Follow these steps to add and manage your forwarded ports with Mullvad.
What this guide covers:
- What is port forwarding?
- How to add/manage ports
- How to test your port forwarding
- Linux-specific instructions for port testing
Port forwarding makes it possible for remote computers to access a specific computer or service within a private local area network (LAN).
For example, Gunilla has a web server on her private LAN that she wants Glenn to visit. She first requests a port to be forwarded to her. Then she configures her web server to listen to that port for any other traffic. Glenn can then connect to the exit IP address of the VPN server that Gunilla is using, as well as the port number, and voila – he has access!
It's like dialing a company's phone number (the IP address) and then punching in the extension number (port) to reach a particular person.
The simplest way to add and manage your ports is via our website. These instructions work for any operating system.
- Log in to your Mullvad account page.
- Under "Manage your forwarded ports," click on "Add port." The account page will refresh with a new port number.
- To remove a port, simply click on the corresponding number.
Use any of your assigned port numbers to allow external hosts to access your local network.
Note: you cannot request a specific port.
Once you've added a port, you can check to make sure that it's working.
Note: don't try to test the port forwarding directly to the Mullvad IP using the same machine, that won't work.
Do you have a service listening on the port?
- Yes – you can use our port-checking tool to test your port.
- No – such a service is necessary if you want to test your port. Install the service of your choice or follow our instructions below to install iPerf.
How to install iPerf3
Although the following steps are specific for Windows users, the instructions are similar for other operating systems.
- In a browser, navigate to https://iperf.fr and click on "Download iPerf binaries."
- Scroll down to your operating system and click on the iPerf link to download the file.
- Open the ZIP file and copy the folder within it.
- Open your Downloads folder and paste in the folder you just copied.
- Right-click on the Windows Start icon and click on "Run" to open the command prompt.
iperf3.exe -s -p 5410(replace "5410" with the port that you have been assigned).
- In the Windows Firewall pop-up window, click on "Allow access". If you have a third-party firewall, please make sure that it is not restrictive.
- The iPerf3 service is now installed.
- Now you can test your port with our port-checking tool.
After adding a port via the Mullvad website, follow these instructions, replacing 5555 with the port that you are assigned:
- Install curl if you don't already have it.
- In a terminal window, run
netcat -l -p 5555.
- In another terminal window, run
curl https://ipv4.am.i.mullvad.net/port/5555(if you wish to test ipv6, replace "ipv4" with "ipv6").
- If everything is working properly, the result will show "reachable:true".
WireGuard® port forwarding setup
To setup the ports for WireGuard, please log in to your account on our website and then scroll down to Manage your forwarded ports and assign them to your pubkey(s).
Encountering problems? Check the following:
- Make sure that you disconnect and reconnect the Mullvad client after adding a port.
- If you are using multiple devices that share the same account and connect to the same server, then only the most recently connected device will have the ports forwarded to it. (This does not apply if you are using WireGuard since you can move the ports around to different pubkeys)
- Make sure that you don't have a third-party firewall that might be blocking your port.
- The port forwarded service cannot be accessed with a computer/device that is using Mullvad with the same VPN server.
Q: Does port forwarding work with both TCP and UDP?
Q: Does port forwarding work with both IPv4 and IPv6?
"WireGuard" is a registered trademark of Jason A. Donenfeld.