Netgear Wndr3400v3 N600 Wireless Dual Band Router User Manual
Have a look at the manual Netgear Wndr3400v3 N600 Wireless Dual Band Router User Manual online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 137 Netgear manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.
Advanced Settings 81 N600 Wireless Dual Band Router WNDR3400v3 ignores any inbound traffic that is not a response to your own outbound traffic. You can configure exceptions to this default rule by using the port forwarding feature. A typical application of port forwarding can be shown by reversing the client-server relationship from the previous web server example. In this case, a remote computer’s browser needs to access a web server running on a computer in your local network. Using port forwarding, you can tell the router, “When you receive incoming traffic on port 80 (the standard port number for a web server process), forward it to the local computer at 192.168.1.123.” The following sequence shows the effects of the port forwarding rule you have defined: 1. The user of a remote computer opens a browser and requests a web page from www.example.com, which resolves to the public IP address of your router. The remote computer composes a web page request message with the following destination information: Destination address. The IP address of www.example.com, which is the address of your router. Destination port number. 80, which is the standard port number for a web server process. The remote computer then sends this request message through the Internet to your router. 2. Your router receives the request message and looks in its rules table for any rules covering the disposition of incoming port 80 traffic. Your port forwarding rule specifies that incoming port 80 traffic should be forwarded to local IP address 192.168.1.123. Therefore, your router modifies the destination information in the request message: The destination address is replaced with 192.168.1.123. Your router then sends this request message to your local network. 3. Your web server at 192.168.1.123 receives the request and composes a return message with the requested web page data. Your web server then sends this reply message to your router. 4. Your router performs Network Address Translation (NAT) on the source IP address, and sends this request message through the Internet to the remote computer, which displays the web page from www.example.com. To configure port forwarding, you need to know which inbound ports the application needs. You can usually determine this information by contacting the publisher of the application or the relevant user groups and newsgroups. How Port Forwarding Differs from Port Triggering The following points summarize the differences between port forwarding and port triggering: •Port triggering is used by any computer on your network, although only one computer can use it at a time. •Port forwarding is configured for a single computer on your network.
Advanced Settings 82 N600 Wireless Dual Band Router WNDR3400v3 • Port triggering does not require that you know the computer’s IP address in advance. The IP address is captured automatically. • Port forwarding requires that you specify the computer ’s IP address during configuration, and the IP address can never change. • Port triggering requires specific outbound traf fic to open the inbound ports, and the triggered ports are closed after a period of no activity. • Port forwarding is always active and does not need to be triggered. Set Up Port Forwarding to Local Servers Using the port forwarding feature, you can allow certain types of incomi\ ng traffic to reach servers on your local network. For example, you might want to make a loc\ al web server, FTP server, or game server visible and available to the Internet. Use the Port Forwarding screen to configure the router to forward specif\ ic incoming protocols to computers on your local network. In addition to servers for specific \ applications, you can also specify a default DMZ server to which all other incoming protocols \ are forwarded. Before starting, you need to determine which type of service, applicatio\ n, or game you want to provide, and the local IP address of the computer that provides the s\ ervice. The server computer has to always have the same IP address. To set up port forwarding: Tip:T o ensure that your server computer always has the same IP address, use the reserved IP address feature of your N600 Wireless Dual Band Router. 1. Select Advanced Setup > Port Forwarding/Port T riggering to display the following screen:
Advanced Settings 83 N600 Wireless Dual Band Router WNDR3400v3 Port Forwarding is selected as the service type. 2. From the Service Name list, select the service or game that you host on \ your network. If the service does not appear in the list, see Add a Custom Service on page 83. 3. In the corresponding Server IP Address field, enter the last digit of the IP address of your local computer that provides this service. 4. Click Add. The service appears in the list in the screen. Add a Custom Service To define a service, game, or application that does not appear in the Ser\ vice Name list, you have to first determine which port number or range of numbers used by th\ e application. You can usually determine this information by contacting the publisher of th\ e application or user groups or newsgroups. To add a custom service: 1. Select Advanced > Advanced Setup > Port Forwarding/Port Triggering . 2. Select Port Forwarding as the service type. 3. Click the Add Custom Service button to display the following screen: 4. In the Service Name field, enter a descriptive name. 5. In the Service Type list, select the protocol. If you are unsure, select TCP/UDP. 6. Specify the port settings: • External Starting Port and External Ending Port. These are the starting number and ending number for the public ports at the Internet interface. For si\ ngle port forwarding, the number in the External Starting Port and External Ending\ Port fields can be the same. • Use the same port range for Internal port . This check box is selected by default. If you want to use different ports, clear this check box and specify the internal ports.
