N600 Wireless Dual Band Router WNDR3400v2
User Manual
350 East Plumeria Drive
San Jose, CA 95134
USA
January 2013
202-10828-04
N600 Wireless Dual Band Router WNDR3400v2
Support
Thank you for selecting NETGEAR products.
After installing your device, locate the serial number on the label of your product and use it to register your product
at
https://my.netgear.com. You must register your product before you can use NETGEAR telephone support.
NETGEAR recommends registering your product through the NETGEAR website. For product updates and web
support, visit
Phone (US & Canada only): 1-888-NETGEAR.
Phone (Other Countries): Check the list of phone numbers at
http://support.netgear.com/general/contact/default.aspx.
http://support.netgear.com.
Trademarks
NETGEAR, the NETGEAR logo, and Connect with Innovation are trademarks and/or registered trademarks of
NETGEAR, Inc. and/or its subsidiaries in the United States and/or other countries. Information is subject to change
without notice. ©NETGEAR, Inc. All rights reserved.
2
Contents
Chapter 1 Hardware Setup
Chapter 2 Getting Started with NETGEAR genie
Unpack Your Router . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Position Your Router . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Prepare the Router . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Hardware Features. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Front Panel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Back Panel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Label. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
Cable Your Router . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
Verify the Cabling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
Router Setup Preparation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Use Standard TCP/IP Properties for DHCP . . . . . . . . . . . . . . . . . . . . . . 17
Gather ISP Information. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Wireless Devices and Security Settings . . . . . . . . . . . . . . . . . . . . . . . . . 17
Types of Logins and Access. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
NETGEAR genie Setup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
Use NETGEAR genie after Installation. . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
Upgrade Router Firmware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
Router Dashboard (Basic Home Screen) . . . . . . . . . . . . . . . . . . . . . . . . . . 20
Add Wireless Devices or Computers to Your Network . . . . . . . . . . . . . . . . 21
Manual Method. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
Wi-Fi Protected Setup (WPS) Method . . . . . . . . . . . . . . . . . . . . . . . . . . 21
Chapter 3 genie Basic Settings
Internet Setup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
Internet Setup Screen Fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
Attached Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
Parental Controls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
ReadySHARE USB Storage. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
Basic Wireless Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
Wireless Setup Screen Fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
Change WPA Security Option and Passphrase . . . . . . . . . . . . . . . . . . . 30
Guest Networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
Guest Network Wireless Security Options . . . . . . . . . . . . . . . . . . . . . . . 32
3
N600 Wireless Dual Band Router WNDR3400v2
Chapter 4 genie Advanced Home
Setup Wizard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
WPS Wizard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36
Setup Menu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
WAN Setup. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38
Default DMZ Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
Change the MTU Size . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
LAN Setup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
LAN Setup Screen Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
Use the Router as a DHCP Server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
Address Reservation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
Quality of Service (QoS) Setup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
Chapter 5 USB Storage
USB Drive Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50
ReadySHARE Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50
File-Sharing Scenarios . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
Basic Settings. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52
Add or Edit a Network Folder . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53
USB Storage Advanced Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54
Safely Remove a USB Drive . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56
Specify Approved USB Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56
Connect to the USB Drive from a Remote Computer. . . . . . . . . . . . . . . . . 57
Access the Router’s USB Drive Remotely Using FTP . . . . . . . . . . . . . . 57
Chapter 6 Security
Keyword Blocking of HTTP Traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60
Block Services (Port Filtering) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
Schedule Blocking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62
Security Event Email Notifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63
Chapter 7 Administration
Upgrade the Router Firmware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66
View Router Status. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67
Router Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67
Internet Provider (WAN) Setup. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67
Wireless Settings (2.4 GHz and 5 GHz) . . . . . . . . . . . . . . . . . . . . . . . . . 70
Guest Network (2.4 GHz and 5 GHz) . . . . . . . . . . . . . . . . . . . . . . . . . . . 71
View Logs of Web Access or Attempted Web Access . . . . . . . . . . . . . . . . 71
Manage the Configuration File . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72
Backup Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73
Restore Configuration Settings. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73
Erase . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73
Set Password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74
Password Recovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74
4
N600 Wireless Dual Band Router WNDR3400v2
Chapter 8 Advanced Settings
Advanced Wireless Settings. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77
Wireless Repeating Function (WDS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78
Wireless Repeating Function . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79
Set up the Base Station . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80
Set up a Repeater Unit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81
Port Forwarding and Triggering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82
Remote Computer Access Basics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82
Port Triggering to Open Incoming Ports . . . . . . . . . . . . . . . . . . . . . . . . . 83
Port Forwarding to Permit External Host Communications . . . . . . . . . . 84
How Port Forwarding Differs from Port Triggering . . . . . . . . . . . . . . . . . 85
Set up Port Forwarding to Local Servers . . . . . . . . . . . . . . . . . . . . . . . . . . 86
Add a Custom Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87
Editing or Deleting a Port Forwarding Entry . . . . . . . . . . . . . . . . . . . . . . 88
Set up Port Triggering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89
Dynamic DNS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91
Static Routes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93
Remote Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95
USB Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96
Universal Plug and Play . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96
IPv6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98
Traffic Meter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98
Chapter 9 Troubleshooting
Quick Tips. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101
Sequence to Restart Your Network . . . . . . . . . . . . . . . . . . . . . . . . . . . 101
Check Ethernet Cable Connections . . . . . . . . . . . . . . . . . . . . . . . . . . . 101
Wireless Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101
Network Settings. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101
Troubleshooting with the LEDs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102
Power/Test LED Is Off or Blinking . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102
Power/Test LED Stays Amber . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102
LEDs Never Turn Off . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102
Internet or Ethernet Port LEDs Are Off . . . . . . . . . . . . . . . . . . . . . . . . . 103
Wireless LEDs Are Off . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103
The Push 'N' Connect (WPS) Button Blinks Amber . . . . . . . . . . . . . . . 103
Cannot Log in to the Router . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103
Cannot Access the Internet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104
Troubleshooting PPPoE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105
Troubleshooting Internet Browsing . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106
Changes Not Saved . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106
Incorrect Date or Time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107
Wireless Connectivity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107
Wireless Signal Strength . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107
Restore the Factory Settings and Password . . . . . . . . . . . . . . . . . . . . . . 108
Troubleshoot Your Network Using the Ping Utility . . . . . . . . . . . . . . . . . . 108
Test the LAN Path to Your Router . . . . . . . . . . . . . . . . . . . . . . . . . . . . 108
5
N600 Wireless Dual Band Router WNDR3400v2
Test the Path from Your Computer to a Remote Device . . . . . . . . . . . 109
Appendix A Supplemental Information
Factory Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110
Technical Specifications. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112
Appendix B Notification of Compliance
Index
6
1. Hardware Setup
Getting to know your router
1
The N600 Wireless Dual Band Router WNDR3400v2 provides you with an easy and secure way
to set up a wireless home network with fast access to the Internet over a high-speed digital
subscriber line (DSL). It is compatible with all major DSL Internet service providers, lets you
block unsafe Internet content and applications, and protects the devices (PCs, gaming consoles,
and so on) that you connect to your home network.
