Home > Netgear > Router > Netgear Router WGT624 V3 User Manual

Netgear Router WGT624 V3 User Manual

    Download as PDF Print this page Share this page

    Have a look at the manual Netgear Router WGT624 V3 User Manual online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 137 Netgear manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.

    							Advanced Configuration 6-1
    202-10090-01, April 2005
    Chapter 6 
    Advanced Configuration
    This chapter describes how to configure the advanced features of your WGT624 v3 108 Mbps 
    Wireless Firewall Router. These features can be found under the Advanced heading in the Main 
    Menu of the browser interface.
    Configuring Port Forwarding to Local Servers
    Although the router causes your entire local network to appear as a single machine to the Internet, 
    you can make a local server (for example, a web server or game server) visible and available to the 
    Internet. This is done using the Port Forwarding menu. From the Main Menu of the browser 
    interface, under Advanced, click on Port Forwarding to view the port forwarding menu, shown 
    below.
    Figure 6-1:  Port Forwarding Menu
    .
    Note: If you are unfamiliar with networking and routing, refer to Appendix B, 
    “Network, Routing, Firewall, and Basics,” to become more familiar with the terms and 
    procedures used in this manual. 
    						
    							Reference Manual for the 108 Mbps Wireless Firewall Router WGT624 v3
    6-2 Advanced Configuration
    202-10090-01, April 2005
    Use the Port Forwarding menu to configure the router to forward incoming protocols to computers 
    on your local network. In addition to servers for specific applications, you can also specify a 
    Default DMZ Server to which all other incoming protocols are forwarded. The DMZ Server is 
    configured in the WAN Setup Menu.
    Before starting, youll need to determine which type of service, application or game youll provide 
    and the IP address of the computer that will provide each service. Be sure the computer’s IP 
    address never changes. To configure port forwarding to a local server:
    1.From the Service Name box, select the service or game that you will host on your network. 
    If the service does not appear in the list, refer to the following section, “Adding a Port 
    Forwarding Custom Service”.
    2.Enter the IP address of the local server in the corresponding Server IP Address box.
    3.Click the Add button.
    Adding a Port Forwarding Custom Service 
    To define a service, game or application that does not appear in the Service Name list, you must 
    determine what port numbers are used by the service. For this information, you may need to 
    contact the manufacturer of the program that you wish to use. When you have the port number 
    information, follow these steps:
    1.Click the Add Custom Service button.
    2.Enter the first port number in an unused Starting Port box.
    3.To forward only one port, enter it again in the Ending Port box. To specify a range of ports, 
    enter the last port to be forwarded in the End Port box.
    4.Enter the IP address of the local server in the corresponding Server IP Address box.
    5.Type a name for the service.
    6.Click Apply at the bottom of the menu.
    Editing or Deleting a Port Forwarding Entry
    To edit or delete a Port Forwarding entry, follow these steps.
    1.In the table, select the button next to the service name.
    2.Click Edit or Delete. 
    						
    							Reference Manual for the 108 Mbps Wireless Firewall Router WGT624 v3
    Advanced Configuration 6-3
    202-10090-01, April 2005
    Local Web and FTP Server Example
    If a local PC with a private IP address of 192.168.1.33 acts as a web and FTP server, configure the 
    Ports menu to forward HTTP (port 80) and FTP (port 21) to local address 192.168.1.33 
    In order for a remote user to access this server from the Internet, the remote user must know the IP 
    address that has been assigned by your ISP. If this address is 172.16.1.23, for example, an Internet 
    user can access your web server by directing the browser to http://172.16.1.23. The assigned IP 
    address can be found in the Maintenance Status Menu, where it is shown as the WAN IP Address.
    Some considerations for this application are:
    • If your account’s IP address is assigned dynamically by your ISP, the IP address may change 
    periodically as the DHCP lease expires.
    • If the IP address of the local PC is assigned by DHCP, it may change when the PC is rebooted. 
    To avoid this, you can manually configure the PC to use a fixed address.
    • Local PCs must access the local server using the PCs’ local LAN address (192.168.1.33 in this 
    example). Attempts by local PCs to access the server using the external IP address 
    (172.16.1.23 in this example) will fail.
    Multiple Computers for Half Life, KALI or Quake III Example
    To set up an additional computer to play Half Life, KALI or Quake III: 
    1.Click the button of an unused port in the table. 
    2.Select the game again from the Service Name list. 
    3.Change the beginning port number in the Start Port box.  
    For these games, use the supplied number in the default listing and add +1 for each additional 
    computer. For example, if youve already configured one computer to play Hexen II (using 
    port 26900), the second computers port number would be 26901, and the third computer 
    would be 26902. 
    4.Type the same port number in the End Port box that you typed in the Start Port box. 
    5.Type the IP address of the additional computer in the Server IP Address box. 
    6.Click Apply.  
    						
