FRITZ!Box 4020 Service - Knowledge Base
Setting up automatic port sharing
By default, the FRITZ!Box's firewall blocks all incoming connections from the internet. If some of the internet applications (for example chat software, online games, file-sharing software) you use require port sharings for incoming connections from the internet, then you can configure the FRITZ!Box so that the network device on which the internet application is running can set up the necessary port sharing settings by itself if required.
The port sharings are only valid for the period of time during which the application requires them, and then the FRITZ!Box disables them again.
Requirements / Restrictions
- The FRITZ!Box must establish its own connection to the internet using a modem (for example a DSL or cable modem).
- The FRITZ!Box must obtain a public IPv4 address or an IPv6 address from the internet service provider.
Important:When used on an internet connection with DS-Lite tunnel, the FRITZ!Box is only accessible over IPv6 and not over IPv4. If a DS-Lite tunnel is enabled, this is displayed under "Connections" on the "Overview" page of the FRITZ!Box user interface.
Note:The configuration procedure and notes on functions given in this guide refer to the latest FRITZ!OS for your FRITZ!Box.
1 Configuring the FRITZ!Box for automatic port sharing
- Click "Home Network" in the FRITZ!Box user interface.
- Click "Home Network Overview" in the "Home Network" menu.
- Click on the "Network Connections" tab.
- Click the (Edit) button for the device you want to configure.
- Enable the option "Permit independent port sharing".
- Click "OK" to save the settings.
2 Configuring the application for automatic port sharing
- Configure the application so that it uses PCP or UPnP. Refer to the manufacturer for information on how to set it up, for example consult the manual.
3 Configuring the computer's firewall
If the application is installed on a computer with its own firewall (for example Windows firewall), you must also configure the firewall:
Important:If you allow devices to change their own port sharing settings, then any malicious software on them could also cause ports to be shared, thus bypassing the FRITZ!Box's firewall. You should therefore set up a firewall on these devices for security reasons.
- Configure the computer's firewall according to the manufacturer's instructions so that the server service or application can be accessed from the FRITZ!Box home network.
Now applications can automatically open the required ports in the FRITZ!Box.
Ports currently enabled for port sharing are shown in the detailed information given for the respective network device under "Home Network > Home Network Overview > Network Connections" in the FRITZ!Box user interface. You can also find an overview of opened ports under "Internet > Permit Access" and "Diagnostics > Security" in the user interface.