Note: For more information about the topics covered in this manual, visit
the support website at http://support.netgear.com.
If you have not already set up your new router using the installation guide that comes in the box,
this chapter walks you through the hardware setup.
how to set up your Internet connection.
This chapter contains the following sections:
• Unpack Your Router
Chapter 3, genie Basic Settings, explains
• Position Your Router
• Hardware Features
• Cable Your Router
• Verify the Cabling
7
N600 Wireless Dual Band Router WNDR3400v2
Ethernet cable
Router stand
(two pieces)
Power adapter
N600 wireless router
Unpack Your Router
Open the box and remove the router, cables, and installation guide.
Your box should contain the following items:
• N600
• Route
• AC power a
• Categ
• In
If any parts are incorrect, missing, or damaged,
Wireless Dual Band Router WNDR3400v2
r stand (two pieces)
dapter (plug varies by region)
ory 5 (Cat 5) Ethernet cable
stallation guide with cabling and router setup instructions
contact your NETGEAR dealer. Keep the
carton and original packing materials, in case you need to return the product for repair.
Position Your Router
The router lets you access your network from virtually anywhere within the operating range of
your wireless network. However, the operating distance or range of your wireless connection
can vary significantly depending on the physical placement of your router. For example, the
thickness and number of walls the wireless signal passes through can limit the range. For
best results, place your router:
• Near
the center of the area where your computers and other devices operate and
preferably within line of sight to your wireless devices.
• So it is accessible to a
• In
• A
n AC power outlet and near Ethernet cables for wired computers.
an elevated location such as a high shelf, keeping the number of walls and ceilings
between the router and your other devices to a minimum.
way from electrical devices that are potential sources of interference, such as ceiling
fans, home security systems, microwaves, PCs, or the base of a cordless phone or 2.4
GHz cordless phone.
Hardware Setup
8
N600 Wireless Dual Band Router WNDR3400v2
• Away from any large metal surfaces, such as a solid metal door or aluminum studs. Large
expanses of other materials such as glass, insulated walls, fish tanks, mirrors, brick, and
concrete can also affect your wireless signal.
To reduce interference when you use multiple access points, ensure that adjacent access
oints use different radio frequency channels. The recommended channel spacing between
p
adjacent access points is 5 channels (for example, use Channels 1 and 6, or 6 and 11).
Prepare the Router
To ensure proper heat dissipation and for router stability, it is important that you connect the
stand and place your router in an upright position.
To prepare your router for installation:
1. Care
fully peel off the protective film covering the top and sides of your router.
Hardware Setup
9
N600 Wireless Dual Band Router WNDR3400v2
2. Set up your N600 Wireless Dual Band Router by inserting the tabs of the stand (supplied
with your router) into the slots on the bottom of your router as shown.
3. Place your router in an area suitable for installation (near an AC power outlet and accessible
to the Ethernet cables for your wired computers).
Hardware Setup
10
N600 Wireless Dual Band Router WNDR3400v2
USB LED
WPS button
LAN Ports 1-4 LEDs
5 GHz LED
2.4 GHz LED
Internet LED
Power/Test LED
Hardware Features
Before you cable your router, take a moment to become familiar with the label and the front
and back panels. Pay particular attention to the LEDs on the front panel.
Front Panel
The router front panel has the status LEDs and icons shown in the following figure.
Table 1. Front panel LED descriptions
LED Description
USB
• Solid green. The local Ethernet ports have detected wired links with PCs.
linking green. Data is being transmitted or received.
• B
No link is detected on these ports.
• Off.
Hardware Setup
11
N600 Wireless Dual Band Router WNDR3400v2
5
GHz
2.4
GHz
Table 1. Front panel LED descriptions (continued)
LED Description
LAN ports
1–4
5 GHz
2.4 GHz
Internet
Power/Test • Solid amber. The unit is starting up after being powered on.
• Solid green. The LAN port has detected a 1,000 Mbps link with an attached device.
• Blinking green. Data is being sent at 1,000 Mbps.
lid amber. The LAN port has detected a 10 Mbps link with an attached device.
• So
inking amber. Data is being sent at 100 Mbps or 10 Mbps.
• Bl
• Off. No
• Solid blue. The wireless radio is operating.
• Bli
• Off. The wireless radio is off.
• Solid blue. The wireless radio is operating.
• Bli
• Off. The wireless radio is off.
• Solid amber. The IP address has not been acquired.
• Solid green. An IP address was received; ready to transmit data.
• Blin
• Off. No
• So
• Bl
• Blinking green. The firmware is corrupt.
• Off. Po
link is detected on this port.
nking blue. Data is being sent or received over the wireless network.
nking blue. Data is being sent or received over the wireless network.
king green. Data is being sent to or received from the Internet.
Ethernet cable is connected between the router and the modem.
lid green. The power is on and the router is ready.
inking amber. A firmware update is in progress.
wer is not supplied to the router.
WPS
• Solid green. Indicates that wireless security is enabled.
• Blin
• Off. No
king green. The router is using WPS to add a wireless device to the network.
WPS connection exists.
Hardware Setup
12
N600 Wireless Dual Band Router WNDR3400v2
USB port
Restore Factory Settings button. Press and hold this
button for about 5 seconds to reset the router to its factory
default settings.
WiFi On/Off button
Four local area network (LAN) 10/100 Mbps Ethernet ports
for connecting the router to your local computers.
Internet/Wide Area Network (WAN) Ethernet port for
connecting the router to a cable or DSL modem.
AC power adapter outlet for connecting the power adapter.
Power On/Off button.
Back Panel
The back panel has the connections shown in the following figure.
See Factory Settings on page 110 for information about restoring factory settings.
