pikvm/docs/port_forwarding.md

# Port forwarding

If you need to make PiKVM accessible from Internet,
the easiest way to achieve this is by forwarding a port on the router.
In this case, an external (global) IP address must be assigned to the router.
This service is provided by the ISP.

!!! tip
    If using an external IP address is not possible, it is recommended to try
    the [Tailscale VPN](tailscale.md).

* To configure port forwarding, refer to the documentation of the router.
* The Web UI listening ports are `80` (HTTP) and `443` (HTTPS).
* By default, port `80` performs permanent forwarding to `443` for security reasons.
* Forwarding the port `443` is sufficient in most cases.
* If enabled, the [VNC](vnc.md) server runs on port `5900` (disabled by default).

!!! warning

    * **[Set strong passwords and enable two-factor authorization](auth.md)
        before opening access to PiKVM from the Internet!**
    * It is strongly recommended to obtain a valid HTTPS certificate, for example via [Let's Encrypt](letsencrypt.md).
    * A good practice is using a custom port number instead of `443` from the Internet side, for example `14438`, to avoid common port scanners.
    * If you still decide to use the `443` port number, you may want to forward port `80` to get a convenient redirect.

Port forwarding is a powerful and convenient tool, but remember that security depends entirely on your configuration.
In most cases, a VPN is a more secure, but less convenient option (since it requires a VPN client on all devices that access PiKVM).
docs.pikvm.org 2021-10-12 18:45:00 +00:00			`# Port forwarding`

update 2023-08-25 10:29:40 +00:00			`If you need to make PiKVM accessible from Internet,`
update 2023-08-25 20:12:42 +00:00			`the easiest way to achieve this is by forwarding a port on the router.`
update 2023-08-18 04:15:31 +00:00			`In this case, an external (global) IP address must be assigned to the router.`
			`This service is provided by the ISP.`
docs.pikvm.org 2021-10-12 18:45:00 +00:00
update 2023-08-18 04:17:38 +00:00			`!!! tip`
update 2023-08-18 04:15:31 +00:00			`If using an external IP address is not possible, it is recommended to try`
			`the [Tailscale VPN](tailscale.md).`
docs.pikvm.org 2021-10-12 18:45:00 +00:00
update 2023-08-18 04:15:31 +00:00			`* To configure port forwarding, refer to the documentation of the router.`
update 2023-08-25 10:29:40 +00:00			* The Web UI listening ports are `80` (HTTP) and `443` (HTTPS).
			* By default, port `80` performs permanent forwarding to `443` for security reasons.
			* Forwarding the port `443` is sufficient in most cases.
			* If enabled, the [VNC](vnc.md) server runs on port `5900` (disabled by default).
docs.pikvm.org 2021-10-12 18:45:00 +00:00
update 2023-08-18 04:15:31 +00:00			`!!! warning`
Update port_forwarding.md (#1085) 2023-08-18 03:55:11 +00:00
update 2023-08-18 04:54:46 +00:00			`* **[Set strong passwords and enable two-factor authorization](auth.md)`
			`before opening access to PiKVM from the Internet!**`
			`* It is strongly recommended to obtain a valid HTTPS certificate, for example via [Let's Encrypt](letsencrypt.md).`
update 2023-08-25 20:12:42 +00:00			* A good practice is using a custom port number instead of `443` from the Internet side, for example `14438`, to avoid common port scanners.
update 2023-08-25 10:29:40 +00:00			* If you still decide to use the `443` port number, you may want to forward port `80` to get a convenient redirect.
update 2023-08-18 04:54:46 +00:00
update 2023-08-25 10:29:40 +00:00			`Port forwarding is a powerful and convenient tool, but remember that security depends entirely on your configuration.`
			`In most cases, a VPN is a more secure, but less convenient option (since it requires a VPN client on all devices that access PiKVM).`