We help IT Professionals succeed at work.

500pts: Mapping port 80 on my router for server software behind NAT?

Medium Priority
Last Modified: 2013-11-29
Hi there,

I wonder if anybody can help.

I have a small network with 3 pc's running fine connected to a router - the router uses NAT hence all pc's all functioning and browsing the internet fine.

I now have to add another PC to the same network that will run some server software behind the router hence i need to map ports from the router to the PC (its ip is

The ports are pretty abnormal ports so thats fine - i know i should be able to map the ports without issues but the server software also runs some mini webserver which obviously operates on port 80.

But if i map port 80 to the webserver software from the router this will mean my other standard pc's that wish to browse the network will stop functioning won't they?????

or should i be ok...??

I think i am able to map the webserver to port 81 for example but its a bit non standard so i wanted to run the webserver on a standard port 80 system..

any advice would be really appreciated

thanks in advance

Watch Question

Without knowing anything about the router...

Inbound port mapping on port 80 or 81 is fine, use 80 so people won't have to remember to add the port on their urls (:81).

Outbound web access is doen from whatever port the PC picks _to_ port 80 on the outside, so the router will be seeing traffic coming back from the external webservers to ports like 3498 and 31873, not _to_ port 80.  Only traffic coming _to_ port 80 will be web requests from the outside.

Kind of a source/destination thing.

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts
Distinguished Expert 2019
If you're using port 80 on your router for a web server, no problem. Machines that access websites contact port 80 of machines not on your network using ports higher than 1024. Port 80 is used for web yes, but on the _server_ end only, not the client end.

Hope that helps.
The routers remote administration(from the outside) is more than likely on port 8080, if not, there SHOULD be a configuration option to change it.  

As for having 1 PC on the inside that needs to make port 80(and other ports) available outside, that is fine.  It will NOT cause any problems for people on the inside trying to surf the web.  Just map port 80 the same way you will map the other needed ports that you mentioned.
There should be no problem with port forwarding port 80 to the web server.  The port forwarding will only apply to connections initiated externally.  

The router is smart enough to determine whether incoming packets are part of an existing session that was initiated by a workstation inside your network.

Just think about what you allready have set up.  You have three workstations that can access port 80 on web servers on the internet and the router is smart enought to make sure the packets all get back to the workstation that initiated the request.  You never try to go to a website and then get a page returned to you that the person on the other computer was trying to get.

Hola IanInSpain

como esta usted? Bien yo pienso.. Hablo un poco d'espanol y voy mi reaction a

Hola IanInSpain

hit my enter to fast :)

NAT only works outside in - I mean that the mapping is done when a request is made to your IP/router at port 80 at the external side. Even if you mess with your port 80 or 443 it will not make any difference to your internal traffic.

If your router uses a internal port 80 as a webconsole then change this port first!

What internal server are you using and what is its purpose?
Note that a lot of scans are done on standard ports, 1-1024, and that you need to be sure no infiltration can be done before you open up port 80 to the world.

If users do NOT need to have access or even view the webserver from outside - maybe only you need it for admin reasons - then I would a non standard port like 8080(proxy) or 10080(non service port) or any other port then 80 or 443.

Keep in mind that ISP sometimes block port 80 to their end-users IP on gateway level. This means you can never get traffic at this port - and most of the time any other service ports,1-1024, - so it could be you have to use another port instead.

I need to close now, at clients site and the lady here wants to go home, so I'm coming back on this when I'm at home!


Hasta la proxima vez...




thanks everyone! great answers.. i have split the points as each answer was valuable to me...

thanks again

Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.


Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.