Hardware Setup
13
N600 Wireless Dual Band Router WNDR3400v2
MAC addresses
Serial number
Preset WiFi Password
Default access information
Preset SSID
Label
The label on the bottom of the router shows the WPS PIN, login information, MAC address,
and serial number.
Hardware Setup
14
N600 Wireless Dual Band Router WNDR3400v2
2.4
GHz
5
GHz
Cable Your Router
The installation guide that came in the box has a cabling diagram on the first page.
Verify the Cabling
Verify that your router is cabled correctly by checking the router LEDs. Turn on the router by
pressing the On/Off button on the back.
•
•
•
•
Verify that the LAN
an Ethernet cable.
The Power/Test LED is green when the router is turned on.
The LAN ports are green for each Windows computer cabled to the router by an
Ethernet cable.
The Wireless LEDs are on.
The Internet LED is lit. If it is not, make sure that the Ethernet cable is securely
attached to the router Internet port and the modem, and that the modem is powered on.
LEDs (1 through 4) are lit for any computers cabled to the router by
Hardware Setup
15
2. Getting Started with NETGEAR genie
Connecting to the router
2
This chapter explains how to use NETGEAR genie to set up your router after you complete
cabling as described in the installation guide and in the previous chapter in this book.
This chapter contains the following sections:
• Router Setup Preparation
• Types of Logins and Access
• NETGEAR genie Setup
• Use NETGEAR genie after Installation
• Upgrade Router Firmware
• Router Dashboard (Basic Home Screen)
• Add Wireless Devices or Computers to Your Network
16
N600 Wireless Dual Band Router WNDR3400v2
Router Setup Preparation
You can set up your router with the NETGEAR genie automatically, or you can use the genie
menus and screens to set up your router manually. However, before you start the setup
process, you need to have your ISP information on hand and make sure the laptops, PCs,
and other devices in the network have the settings described here.
Use Standard TCP/IP Properties for DHCP
If you set up your computer to use a static IP address, you need to change the settings so
that it uses Dynamic Host Configuration Protocol (DHCP).
Gather ISP Information
If you have DSL broadband service, you might need the following information to set up your
router and to check that your Internet configuration is correct. Your Internet service provider
(ISP) should have provided you with all of the information needed to connect to the Internet.
If you cannot locate this information, ask your ISP to provide it. When your Internet
connection is working, you no longer need to launch the ISP login program on your computer
to access the Internet. When you start an Internet application, your router automatically logs
you in.
• The ISP configuration information for your DSL account
• ISP login name and password
• Fixed or static IP address settings (special deployment by ISP; this is rare)
Wireless Devices and Security Settings
Make sure that the wireless device or computer that you are using supports WPA or WPA2
wireless security, which is the wireless security supported by the router. See
Settings on page 27 for information about the router’s preconfigured security settings.
Basic Wireless
Types of Logins and Access
There are two separate types of logins that have different purposes. It is important that you
understand the difference so that you know which login to use when.
• Router login logs you in to the router interface from NETGEAR genie. See Use
NETGEAR genie after Installation on page 19 for details about this login.
• ISP login logs you in to your Internet service. Your service provider provided you with this
login information in a letter or some other way. If you cannot find this login information,
contact your service provider.
Getting Started with NETGEAR genie
17
N600 Wireless Dual Band Router WNDR3400v2
• Wireless network key or password. Your router is preset with a unique wireless
network name (SSID) and password for wireless access. This information is on the label
on the bottom of your router.
NETGEAR genie Setup
NETGEAR genie runs on any device with a web browser. It is the easiest way to set up the
router because it automates many of the steps and verifies that those steps have been
successfully completed. It takes about 15
To use NETGEAR genie to set up your router:
1. Turn on the router by pressing the On/Off button.
2. Make sure that your device is connected with an Ethernet cable to your router.
3. Launch your Internet browser.
• If this is the first time you are setting up the Internet connection for your router, the
browser automatically goes to http://www.routerlogin.net, and the NETGEAR genie
screen displays.
• If you already used the NETGEAR genie, type http://www.routerlogin.net in the
address field for your browser to display the NETGEAR genie screen. See
NETGEAR genie after Installation on page 19.
minutes to complete.
Use
4. Follow the onscreen instructions to complete NETGEAR genie setup. NETGEAR genie
guides you through connecting the router to the Internet.
If the browser cannot display the web page:
• Make sure that the computer is connected to one of the four LAN Ethernet ports, or
wirelessly to the router.
• Make sure that the router is up and running. Its Wireless LEDs should turn on.
• Close and reopen the browser to make sure that the browser does not cache the previous
page.
• Browse to http://routerlogin.net.
• If the computer is set to a static or fixed IP address (this is uncommon), change it to
obtain an IP address automatically from the router.
If the router does not connect to the Internet:
1. Review your settings to be sure that you selected the correct options and typed
everything correctly.
2. Contact your ISP to verify that you have the correct configuration information.
3. Read Chapter 9, Troubleshooting. If problems persist, register your NETGEAR product and
contact NETGEAR technical support.
Getting Started with NETGEAR genie
18
N600 Wireless Dual Band Router WNDR3400v2
admin
********
CAUTION:
Use NETGEAR genie after Installation
When you first set up your router, NETGEAR genie automatically starts when you launch an
Internet browser on a computer that is connected to the router. You can use NETGEAR genie
again if you want to view or change settings for the router.
aunch your browser from a computer or wireless device that is connected to the router.
1. L
2. Ente
r http://www.routerlogin.net or http://www.routerlogin.com.
The login window displays:
3. Enter admin for the router user name and password for the router password, both in
lowercase letters.
Note: The router user name and password are different from the user name
a
nd password for logging in to your Internet connection. See Types of Logins
and Access on p
age 17 for more information.
Upgrade Router Firmware
When you set up your router and are connected to the Internet, the router automatically
checks for you to see if newer firmware is available. If it is, a message is displayed on the top
of the screen. See Upgrade the Router Firmware on p
upgrading firmware.
Click the message when it shows up, and click Ye
firmware. After the upgrade, the router restarts.