Advanced Settings 84 N600 Wireless Dual Band Router WNDR3400v3 •Internal Starting Port and Internal Ending Port. These are the starting number and ending number for the ports of a computer on the router’s local area network (LAN). These are private ports. The router calculates the internal ending port. 7. In the Internal IP Address field, enter the IP address of your local computer that provides this service. 8. Click Apply. The service appears in the list in the Port Forwarding/Port Triggering screen. Edit or Delete a Port Forwarding Entry To edit or delete a port forwarding entry: 1. In the table, select the radio button next to the service name. 2. Click Edit Service or Delete Service. Application Example: Making a Local Web Server Public If you host a web server on your local network, you can use port forwarding to allow web requests from anyone on the Internet to reach your web server. To make a local web server public: 1. Assign your web server either a fixed IP address or a dynamic IP address using DHCP address reservation. In this example, your router always gives your web server an IP address of 192.168.1.33. 2. In the Port Forwarding screen, configure the router to forward the HTTP service to the local address of your web server at 192.168.1.33. HTTP (port 80) is the standard protocol for web servers. 3. (Optional) Register a host name with a Dynamic DNS service, and configure your router to use the name as described in Dynamic DNS on page 86. To access your web server from the Internet, a remote user has to know the IP address assigned by your ISP. However, if you use a Dynamic DNS service, the remote user can reach your server by a user-friendly Internet name, such as mynetgear.dyndns.org. Set Up Port Triggering Port triggering is a dynamic extension of port forwarding that is useful in these cases: •More than one local computer needs port forwarding for the same application (but not simultaneously). •An application needs to open incoming ports that are different from the outgoing port. When port triggering is enabled, the router monitors outbound traffic looking for a specified outbound “trigger” port. When the router detects outbound traffic on that port, it remembers the IP address of the local computer that sent the data. The router then temporarily opens the specified incoming port or ports, and forwards incoming traffic on the triggered ports to the triggering computer.
Advanced Settings 85 N600 Wireless Dual Band Router WNDR3400v3 Port forwarding creates a static mapping of a port number or range to a \ single local computer. Port triggering dynamically opens ports to any computer that needs the\ m and can close the ports when they are no longer needed. Note: If you use applications such as multiplayer gaming, peer-to-peer connections, real-time communications such as instant messaging, or remote assistance (a feature in Windows XP), you should also enable Universal Plug and Play (UPnP) according to the instructions in Universal Plug and Play on page 90. To set up port triggering, you need to know which inbound ports the appli\ cation needs. Also, you need to know the number of the outbound port that triggers the openi\ ng of the inbound ports. You can usually determine this information by contacting the publisher of\ the application or user groups or newsgroups. To set up port triggering: 1. Select Advanced > Advanced Setup > Port Forwarding/Port Triggering . 2. Select the Port T riggering radio button to display the port triggering information. 3. Clear the Disable Port Triggering check box if it is selected. Note: If the Disable Port Triggering check box is selected after you configure\ port triggering, port triggering is disabled. However, any port triggeri\ ng configuration information you added to the router is retained even though it is not used. 4. In the Port Triggering Timeout field, enter a value up to 9999 minutes. This value controls the inactivity timer for the designated inbound ports. The inbound ports close when the inactivity time expires. This is required because the router cannot be sure when the application has terminated.
Advanced Settings 86 N600 Wireless Dual Band Router WNDR3400v3 5. Click Add Service to display the following screen: 6. In the Service Name field, type a descriptive service name. 7. In the Service User list, select Any (the default) to allow this service to be used by any computer on the Internet. Otherwise, select Single address, and enter the IP address of one computer to restrict the service to a particular computer . 8. Select the service type, either TCP or UDP or both ( TCP/UDP). If you are not sure, select TCP/UDP . 9. In the Triggering Port field, enter the number of the outbound traffic port that causes the inbound ports to open. 10. Enter the inbound connection port information in the Connection Type, Starting Port, and Ending Port fields. 11. Click Apply . The service appears in the Port Triggering Portmap table. Dynamic DNS If your Internet service provider (ISP) gave you a permanently assigne\ d IP address, you can register a domain name and have that name linked with your IP address by\ public Domain Name Servers (DNS). However, if your Internet account uses a dynamically assigned IP address, you do not know in advance what your IP address will be, and th\ e address can change frequently. In this case, you can use a commercial Dynamic DNS service. This type of service lets you register your domain to their IP address and forward\ s traffic directed at your domain to your frequently changing IP address. If your ISP assigns a private WAN IP address (such as 192.168.x.x or 10.x.x.x), the Dynamic DNS service will not work because private addresses are not routed on th\ e Internet. Your router contains a client that can connect to the Dynamic DNS service\ provided by DynDNS.org. First visit their website at http://www .dyndns.org and obtain an account and host name that you configure in the router. Then, whenever your ISP-assigned IP address
Advanced Settings 87 N600 Wireless Dual Band Router WNDR3400v3 changes, your router automatically contacts the Dynamic DNS service prov\ ider, logs in to your account, and registers your new IP address. If your host name is ho\ stname, for example, you can reach your router at http://hostname.dyndns.org. On the Advanced tab, select Advanced Setup > Dynamic DNS to display the following screen: To set up Dynamic DNS: 1. Register for an account with one of the Dynamic DNS service providers wh\ ose URLs appear in the Service Provider list. 2. Select the Use a Dynamic DNS Service check box. 3. Select the URL of your Dynamic DNS service provider . For example, for DynDNS.org, select www.dyndns.org . 4. T ype the host name (or domain name) that your Dynamic DNS service provi\ der gave you. 5. T ype the user name for your Dynamic DNS account. This is the name that you use to log in to your account, not your host name. 6. T ype the password (or key) for your Dynamic DNS account. 7. Click Apply to save your configuration. Static Routes Static routes provide additional routing information to your router. Und\ er usual circumstances, the router has adequate routing information after it has \ been configured for Internet access, and you do not need to configure additional static rout\ es. You have to configure static routes only for unusual cases such as multiple routers \ or multiple IP subnets located on your network. As an example of when a static route is needed, consider the following c\ ase: • Y our primary Internet access is through a cable modem to an ISP.
