If you are lucky enough to have a UPnP enabled router or a NAT-PMP enabled router (Apple), Firewalla VPN should just work. In case it doesn't work, you will need to do manual port forwarding. By default, Firewalla uses UDP port 1194 for OpenVPN, 51820 for WireGuard VPN. Basically, you need to map your router's public port to Firewalla local port.
Following is an example of how to do port forwarding on the Apple router. For other brands of routers, we recommend to check out this website for detail instruction. If your router is not listed and you have trouble to setup port mapping, please email us: email@example.com
If you have double NAT and looking for instruction on how to configure port forwarding on the second router, just replace the IP address of your firewalla box in step 2 with the IP address of your first router, rest of instruction is the same.
Apple router (Apple should just work, in case it doesn't, here are the manual steps):
1. Tap on the gear button on the top right
2. Then look at the IP address field, write it down. (This is the IP address of your firewalla box.)
3. Setup Port Mapping on Apple base station.
AirPort Utility > Select the base station > Edit > Network tab
- Click the "+" (Add) button under Port Settings or Port Mappings.
- Description: <enter: Firewalla OpenVPN>
- Public UDP Ports: <enter 1194>
- Public TCP Ports: <leave blank>
- Private IP Address: <enter the IP address from (2)>
- Private UDP Ports: <enter 1194>
- Private TCP Ports: <leave blank>
- Click "Save"
- Click "Update"