Do not try to go online, turn off the router, shut down the computer, or do
anything else to the router until the router finishes restarting and the
Power LED has stopped blinking for several seconds.
age 66 for more information about
s to upgrade the router with the latest
Getting Started with NETGEAR genie
19
N600 Wireless Dual Band Router WNDR3400v2
Language
Help
Dashboard
(Click to
view
details)
Menus
(Click the
Advanced
tab to view
more)
Router Dashboard (Basic Home Screen)
The router Basic Home screen has a dashboard that lets you see the status of your Internet
connection and network at a glance. You can click any of the six sections of the dashboard to
view more detailed information. The left column has the menus, and at the top there is an
Advanced tab that is used to access additional menus and screens.
Figure 1. Router Basic Home screen with dashboard, language, and online help
• Home. This dashboard screen displays when you log in to the router.
• Inte
• Wi
• Att
• Parent
rnet. Set, update, and check the ISP settings of your router.
reless. View or change the wireless settings for your router.
ached Devices. View the devices connected to your network.
al Controls. Download and set up parental controls to prevent objectionable
content from reaching your computers.
• Read
ySHARE. If you connected a USB storage device to the router, then it is displayed
here.
• Guest Network. Set u
p a guest network to allow visitors to use your router’s Internet
connection.
• Adva
nced tab. Set the router up for unique situations such as when remote access by IP
or by domain name from the Internet is needed. See Chapter 8, Advanced Settings.
Using this tab requires a solid understanding of networking concepts.
• Help &
Support. Go to the NETGEAR support site to get information, help, and product
documentation. These links work once you have an Internet connection.
Getting Started with NETGEAR genie
20
N600 Wireless Dual Band Router WNDR3400v2
Add Wireless Devices or Computers to Your Network
Choose either the manual or the WPS method to add wireless devices and other equipment
to your wireless network. See Guest Networks on
guest network.
Manual Method
To connect manually:
page 31 for instructions on how to set up a
1. Open
2. Look for your net
3. Ente
4. Repe
the software that manages your wireless connections on the wireless device
(laptop computer, gaming device, iPhone) that you want to connect to your router. This
software scans for all wireless networks in your area.
work and select it. If you did not change the name of your network during
the setup process, look for the default WiFi network name (SSID) and select it. The default
SSID is on the product label on the bottom of the router.
r the router password and click Connect. The default router passphrase is on the
product label on the bottom of the router.
at steps 1–3 to add other wireless devices.
Wi-Fi Protected Setup (WPS) Method
Wi-Fi Protected Setup (WPS) is a standard for easily adding computers and other devices to
a home network while maintaining security. To use WPS, make sure that all wireless devices
to be connected to the network are Wi-Fi certified and support WPS. During the connection
process, the client gets the security settings from the router so that every device in the
network has the same security settings.
To use WPS to join the wireless network:
If your wireless device supports WPS (Push 'N' Connect), follow these steps:
1. Pre
2. Within 2 minutes, press
ss the WPS button on the router top panel .
the WPS button on your wireless device, or follow the WPS
instructions that came with the device. The device is now connected to your router.
3. Repe
at steps 1–2 to add other WPS wireless devices.
Getting Started with NETGEAR genie
21
3. genie Basic Settings
Your Internet connection and network
3
This chapter explains the features available from the genie Basic Home screen, shown in the
following figure:
This chapter contains the following sections:
• Internet Setup
• Attached Devices
• Parental Controls
• ReadySHARE USB Storage
• Basic Wireless Settings
• Guest Networks
22
N600 Wireless Dual Band Router WNDR3400v2
Scroll to
view more
settings
Internet Setup
The Internet Setup screen is where you view or change ISP information.
1. F
rom the Home screen, select Internet. The following screen displays:
The fields that display in the Internet Setup screen depend on whether your Internet
connection requires a login.
• Ye
• No. Ente
2. Ente
If you have problems with your connection, check the ISP settings.
3. Click App
4. Click T
1 minute, see Chapter 9, Troubleshooting.
s. Select the encapsulation method and enter the login name. If you want to
change the login time-out, enter a new value in minutes.
r the account and domain names, only if needed.
r the settings for the IP address and DNS server. The default settings usually work fine.
ly to save your settings.
est to test your Internet connection. If the NETGEAR website does not display within
Internet Setup Screen Fields
The following descriptions explain all of the possible fields in the Internet Setup screen. Note
that which fields display in this screen depends on whether an ISP login is required.
Does Your ISP Require a Login? Answer either yes or no.
These fields display when no login is required:
• Account Nam
also be called the host name.
e (If required). Enter the account name provided by your ISP. This might
• Domain Nam
e (If required). Enter the domain name provided by your ISP.
genie Basic Settings
23
N600 Wireless Dual Band Router WNDR3400v2
These fields display when your ISP requires a login:
• Internet Service Provider Encapsulation. ISP types. The choices are PPPoE, PPTP, or
L2TP.
• Login. The login name provided by your ISP. This is often an email address.
• Password. The password that you use to log in to your ISP.
• Idle Timeout (In minutes). If you want to change the login timeout, enter a new value in
minutes. This determines how long the router keeps the Internet connection active after
there is no Internet activity from the LAN. Entering a value of 0 (zero) means never log
out.
Internet IP Address.
• Get Dynamically from ISP. Your ISP uses DHCP to assign your IP address. Your ISP
automatically assigns these addresses.
• Use Static IP Address. Enter the IP address, IP subnet mask, and the gateway IP
address that your ISP assigned. The gateway is the ISP’s router to which your router
connects.
Domain Name Server (DNS) Address. The DNS server is used to look up site addresses
based on their names.
• Get Automatically from ISP. Your ISP uses DHCP to assign your DNS servers. Your ISP
automatically assigns this address.
• Use These DNS Servers. If you know that your ISP does not automatically transmit DNS
addresses to the router during login, select this option, and enter the IP address of your
ISP’s primary DNS server. If a secondary DNS server address is available, enter it also.
Router MAC Address. The Ethernet MAC address used by the router on the Internet port.
Some ISPs register the MAC address of the network interface card in your computer when
your account is first opened. They will then accept traffic only from the MAC address of that
computer. This feature allows your router to use your computer’s MAC address (this is also
called cloning).
• Use Default Address. Use the default MAC address.
• Use Computer MAC Address. The router captures and uses the MAC address of the
computer that you are now using. You have to use the one computer that allowed by the
ISP.
• Use This MAC Address. Enter the MAC address that you want to use.
genie Basic Settings
24
N600 Wireless Dual Band Router WNDR3400v2
Attached Devices
You can view all computers or devices that are currently connected to your network here.
