In the TCP or UDP header we have addresses which are used to indicate the application we wish to access. These 'addresses' are called ports. Each well know protocol has its well known port or range of ports. HTTP is on port 80. We can use this port number to get round the problem of only having one public IP address but wishing to offer a access to a range of internal devices.
We simply specify a different port number for each internal device and the create a static translation on the router to map that port to a specific internal IP addresses, and a given port. This static translation is called 'Port Forwarding' . It is configured directly on the router and thus is always there. When a IP packet comes in it is compared to the translation, and if it matches, it is translated and allowed in.
This imagine the senario where we have a NAS device on 192.168.1.10 and an IP camera on 192.168.1.20. Both have a web interface and can be accessed internally on port 80. Our external public IP addresses is 126.96.36.199
We now agree the following :-
|Device||Internal IP addresses||Internal Port||External IP addresses||External Port|
Thus externally on the Internet if we send a web request to 188.8.131.52 on port 16000, it will be translated to 192.168.1.10 port 80 and hit the NAS's web server.
Similarly if we send a web request to 184.108.40.206 on port 16001, it will be translated to 192.168.1.20 port 80 and hit the IP camera's web server.