If netsh
's port proxying is not working as expected, then you should verify the followings, preferably in that order:
- Make sure the port proxy is properly configured
- Start or restart the related Windows service
- Ensure support for IPv6 is installed
- Make sure the port is not blocked by a firewall
Make sure the port proxy is properly configured
This might seems to be trivial, but just in case, take the time to review your configuration before you go any further.
From either a command prompt or PowerShell prompt, run the following command:
netsh interface portproxy show all
The result should look something like this:
Listen on ipv4: Connect to ipv4:
Address Port Address Port
--------------- ---------- --------------- ----------
24.12.12.24 3306 192.168.0.100 3306
24.12.12.24 8080 192.168.0.100 80
Carefully review those settings. Make sure that you can indeed connect to the addresses on the right side of that list, from the local computer. For example, can you locally open a web browser and reach 192.168.0.100:80
? If the protocol is not HTTP, then use telnet: telnet 192.168.0.100 3306
(see here for how to install the Telnet client on Windows).
Then, are the values on the left side correct? Is the IP address valid for your machine? Is that the port number you are trying to connect to, from the external machine?
Start or restart the related Windows service
On latest versions of Windows, netsh
's port proxying is handled by a Windows service named "IP Helper" or "iphlpsvc". Proxying will obviously not work if that service is stopped. I have also faced situations that turned out to be resolved by restarting that service.
To do that in latest versions of Windows:
- Open the Task manager, then go to the Services tab.
- In the "Name" column, find the service named either "iphlpsvc" or "IP Helper".
- Right click on that service, then select Restart. If restart is not available, then the service is probably stopped, and actually has to be started, so select Start.
On previous versions of Windows, look for Services in Administrative Tools, inside the Control Panel.
Ensure support for IPv6 is installed (older releases of Windows only)
On earlier versions of Windows (that is Windows XP, for sure, upto some early releases of Windows 10, apparently, though this is not clear), netsh
's port proxying feature (including for IPv4-to-IPv4 proxys) was actually handled by a DLL (IPV6MON.DLL
) that was only loaded if IPV6 protocol support was enabled. Therefore, on these versions, support for the IPv6 protocol is required in order to enable netsh
's port proxying (see Microsoft's support article here).
From either a command prompt or PowerShell prompt, run the following command:
netsh interface ipv6 install
If you get an error indicating that command interface ipv6 install
was not found, then it means that you are using a recent release of Windows, in which netsh
's IPv6 support is implicit and cannot be disabled.
Make sure the port is not blocked by a firewall
A local firewall may potentially block the port even before they reach the IP Helper service. To make validate this hypothesis, temporarily disable any local firewall (including Windows' native firewall), then retest. If that works, then simply add a port exclusion to your firewall configuration.