From the Basic Home screen, select Attached Devices to display the following screen:
Wired devices are connected to the router with Ethernet cables. Wireless devices have
joined the wireless network.
• # (nu
• IP Address. T
• MAC Address.
• Device Na
You can click Re
mber). The order in which the device joined the network.
he IP address that the router assigned to this device when it joined the
network. This number can change if a device is disconnected and rejoins the network.
The unique MAC address for each device does not change. The MAC
address is typically shown on the product label.
me. If the device name is known, it is shown here.
fresh to update this screen.
genie Basic Settings
25
N600 Wireless Dual Band Router WNDR3400v2
Parental Controls
The first time you select Parental Controls from the Basic Home screen, you are
automatically directed to the Internet, where you can learn more about Live Parental Controls
or download the application. The following screen displays:
ReadySHARE USB Storage
You can view information about a USB storage device that is connected to the router’s USB
port here. From the Basic Home screen, select ReadySHARE to display the USB Storage
(Basic Settings) screen:
genie Basic Settings
26
N600 Wireless Dual Band Router WNDR3400v2
This screen displays the following:
• Network/Device Name. The default is \\readyshare. This is the name used to access the
USB device connected to the router.
• Available Network Folders. The folders on the USB device.
Share Name. If only one device is connected, the default share name is USB_Storage.
You can click the name shown, or you can type it in the address field of your web browser.
If Not Shared is shown, the default share has been deleted and no other share for the
root folder exists. Click the link to change this setting.
Read/Write Access. Shows the permissions and access controls on the network folder:
All – no password (the default) allows all users to access the network folder. The user
name (account name) for All – no password is guest. The password for admin is the
same one that you use to log in to the router. By default, it is password.
Folder Name. Full path used by the network folder.
Volume Name. Volume name from the storage device (either USB drive or HDD).
Total/Free Space. Shows the current utilization of the storage device.
• Edit. Click the Edit button to edit the Available Network Folders settings.
• Safely Remove a USB Device. Click to safely remove the USB device attached to your
router.
You can click Refresh to update this screen.
For more information about USB storage, see Chapter 5, USB Storage.
Basic Wireless Settings
The Wireless Setup screen lets you view or configure the wireless network setup.
The N600 Wireless Dual Band Router comes with preset security. This means that the WiFi
network name (SSID), network key (password), and security option (encryption protocol) are
preset in the factory. You can find the preset SSID and password on the product label.
Note: The preset SSID and password are uniquely generated for every
device to protect and maximize your wireless security.
NETGEAR recommends that you do not change your preset security settings. If you do
decide to change your preset security settings, make a note of the new settings and store it in
a safe place where you can easily find it.
If you use a wireless computer to change the wireless network name (SSID) or other wireless
security settings, you are disconnected when you click Apply. To avoid this problem, use a
computer with a wired connection to access the router.
genie Basic Settings
27
N600 Wireless Dual Band Router WNDR3400v2
Scroll to
view more
settings
Scroll to
view more
settings
To view or change basic wireless settings:
1. On the Basic Home screen, select Wireless to display the Wireless Setup screen.
The screen sections, settings, and procedures are explained in the following sections.
2. Make any changes tha
3. Set up and test your
t are needed, and click Apply to save your settings.
wireless devices and computers to make sure that they can connect
wirelessly. If they do not, check the following:
• Is you
r wireless device or computer connected to your network or another wireless
network in your area? Some wireless devices automatically connect to the first open
network (without wireless security) that they discover.
genie Basic Settings
28
N600 Wireless Dual Band Router WNDR3400v2
• Does your wireless device or computer show up on the Attached Devices screen? If it
does, then it is connected to the network.
• If you are not sure what the network name (SSID) or password is, look on the label on
the bottom of your router.
Wireless Setup Screen Fields
Region. The location where the router is used. Select from the countries in the list. In the
United States, the region is fixed to United States and is not changeable.
Wireless Network
Note: These settings apply separately to the 2.4 GHz b/g/n and 5 GHz a/n
bands.
Enable SSID Broadcast. This setting allows the router to broadcast its SSID so wireless
stations can see this wireless name (SSID) in their scanned network lists. This check box is
selected by default. To turn off the SSID broadcast, clear the Allow Broadcast of Name
(SSID) check box, and click Apply.
Enable Wireless Isolation. If this check box is selected, then wireless clients (computers or
wireless devices) that join the network can use the Internet, but cannot access each other or
access Ethernet devices on the network.
Name (SSID). The SSID is also known as the wireless network name. Enter a 32-character
(maximum) name in this field. This field is case-sensitive. The default SSID is randomly
generated, and NETGEAR strongly recommends that you do not change this.
Channel. This setting is the wireless channel used by the gateway. Enter a value from 1
through 13. For products in the North America market, only channels 1 through 11 can be
operated. Do not change the channel unless you experience interference (shown by lost
connections or slow data transfers). If this happens, experiment with different channels to
see which is the best.
Mode. Up to 130 Mbps is the default and allows 802.11n and 802.11g wireless devices to join
the network. g & b supports up to 54 Mbps. The 300 Mbps setting allows 802.11n devices to
connect at this speed.
Security Options Settings
Note: These settings apply separately to the 2.4 GHz b/g/n and 5 GHz a/n
bands.
genie Basic Settings
29
N600 Wireless Dual Band Router WNDR3400v2
The Security Options section of the Wireless Setup screen lets you change the security
option and passphrase. Note that NETGEAR recommends that you not change the
security option or passphrase, but if you want to change these settings, this section
explains how. Do not disable security.
Change WPA Security Option and Passphrase
Note: These settings apply separately to the 2.4 GHz b/g/n and 5 GHz a/n
bands.
1. Under Security Options, select the WPA option you want.
2. In the Passphrase field that displays when you select a WPA security option, enter the
network key (passphrase) that you want to use. It is a text string from 8 to 63 characters.
genie Basic Settings
30
N600 Wireless Dual Band Router WNDR3400v2
Scroll to
view more
settings
Scroll to
view more
settings
Guest Networks
Adding a guest network allows visitors at your home to use the Internet without providing
them with your wireless security key. You can add a guest network to each wireless network:
2.4 GHz b/g/n and 5.0 GHz a/n.
To set up a guest network:
1. Select Basic > Guest Network to
display the following screen:
2. Select any of the following wireless settings:
genie Basic Settings
31
N600 Wireless Dual Band Router WNDR3400v2
Note: These settings apply separately to the 2.4 GHz b/g/n and 5 GHz a/n
bands.
