Port Forwarding / Port Mapping on Windows Server 2008 R2
January 8th, 2011 - 08:32pm
As a long time friend of linux’s itables command, I mistakenly assumed that trying to port forward on Windows Server 2008 R2 would be just as easy. After quite a long while of searching I was able to determine the correct command; through use of netsh on the command line, it is easy to map incoming TCP traffic from one port to another port.
In my scenario, I needed to have an SSL connection initiated on a port other than 443 on the same machine, but handled by a service listening on port 443. To do this, the following command is entered on the command line; in this example, port 12345 is used as the initiating port.C:\Users\Administrator> netsh interface portproxy add v4tov4 listenport=12345 listenaddress=192.168.1.1 connectport=443 connectaddress=192.168.1.1 Port 12345 is mapped to port 443 on the same machine. To have the traffic transferred to another machine, change the ip address for the connect address to the desired ip address.
June 20th, 2011 at 4:34 pm
THANK YOU, you saved my life with this!!!!
July 6th, 2011 at 5:27 pm
[...] Fortunately, this post saved the day! [...]
July 21st, 2011 at 1:52 am
Hi, How can we remove or delete what have done above. Thanks for the post.
July 27th, 2011 at 5:36 am
netsh interface portproxy reset
verify it
netsh interface portproxy show all
Thank you /?
August 3rd, 2011 at 11:18 am
Do you have to run the command every time you turn on your machine ?
August 3rd, 2011 at 9:06 pm
It appears to maintain the port mapping after reboot, Edgar.
Thanks to Tech Know How for answering Anthony’s question!
August 11th, 2011 at 2:08 am
[...] blogpost with an example can be found here, further information on the netsh interface portproxy command is part of the Windows Server [...]
September 13th, 2011 at 8:42 am
Thanks, you just saved another life, this was driving me crazy as well. It’s like the most basic routing function yet it’s not available via GUI…
October 19th, 2011 at 5:19 pm
You rock! This site indeed saved the day!
November 13th, 2011 at 1:26 am
one question. where can i manage the ports that i have already been forward, for example, i want to delete one…
thanks
December 2nd, 2011 at 1:55 am
It’s simple, why delete it when you can remap it. listen on: 127.0.0.1:3306 -> connect to: 127.0.0.3308, replace with 127.0.0.1:3306 -> connect to: 127.0.0.3306 – It updates the correct record and you can clearly see when you relist it, that you want the proxy removing, or make a batch file to clear the list and add them. EG:
proxy.bat –
netsh interface portproxy reset
netsh interface portproxy add v4tov4 listenport=3306 listenaddress=127.0.0.1 connectport=3308 connectaddress=127.0.0.1
netsh interface portproxy add v4tov4 listenport=80 listenaddress=127.0.0.1 connectport=8080 connectaddress=127.0.0.1
– end of file
Obviously, when you run the file, it will remove the list and reinsert your records, but you can also add this to startup if your machine isn’t remembering the list.
January 19th, 2012 at 10:02 am
It really released me for some time, till today.
Now it is not working for me
On Windows server 2008 R2 Enterprise I have Jboss running on 8080 port.
I have configured 80 port forward to 8080 , even I can see proxy is being configured
>netsh interface portproxy show all
Listen on ipv4: Connect to ipv4:
Address Port Address Port
————— ———- ————— ———-
10.190.20.94 80 10.190.20.94 8080
Command used to configure this forward is
>netsh interface portproxy add v4tov4 listenport=80 listenaddress=10.190.20.94 connectport=8080 connectaddress=10.190.20.94
but when I want to access
http://10.190.20.94/
It is not forward to port 8080
firewall is off .
Jboss is accesible directly using 8080 port.
http://10.190.20.94:8080 Works fine
Please help me to check where I need to check the problem.
Thank you.
January 25th, 2012 at 12:13 pm
Awesome. Thank you.