NAT works well for browsing the web, where the computer on the LAN is always the computer initiating the exchange of data. However, what if a computer on the Internet wants to initiate a connection. How does the router know which machine on the LAN to send the request to? The simple answer is it doesn't; it's impossible for it to tell. To get around this, we have to tell it what to do.
http://www.hexus.net/content/reviews...lld19JRD0xMzY0