Enable Guest Network. When this check box is selected, the guest network is enabled,
and guests can connect to your network using the SSID of this profile.
Enable SSID Broadcast. If this check box is selected, the wireless access point
broadcasts its name (SSID) to all wireless stations. Stations with no SSID can adopt the
correct SSID for connections to this access point.
Allow guest to access My Local Network. If this check box is selected, any user who
connects to this SSID has access to your local network, not just Internet access.
Enable Wireless Isolation. If this check box is selected, then wireless clients (computers
or wireless devices) that join the network can use the Internet, but cannot access each
other or access Ethernet devices on the network.
3. Give the guest network a name.
The guest network name is case-sensitive and can be up to 32 characters. You then
manually configure the wireless devices in your network to use the guest network name in
addition to the main nonguest SSID.
4. Select a security option from the list. The security options are described in Guest Network
Wireless Security Options on page 32.
5. Click Apply to save your selections.
Guest Network Wireless Security Options
A security option is the type of security protocol applied to your wireless network. The
security protocol in force encrypts data transmissions and ensures that only trusted devices
receive authorization to connect to your network.
This section presents an overview of the security options and provides guidance on when to
use which option. Note that it is also possible to set up a guest network without wireless
security. NETGEAR does not recommend this.
Wi-Fi Protected Access (WPA) encryption is built into all hardware that has the Wi-Fi-certified
seal. This seal means the product is authorized by the Wi-Fi Alliance (http://www.wi-fi.org/)
because it complies with the worldwide single standard for high-speed wireless local area
networking.
WPA-PSK uses a passphrase to perform authentication and generate the initial data
encryption keys. Then it dynamically varies the encryption key. WPA-PSK uses Temporal Key
Integrity Protocol (TKIP) data encryption, implements most of the IEEE 802.11i standard, and
is designed to work with all wireless network interface cards, but not all wireless access
points. It is superseded by WPA2-PSK.
genie Basic Settings
32
N600 Wireless Dual Band Router WNDR3400v2
WPA2-PSK is stronger than WPA. It is advertised to be theoretically indecipherable due to
the greater degree of randomness in encryption keys that it generates. WPA2-PSK gets
higher speed because it is implemented through hardware, while WPA-PSK is implemented
through software. WPA2-PSK uses a passphrase to authenticate and generate the initial data
encryption keys. Then it dynamically varies the encryption key.
WPS-PSK + WPA2-PSK Mixed Mode can provide broader support for all wireless clients.
WPA2-PSK clients get higher speed and security, and WPA-PSK clients get decent speed
and security. The product documentation for your wireless adapter and WPA client software
should have instructions about configuring their WPA settings.
genie Basic Settings
33
4. genie Advanced Home
This screen is also
displayed through
the Administration
menu.
Specifying custom settings
4
This chapter explains the features available from the genie Advanced Home screen, shown in
the following figure:
This chapter contains the following sections:
• Setup Wizard
• WPS Wizard
• Setup Menu
• WAN Setup
• LAN Setup
• Quality of Service (QoS) Setup
Some selections on the Advanced Home screen
• USB
• Security. See Chapter 6, Security.
• Adminis
• Advanc
Storage. See Chapter 5, USB Storage.
tration. See Chapter 7, Administration.
ed Setup. See Chapter 8, Advanced Settings.
34
are described in separate chapters:
N600 Wireless Dual Band Router WNDR3400v2
Setup Wizard
The NETGEAR genie installation process is launched the first time you set up the router.
After setting up the router the first time, if you want to perform this task again, you can run
Setup Wizard from the Advanced tab of the genie.
1. Select Se
2. Select either Yes or No, I want to configure the router myself. If you select No, you are
taken to the Internet Setup screen (see Internet Setup on
3. If you s
tup Wizard to display the following screen:
page 23).
elected Yes, click Next. The following screen displays:
The Setup Wizard searches your Internet connection for servers and protocols to
determine your ISP configuration. The following screen displays:
genie Advanced Home
35
N600 Wireless Dual Band Router WNDR3400v2
WPS Wizard
The WPS Wizard helps you add a WPS-capable client device (a wireless device or computer)
to your network. On the client device, you need to either press its WPS button or locate its
WPS PIN.
To use the WPS Wizard:
1. Select Advance
2. Click Next.
wireless device or computer).
You can use either the push button or PIN method.
3. Select either Push Button or PIN Number.
• T
o use the push-button method, either click the WPS button on this screen, or press
the WPS button on the top of the router. Within two minutes, go to the wireless client
and press its WPS button to join the network without entering a password.
• T
o use the PIN method, select the PIN Number radio button, enter the client security
PIN, and click Next.
d > WPS Wizard.
The following screen lets you select the method for adding the WPS client (a
genie Advanced Home
36
N600 Wireless Dual Band Router WNDR3400v2
Within two minutes, go to the client device and use its WPS software to join the
network without entering a password.
The router attempts to add the WPS-capable device. The WPS LED
the router blinks green. When the router est
green, and the router WPS screen displays a confirmation message.
4. Repe
at Step 2 and Step 3 to add another WPS client to your network.
ablishes a WPS connection, the LED is solid
on the top of
Setup Menu
Select Advanced > Setup to display the Setup menu. The following selections are available:
• Internet Setup.
from the dashboard on the Basic Home screen. See Internet Setup on p
ireless Setup. This is a shortcut to the same Wireless Setup screen that you can
• W
access from the dashboard on the Basic Home screen. See Basic Wireless Settings on
page 27.
• Guest Network. This is a shortcut to th
access from the dashboard on the Basic Home screen. See Guest Networks on p
AN Setup. Internet (WAN) setup. See WAN Setup on page 38.
• W
• LAN Setup. Lo
• QoS Setup. Qu
page 44.
This is a shortcut to the same Internet Setup screen that you can access
age 23.
e same Guest Network screen that you can
cal area network (LAN) setup. See LAN Setup on page 41.
ality of Service (QoS) setup. See Quality of Service (QoS) Setup on
age 31.
genie Advanced Home
37
N600 Wireless Dual Band Router WNDR3400v2
WAN Setup
The WAN Setup screen lets you configure a DMZ (demilitarized zone) server, change the
Maximum Transmit Unit (MTU) size, and enable the router to respond to a ping on the WAN
(Internet) port. Select Advanced > Setup > WAN Setup to view the following screen:
• Disable Port Scan and DoS Protection. DoS protection protects your LAN against
denial of service attacks such as Syn flood, Smurf Attack, Ping of Death, Teardrop Attack,
UDP Flood, ARP Attack, Spoofing ICMP, Null Scan, and many others. This should be
disabled only in special circumstances.
