Today I will be talking about a script which my son Angus @FrostedFright has made for port range forwarding. If you don’t already know about setting up NAT and port forwarding via Routing and Remote Access tool then you should check out my previously blog that is called, “How to build Hyper-V nested VMs with multiple IP addresses Port Forwarding at Azure” and you can come back to this blog so you can understand this subject clearer than if you didn’t check out my previously blog. You should think that it is now easy to make multiple port forwarding, but it is a lot harder to use port range forwarding instead. Let’s get started with this tutorial!
- Go inside of the Routing and Remote Access tool by clicking on the Windows button, go down to the Windows Administrative Folder and click on the program.
2. Now that you are in, you should right-click your Ethernet Network and go into properties<Services and Ports
(the Ethernet Network name is found by going into Control Panel>Network and Internet>Network Connections
As you can see, there are no custom ports but that is going to change soon. You can now press on OK
3. Now you can go into PowerShell ISE and create a new script
Now, you can paste this script in
$Port=1000 </span> $HostInterfaceName="Ethernet 4" $Protocol="TCP" $PublicIP="10.10.1.101" $PrivateIP="192.168.100.101" for ($Port=1000; $Port -le 1010; $Port++) {netsh routing ip nat add portmapping name=$HostInterfaceName proto=$Protocol publicip=$PublicIP publicport=$Port privateip=$PrivateIP privateport=$Port }
Basically, the port starts at 100 and the HostInterFace name which is the name of your Ethernet Network. The Protocol was TCP, the public IP was 10.10.1.101 and the PrivateIP was 192.168.100.101.
for ($Port=1000; $Port -le 1010; $Port++) {netsh routing ip nat add portmapping name=$HostInterfaceName proto=$Protocol publicip=$PublicIP publicport=$Port privateip=$PrivateIP privateport=$Port }
This is the repeatable command which makes the whole script work. All the other things above are just to shorten the statements for them. Basically, this command helps you vary the ports for example if you set the ($port=1001 then it will start at 1001, all you have to do is change the value and you can customize it by yourself! If you want it to end at a certain number, then at the part where it says $Port -le 1010; $Port++) you have to change the 1010 to a certain number that is above the first number.
Let’s run the script and see what happens. Once you are done running the script you can check either using the Routing and Remote tool and right click the Ethernet Network and go into properties and click on the Services and Ports tab. If you don’t see any additions, you should first refresh your Ethernet Network and it should be good to go! This is what it would look like if it had worked.
You could have more or less custom services depending on what the variables of your ports are. You can also check your ports by clicking on the PowerShell prompt and type in
netsh routing dump
This will let you see the services more faster in a slightly more detailed and fast manner as you can see in the picture below.
Just type in the command, scroll up a little bit and you will find this!
Overall, this is just a fast and easy way to be port range forwarding even 1000 configurations! It just takes less time and more efficient for your needs.
I hope you all enjoyed this tutorial and I will be seeing you inside of the next blog!
Twitter: @SifuSun
Is there seriously no way to forward all ports built into HyperV / Powershell / Windows?
Every single router I have worked with, Cisco, Watchguard Firebox, MikroTik, etc. has destination NAT and the ability to forward all ports to the inside. Surely this must be an oversight on Windows routing team? Or some technical limitation? What is you’re forwarding 50 IP addresses, you will end up with 1000s of rules.