Support Downloads Community

UniFi Video is an obsolete product line.

This application and its related devices will no longer receive any manner of technical support, including functional and security updates. Additionally, there will be no further updates to Help Center content pertaining to UniFi Video.

airMAX - Port Forwarding


In this article, users will learn how to forward ports on airOS.

Table of Contents

  1. Introduction
  2. Steps: Port Forwarding on airOS
  3. Troubleshooting


Back to Top

Most home routers have NAT (Network Address Translation) enabled. To access a service behind the router's NAT (LAN side), Port Forwards must be used (sometimes called Destination NAT). For example, if you choose not to enable remote accessibility for your UniFi Network application, and you are attempting to reach it from outside your network, you will need to use Port Forwarding.

In this example, we will be Port Forwarding TCP 8443 (GUI) and TCP 8080 (device inform) to a UniFi Network application behind an airRouter. In Router mode on the airRouter LAN = WAN Port and Bridge0 = your LAN.  Depending on your model, this may be different. For the purposes of this article, the private IP address of the UniFi Network application will be

User Tip:The device being Port Forwarded to should either have a static IP (with a router as default gateway) or a DHCP Lease Reservation. If not, your Port Forward may stop working on a router or device reboot.

Steps: Port Forwarding on airOS

Back to Top

1. Navigate to the Network tab of the airMAX device.

2. Under Port Forward, enter the port forwarding details. The minimum info required is:

  • Interface
  • Private IP
  • Private Port
  • Public Port

Once you have entered these details, make sure to click Add and Change.

 3. If you would like to restrict access to the port forward, you can also add a Source IP/CIDR subnet mask. For example, adding to Source IP/Mask would allow only to access the Port Forward. 

 4. Test your Work. Once all Port Forwards have been added and applied, you can test from outside your LAN. In this example, you would try to access from another connection to verify the port forwarding was set successfully.


Back to Top

Still having trouble?  Check the following:

  • Verify the device IP and service are available on the LAN.
  • Verify that the device has the correct default gateway/subnet if configured with a static IP. The gateway should be the airRouter IP in this example.
  • Check that your router is getting a public IP address (not private RFC 1918).
  • Some ISPs will block common service ports like http/80, https/443, smtp/25.  If trying to forward one of these, please confirm with ISP and/or check with TCPDump to verify packets are hitting the router.

For this example, run this command:

tcpdump -i eth0 port 8443

Was this article helpful?
10 out of 52 found this helpful