• Defau
games or videoconferencing. Be careful when using this feature because it makes the
firewall security less effective. See the following section, Default DMZ Server, for more
details.
• Resp
Internet, select this check box. Use this only as a diagnostic tool because it allows your
router to be discovered. Do not select this check box unless you have a specific reason.
• Disab
(LAN) to receive the multicast traffic it is interested in from the Internet. If you do not need
this feature, you can select this check box to disable it.
• MTU Size (in bytes
networks is 1500 bytes, or 1492 bytes for PPPoE connections. For some ISPs, you might
need to reduce the MTU. This is rarely required, and should not be done unless you are
sure that it is necessary for your ISP connection. See Change the MTU Size on p
• NA
inbound traffic. Secured NAT provides a secured firewall to protect the computers on the
LAN from attacks from the Internet, but might prevent some Internet games, point-to-point
applications, or multimedia applications from functioning. Open NAT provides a much
less secured firewall, but allows almost all Internet applications to function.
lt DMZ Server. This feature is sometimes helpful when you are playing online
ond to Ping on Internet Port. If you want the router to respond to a ping from the
le IGMP Proxying. IGMP proxying allows a computer on the local area network
). The normal MTU (Maximum Transmit Unit) value for most Ethernet
age 39.
T Filtering. Network Address Translation (NAT) determines how the router processes
genie Advanced Home
38
N600 Wireless Dual Band Router WNDR3400v2
WARNING!
Default DMZ Server
The default DMZ server feature is helpful when you are using some online games and
videoconferencing applications that are incompatible with Network Address Translation
(NAT). The router is programmed to recognize some of these applications and to work
correctly with them, but there are other applications that might not function well. In some
cases, one local computer can run the application correctly if that computer’s IP address is
entered as the default DMZ server.
DMZ servers pose a security risk. A computer designated as the
default DMZ server loses much of the protection of the firewall
and is exposed to exploits from the Internet. If compromised, the
DMZ server computer can be used to attack other computers on
your network.
Incoming traffic from the Internet is usually discarded by the router unless the traffic is a
response to one of your local computers or a service that you have configured in the Port
Forwarding/Port Triggering screen. Instead of discarding this traffic, you can forward it to one
computer on your network. This computer is called the default DMZ server.
To set up a default DMZ server:
1. On the WAN Setup screen, select the Default DMZ Server check box.
2. Type the IP address.
3. Click Apply.
Change the MTU Size
The Maximum Transmission Unit (MTU) is the largest data packet a network device
transmits. When one network device communicates across the Internet with another, the data
packets travel through many devices along the way. If any device in the data path has a lower
MTU setting than the other devices, the data packets have to be split or “fragmented” to
accommodate the device with the smallest MTU.
The best MTU setting for NETGEAR equipment is often just the default value, and changing
the value might fix one problem but cause another. Leave the MTU unchanged unless one of
these situations occurs:
• You have problems connecting to your ISP or other Internet service, and the technical
support of either the ISP or NETGEAR recommends changing the MTU setting. These
web-based applications might require an MTU change:
- A secure website that will not open, or displays only part of a web page
- Yahoo email
- MSN portal
- America Online’s DSL service
genie Advanced Home
39
N600 Wireless Dual Band Router WNDR3400v2
• You use VPN and have severe performance problems.
• Y
ou used a program to optimize MTU for performance reasons, and now you have
connectivity or performance problems.
Note: An incorrect MTU setting can cause Internet communication
problems such as the inability to access certain websites, frames
within websites, secure login pages, or FTP or POP servers.
If you suspect an MTU problem, a common solution is to change the MTU to 1400. If you are
willing to experiment, you can gradually reduce the MTU from the maximum value of 1500
until the problem goes away. The following table describes common MTU sizes and
applications.
Table 2. Common MTU sizes
MTU Application
1500 The largest Ethernet packet size and the default value. This is the typical setting for
non-PPPoE, non-VPN connections, and is the default value for NETGEAR routers,
adapters, and switches.
1492 Used in PPPoE environments.
1472 Maximum size to use for pinging. (Larger packets are fragmented.)
1468 Used in some DHCP environments.
1460 Usable by AOL if you do not have large emai
1436 Used in PPTP environments or with VPN.
1400 Maximum size for AOL DSL.
576 Typical value to connect to dial up ISPs.
To change the MTU size:
1. Select Advance
the MTU Size field, enter a new size between 64 and 1500.
2. In
3. Click Apply to save
d > Setup > WAN Setup.
the settings.
l attachments, for example.
genie Advanced Home
40
N600 Wireless Dual Band Router WNDR3400v2
LAN Setup
The LAN Setup screen allows configuration of LAN IP services such as Dynamic Host
Configuration Protocol (DHCP) and Routing Information Protocol (RIP).
The router is shipped preconfigured to use private IP addresses on the LAN side and to act
as a DHCP server
. The router’s default LAN IP configuration is:
• LAN IP addre
• Subnet
These addresses are part of the designated priva
and should be suitable for most applications. If your network has a requirement to use a
different IP addressing scheme, you can make those changes in the LAN Setup screen.
To change the LAN settings:
1. Select Advanced > Setup > LAN Setup to display the following screen:
mask: 255.255.255.0
Note: If you change the LAN IP address of the router while connected
ss: 192.168.1.1
te address range for use in private networks
through the browser, you will be disconnected. You have to open a
new connection to the new IP address and log in again.
2. Enter the settings that you want to customize. These settings are described in the following
section, LAN Setup Screen Settings.
3. Click App
ly to save your changes.
genie Advanced Home
41
N600 Wireless Dual Band Router WNDR3400v2
LAN Setup Screen Settings
LAN TCP/IP Setup
• IP Address. The LAN IP address of the router.
• IP Subnet Mask. The LAN subnet mask of the router. Combined with the IP address, the
IP subnet mask allows a device to know which other addresses are local to it, and which
have to be reached through a gateway or router.
• RIP Direction. Router Information Protocol (RIP) allows a router to exchange routing
information with other routers. This setting controls how the router sends and receives
RIP packets. Both is the default setting. With the Both or Out Only setting, the router
broadcasts its routing table periodically. With the Both or In Only setting, the router
incorporates the RIP information that it receives.
