one being redirected to a different controller.
      For example, redirect incoming port 8080 to (port 80), 8090 to (port 80), and 8100 to (port 80)
      To access the each controller from the outside, use http://[RouterAddress]:8080 Change the port number to access a different controller.

  2. Is there a way to redirect all inbound traffic to a host, without NATing, just forward everything to a self defined IP address ?

  3. I am trying to modify the port forwarding rules using a Telnet connection to my BBox2 (which is 1000 km away and which has remote access via the GUI disabled). Are there any simple instructions on how to do that?

    • @Georges I have not done it, but I guess it is possible, using the “rg_conf_print” and “rg_conf_set” commands.

      A plain “rg_conf_print” will dump the whole configuration. From there, you could try to identify the corresponding values you need to change. See my other BBox-2 tricks for examples of using the “rg_conf_set” command.

      I don’t own a BBox-2 anymore, hence I am unable to test.

  4. Hi Patrick,

    I’ve been desperately trying this for weeks now, but it doesn’t seem to work.

    I have a Windows 7 machine attached to a BBOX-2. I want to use Microsoft Remote Desktop Connection for Mac to connect to it, so I have forwarded TCP port 3389 (standard port for RDC for mac, so I have read) to the local IP of the machine. On the machine, Windows Firewall is configured to let traffic pass on port 3389 as well.

    Inside the LAN, RDC connects just fine but outside of it (using a DynDNS) there is no connection. By the way, connecting to my FTP server doesn’t work either, although streaming servers Orb and Audiogalaxy do function. By the way, even pinging the DynDNS address doesn’t seem to work.

    Any tips?

    • This is a tough one to answer, as several factors could block the connection.

      For example, many company firewalls block certain well-known ports, like FTP, RDC, NetBios, NFS or others. Some ISPs do, too. I would suggest trying to run RDC off another, non-obvious port, like 33389, if at all possible.

      You could also try to connect from other places, at a friend’s house for example. At least, this would help eliminate external factors.

      Also verify that the the IP address assigned to your dyndns domain actually matches the real IP address of the BBox-2 at any given moment. Some DNS resolvers could cache the old value for too long.

Leave a Comment

NOTE - You can use these HTML tags and attributes:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>