    							Reference Manual for the 108 Mbps Wireless Firewall Router WGT624 v3
    6-4 Advanced Configuration
    202-10090-01, April 2005
    Some online games and videoconferencing applications are incompatible with NAT. The 
    WGT624 v3 wireless router is programmed to recognize some of these applications and to work 
    properly with them, but there are other applications that may not function well. In some cases, one 
    local PC can run the application properly if that PC’s IP address is entered as the default in the 
    PORTS Menu. If one local PC acts as a game or videoconferencing host, enter its IP address as the 
    default.
    Using Port Triggering
    Port Triggering is an advanced feature that allows you to dynamically open inbound ports on the 
    basis of outbound traffic on different ports. This is an advanced feature that can be used for gaming 
    and other Internet applications.
    Port Forwarding can typically be used to enable similar functionality, but it is static and has some 
    limitations. Ports will be open to traffic from the Internet until the port forwarding rule is removed. 
    Additionally, port forwarding does not work well for some applications when your WAN IP 
    address is assigned by DHCP, and is changed frequently. Port Triggering opens an incoming port 
    temporarily and does not require the server on the Internet to track your IP address if it is changed.
    Port Triggering monitors outbound traffic. When the gateway detects traffic on the specified 
    outbound port, it remembers the IP address of the computer that sent the data and “triggers” the 
    incoming port. Incoming traffic on the triggered port is then forwarded to the triggering computer. 
    Once configured, operation is as follows: 
    • A PC makes an outgoing connection using a port number defined in the Port Triggering table. 
    • This Router records this connection, opens the INCOMING port or ports associated with this 
    entry in the Port Triggering table, and associates them with the PC. 
    • The remote system receives the PCs request, and responds using a different port number. 
    • This Router matches the response to the previous request, and forwards the response to the PC. 
    • (Without Port Triggering, this response would be treated as a new connection request rather 
    than a response. As such, it would be handled in accordance with the Port Forwarding rules.) 
    Note: Only 1 PC can use a Port Triggering application at any time. 
    After a PC has finished using a Port Triggering application, there is a Time-out period before 
    the application can be used by another PC. This is required because this Router cannot be sure 
    when the application has terminated.  
    						
    							Reference Manual for the 108 Mbps Wireless Firewall Router WGT624 v3
    Advanced Configuration 6-5
    202-10090-01, April 2005
    Port Triggering Rules Menu
    The Port Triggering Rules Menu lists the current rules: 
    • Enable - Indicates if the rule is enabled or disabled. Generally, there is no need to disable a rule 
    unless it interferes with some other function, such as Port Forwarding. 
    • Name - The name for this rule. 
    • Outgoing Ports - The port or port range for outgoing traffic. An outgoing connection using one 
    of these ports will Trigger this rule. 
    • Incoming Ports - The port or port range used by the remote system when it responds to the 
    outgoing request. A response using one of these ports will be forwarded to the PC which 
    triggered this rule. 
    Figure 6-2:  Port Triggering screens
    Adding a new Rule 
    To add a new rule, click the Add and enter the following data on the resulting screen. 
    • Name - enter a suitable name for this rule (e.g. the name of the application) 
    • Enable/Disable - select the desired option. 
    • Outgoing (Trigger) Port Range - enter the range of port numbers used by the application when 
    it generates an outgoing request.  
    						
    							Reference Manual for the 108 Mbps Wireless Firewall Router WGT624 v3
    6-6 Advanced Configuration
    202-10090-01, April 2005
    • Incoming (Response) Port Range - enter the range of port numbers used by the remote system 
    when it responds to the PCs request. 
    Modifying or Deleting an existing Rule: 
    • Select the desired rule by clicking the radio button beside the rule. 
    • Click Edit or Delete as desired. 
    • Checking Operation and Status 
    Rules Status
    To see which rules are currently being used, click the Status button. The following data will be 
    displayed: 
    • Rule - the name of the Rule. 
    • LAN IP Address - The IP address of the PC currently using this rule. 
    • Open Ports - the Incoming ports which are associated the this rule. Incoming traffic using one 
    of these ports will be sent to the IP address above. 
    • Time Remaining - The time remaining before this rule is released, and thus available for other 
    PCs. This timer is restarted whenever incoming or outgoing traffic is received.  
    						
    							Reference Manual for the 108 Mbps Wireless Firewall Router WGT624 v3
    Advanced Configuration 6-7
    202-10090-01, April 2005
    Configuring WAN Setup Options
    The WAN Setup options let you configure a DMZ server, change the MTU size and enable the 
    wireless router to respond to a Ping on the WAN port. These options are discussed below.
     
    Figure 6-3:  WAN Setup menu.
    • Connect Automatically, as Required
    Normally, this option should be enabled. An Internet connection will be made automatically 
    after each timeout, whenever Internet-bound traffic is detected. This provides connection on 
    demand and is potentially cost-saving. 
    If disabled, you must connect manually, using the Connection Status button on the Router 
    Status screen. This manual connection will stay up all the time without timeouts.
    • Disable SPI Firewall 
    Normally, this option should be Enabled, so that your local network will be protected by the 
    Stateful Packet Inspection (SPI) firewall included in the WGT624 v3. However, certain 
    communications functions like VPN may require turning off the SPI feature. 
    Note: When SPI Firewall is disabled, you must use the Passive mode in the PC FTP 
    client to connect to the FTP server. 
    						