Advanced Settings 88 N600 Wireless Dual Band Router WNDR3400v3 • You have an ISDN router on your home network for connecting to the compan\ y where you are employed. This router’s address on your LAN is 192.168.1.100. • Y our company’s network address is 134.177.0.0. When you first configured your router, two implicit static routes were c\ reated. A default route was created with your ISP as the gateway , and a second static route was created to your local network for all 192.168.1.x addresses. With this configuration, if\ you attempt to access a device on the 134.177.0.0 network, your router forwards your request to \ the ISP. The ISP forwards your request to the company where you are employed, and the req\ uest is denied by the company’s firewall. In this case you have to define a static route, telling your router that\ 134.177.0.0 should be accessed through the ISDN router at 192.168.1.100. In this example: • The Destination IP Address and IP Subnet Mask fields specify that this static route applies to all 134.177.x.x addresses. • The Gateway IP Address field specifies that all traffic for these addresses should be forwarded to the ISDN router at 192.168.1.100. • A metric value of 1 works since the ISDN router is on the LAN. • Private is selected only as a precautionary security measure in case RIP\ is activated. To set up a static route: 1. Select Advanced > Advanced Setup > Static Routes, and click Add to display the following screen: 2. In the Route Name field, type a name for this static route (for identification purposes only.) 3. Select the Private check box if you want to limit access to the LAN only . If Private is selected, the static route is not reported in RIP. 4. Select the Active check box to make this route ef fective. 5. T ype the IP address of the final destination.
Advanced Settings 89 N600 Wireless Dual Band Router WNDR3400v3 6. Type the IP subnet mask for this destination. If the destination is a sin\ gle host, type 255.255.255.255. 7. T ype the gateway IP address, which has to be a router on the same LAN segment as the N600 Wireless Dual Band Router. 8. T ype a number between 1 and 15 as the metric value. This value represents the number of routers between your network and the\ destination. Usually , a setting of 2 or 3 works, but if this is a direct connection, set it \ to 1. 9. Click Apply to add the static route. Remote Management The remote management feature lets you upgrade or check the status of yo\ ur N600 Wireless Dual Band Router over the Internet. To set up remote management: 1. Select Advanced > Advanced Setup > Remote Management. Note:Be sure to change the router’s default login password to a secure password. The ideal password should contain no dictionary words from any language and contain uppercase and lowercase letters, numbers, and symbols. It can be up to 30 characters. 2. Select the T urn Remote Management On check box. 3. Under Allow Remote Access By, specify the external IP addresses allowed to access the router’s remote management. Note: For enhanced security, restrict access to as few external IP addresses as practical.
Advanced Settings 90 N600 Wireless Dual Band Router WNDR3400v3 •To allow access from a single IP address on the Internet, select Only This Computer. Enter the IP address that allows access. •To allow access from a range of IP addresses on the Internet, select IP Address Range. Enter a beginning and ending IP address to define the allowed range. •To allow access from any IP address on the Internet, select Everyone. 4. Specify the port number for accessing the web management interface. Normal web browser access uses the standard HTTP service port 80. For greater security, enter a custom port number for the remote web management interface. Choose a number between 1024 and 65535, but do not use the number of any common service port. The default is 8080, which is a common alternate for HTTP. 5. Click Apply to have your changes take effect. When accessing your router from the Internet, type your router’s WAN IP address into your browser’s address or location field followed by a colon (:) and the custom port number. For example, if your external address is 134.177.0.123 and you use port number 8080, enter http://134.177.0.123:8080 in your browser. USB Settings For added security, the router can be set up to share only approved USB devices. See Specify Approved USB Devices on page 57 for the procedure. Universal Plug and Play Universal Plug and Play (UPnP) helps devices, such as Internet appliances and computers, to access the network and connect to other devices as needed. UPnP devices can automatically discover the services from other registered UPnP devices on the network. Note:If you use applications such as multiplayer gaming, peer-to-peer connections, or real-time communications such as instant messaging or remote assistance (a feature in Windows XP), you should enable UPnP.