Can't configure port forwarding

Question

This morning I tried to set up port forwarding on a machine I have on another network, in order to allow SSH access.

The relevant config page requires these fields (translating from italian here's the original screenshot) to be filled:

Name: _________
Protocol: __________
Remote host IP address: ___.___.___.___ ~ ___.___.___.___
Host LAN: ___________
WAN port: ____ ~ ____
LAN host port: ____

Now, as far as I understand,

• Name is unimportant and I can put anything I want in it,
• Protocol should be TCP
• Host LAN should be the IP that the device I want to connect to (a workstation connected to the router via Ethernet) was assigned
• WAN port is the port I want to expose to the outside, e.g. 9022,
• LAN host port is 22, for SSH
• Remote host IP address is what puzzles me a bit, I initially thought I could do 192.168.1.1 ~ 192.168.1.255, which should include the router.

Based on https://canyouseeme.org/, the above settings are wrong, as the site can't see me on 9022.

---

I also saw this thread on an italian forum that suggests that ___.___.___.___ ~ ___.___.___.___ should be filled with the address of the router, which for me means 192.168.1.1 ~ 192.168.1.1. The OP did not reply back asking more, so I presume the settings worked for them.

Answer 1

Remote host IP address

is labelled "WAN" so it almost certainly asks for the client IP address. In other words, it's an "only allow connections from these client addresses" kind of option. Leave it empty.

---

One thing that should be done before all of this is checking whether your router itself is accessible from the Internet. Just because web sites see a public IP address, doesn't mean it's your address – it's common for ISPs to use NAT (CGNAT) to force customers to share a NAT gateway's IP address, in the same way as your own router does it for your hosts. So you need to check what the router itself reports as its own address and only then compare it against the address reported by websites.