    							Reference Manual for the 108 Mbps Wireless Firewall Router WGT624 v3
    6-8 Advanced Configuration
    202-10090-01, April 2005
    • Setting Up a Default DMZ Server
    The default DMZ server feature is helpful when using some online games and 
    videoconferencing applications that are incompatible with NAT. The router is programmed to 
    recognize some of these applications and to work properly with them, but there are other 
    applications that may not function well. In some cases, one local PC can run the application 
    properly if that PC’s IP address is entered as the default DMZ server.
    Incoming traffic from the Internet is normally discarded by the router unless the traffic is a 
    response to one of your local computers or a service that you have configured in the Ports menu. 
    Instead of discarding this traffic, you can have it forwarded to one computer on your network. This 
    computer is called the Default DMZ Server.
    The WAN Setup menu, shown below lets you configure a Default DMZ Server.
    To assign a computer or server to be a Default DMZ server, follow these steps: 
    1.Click WAN Setup link on the Advanced section of the main menu. 
    2.Type the IP address for that server. To remove the default DMZ server, uncheck the Default 
    DMZ Server checkbox.
    3.Click Apply.
    • Respond to Ping on Internet WAN Port 
    If you want the router to respond to a ping from the Internet, click the ‘Respond to Ping on 
    Internet WAN Port’ check box. This should only be used as a diagnostic tool, since it allows 
    your router to be discovered. Dont check this box unless you have a specific reason to do so.
    • Setting the MTU Size
    The default MTU size is usually fine. The normal MTU (Maximum Transmit Unit) value for 
    most Ethernet networks is 1500 Bytes. For some ISPs, particularly some using PPPoE, you 
    may need to reduce the MTU. This should not be done unless you are sure it is necessary for 
    your ISP. 
    Any packets sent through the router that are larger than the configured MTU size will be 
    repackaged into smaller packets to meet the MTU requirement. To change the MTU size:
    Note: DMZ servers pose a security risk. A computer designated as the default DMZ 
    server loses much of the protection of the firewall, and is exposed to exploits from the 
    Internet. If compromised, the DMZ server can be used to attack your network. 
    						
    							Reference Manual for the 108 Mbps Wireless Firewall Router WGT624 v3
    Advanced Configuration 6-9
    202-10090-01, April 2005
    Under MTU Size, enter a new size between 64 and 1500. Then, click Apply to save the new 
    configuration.
    Using a Dynamic DNS Service
    If your network has a permanently assigned IP address, you can register a domain name and have 
    that name linked with your IP address by public Domain Name Servers (DNS). However, if your 
    Internet account uses a dynamically assigned IP address, you will not know in advance what your 
    IP address will be, and the address can change frequently. In this case, you can use a commercial 
    dynamic DNS service which will allow you to register your domain to their IP address, and will 
    forward traffic directed at your domain to whatever your current IP address happens to be.
    The router contains a client that can connect to many popular dynamic DNS services. You can 
    select one of these services and obtain an account with them. Then, whenever your ISP-assigned 
    IP address changes, your router will automatically contact your dynamic DNS service provider, 
    log in to your account, and register your new IP address.
    From the Main Menu of the browser interface, under Advanced, click on Dynamic DNS. 
    Figure 6-4:  Dynamic DNS screen
    Note: If your ISP assigns a private WAN IP address (such as 192.168.x.x or 10.x.x.x), 
    the dynamic DNS service will not work because private addresses will not be routed on 
    the Internet. 
    						
    							Reference Manual for the 108 Mbps Wireless Firewall Router WGT624 v3
    6-10 Advanced Configuration
    202-10090-01, April 2005
    To configure Dynamic DNS:
    1.Register for an account with one of the dynamic DNS service providers whose names appear 
    in the ‘Select Service Provider’ box. For example, for dyndns.org, go to www.dyndns.org.
    2.Select the Use a Dynamic DNS service check box. 
    3.Select the name of your dynamic DNS Service Provider. 
    4.Type the Host Name (or domain name) that your dynamic DNS service provider gave you.
    5.Type the User Name for your dynamic DNS account. 
    6.Type the Password (or key) for your dynamic DNS account. 
    7.If your dynamic DNS provider allows the use of wildcards in resolving your URL, you may 
    select the Use wildcards check box to activate this feature.  
    For example, the wildcard feature will cause *.yourhost.dyndns.org to be aliased to the same 
    IP address as yourhost.dyndns.org
    8.Click Apply to save your configuration. 
    						
    All Netgear manuals Comments (0)

    Related Manuals for Netgear Router WGT624 V3 User Manual