• RIP Version. This controls the format and the broadcasting method of the RIP packets
that the router sends. It recognizes both formats when receiving. By default, the RIP
function is disabled.
RIP-1 is universally supported. It is adequate for most networks, unless you have an
unusual network setup.
RIP-2 carries more information. Both RIP-2B and RIP-2M send the routing data in RIP-2
format. RIP-2B uses subnet broadcasting. RIP-2M uses multicasting.
Use Router as a DHCP Server
This check box is usually selected so that the router functions as a Dynamic Host
Configuration Protocol (DHCP) server.
• Starting IP Address. Specify the start of the range for the pool of IP addresses in the
same subnet as the router.
• Ending IP Address. Specify the end of the range for the pool of IP addresses in the
same subnet as the router.
Address Reservation
When you specify a reserved IP address for a computer on the LAN, that computer receives
the same IP address each time it accesses the router’s DHCP server. Assign reserved IP
addresses to servers that require permanent IP settings.
Use the Router as a DHCP Server
By default, the router functions as a DHCP server, allowing it to assign IP, DNS server, and
default gateway addresses to all computers connected to the router’s LAN. The assigned
default gateway address is the LAN address of the router. The router assigns IP addresses to
the attached computers from a pool of addresses specified in this screen. Each pool address
is tested before it is assigned to avoid duplicate addresses on the LAN. For most
applications, the default DHCP and TCP/IP settings of the router are satisfactory.
genie Advanced Home
42
N600 Wireless Dual Band Router WNDR3400v2
You can specify the pool of IP addresses to be assigned by setting the starting IP address
and ending IP address. These addresses should be part of the same IP address subnet as
the router’s LAN IP address. Using the default addressing scheme, you should define a
range between 192.168.1.2 and 192.168.1.254, although you might want to save part of the
range for devices with fixed addresses.
The router delivers the following parameters to any LAN device that requests DHCP:
• An IP address from the range you defined
• Subnet mask
• Gateway IP address (the router’s LAN IP address)
• Primary DNS server (if you entered a primary DNS address in the Internet Setup screen;
otherwise, the router’s LAN IP address)
• Secondary DNS server (if you entered a secondary DNS address in the Internet Setup
screen)
To use another device on your network as the DHCP server, or to manually configure the
network settings of all of your computers, clear the Use Router as DHCP Server check box
and click Apply. Otherwise, leave this check box selected. If this service is not enabled and
no other DHCP server is available on your network, you need to set your computers’ IP
addresses manually or they will not be able to access the router.
Address Reservation
When you specify a reserved IP address for a computer on the LAN, that computer always
receives the same IP address each time it accesses the router’s DHCP server. Reserved IP
addresses should be assigned to computers or servers that require permanent IP settings.
To reserve an IP address:
1. In the Address Reservation section of the screen, click the Add button.
2. In the IP Address field, type the IP address to assign to the computer or server. (Choose an
IP address from the router’s LAN subnet, such as 192.168.1.x.)
3. Type the MAC address of the computer or server.
Tip: If the computer is already on your network, you can copy its MAC
address from the Attached Devices screen and paste it here.
4. Click Apply to enter the reserved address into the table.
The reserved address is not assigned until the next time the computer contacts the
router’s DHCP server. Reboot the computer or access its IP configuration and force a
DHCP release and renew.
To edit or delete a reserved address entry, select the radio button next to the reserved
address you want to edit or delete. Then click Edit or Delete.
genie Advanced Home
43
N600 Wireless Dual Band Router WNDR3400v2
Quality of Service (QoS) Setup
QoS is an advanced feature that can be used to prioritize some types of traffic ahead of
others. The N600 Wireless Dual Band Router can provide QoS prioritization over the wireless
link and on the Internet connection. To configure QoS, use the QoS Setup screen.
Select Advanc
ed > Setup > QoS Setup to display the following screen:
Enable WMM QoS for Wireless Multimedia Applications
The N600 Wireless Dual Band Router supports Wi-Fi Multimedia Quality of Service (WMM
QoS) to prioritize wireless voice and video traffic over the wireless link. WMM QoS provides
prioritization of wireless data packets from different applications based on four access
categories: voice, video, best effort, and background. For an application to receive the
benefits of WMM QoS, both the application and the client running that application must have
WMM enabled. Legacy applications that do not support WMM and applications that do not
require QoS are assigned to the best effort category, which receives a lower priority than
voice and video.
WMM QoS is enabled by default. You can disable it in the QoS Setup screen by clearing the
Enable WMM chec
k box and clicking Apply.
Set Up QoS for Internet Access
You can give prioritized Internet access to the following types of traffic:
pecific applications
• S
pecific online games
• S
• In
dividual Ethernet LAN ports of the router
• A specific device
by MAC address
genie Advanced Home
44
N600 Wireless Dual Band Router WNDR3400v2
To specify prioritization of traffic, you have to create a policy for the type of traffic and add the
policy to the QoS Policy table in the QoS Setup screen. For convenience, the QoS Policy
table lists many common applications and online games that can benefit from QoS handling.
QoS for Applications and Online Gaming
To create a QoS policy for applications and online games:
n the QoS Setup screen, select the Turn Internet Access QoS On checkbox.
1. I
2. Click the Set
edit or delete a rule by selecting its radio button and clicking either the Edit or Delete button.
To delete all of the rules, click the Delete All button.
up QoS rule button to see the existing priority rules. On this screen, you can
3. To add a priority rule, scroll down to the bottom of the QoS Setup screen and click Add
Priority Rule to display the following screen:
4. In the QoS Policy for field, type the name of the application or game.
genie Advanced Home
45
N600 Wireless Dual Band Router WNDR3400v2
5. In the Priority Category list, select either Applications or Online Gaming. In either case, a
list of applications or games displays in the list.
6. Y
ou can select an existing item from the list, or you can scroll and select Add a New
Application or Add a New Game, as applicable.
a. If you add
a new entry, the Priority Rules screen expands as shown:
b. In the QoS Policy for field, enter a descriptive name for the new application or game.
c. In th
e Connection Type list, select either TCP, UDP, or both (TCP/UDP), and specify
the port number or range of port numbers used by the application or game.
7. From
the Priority list, select the priority that this traffic should receive relative to other
applications and traffic when accessing the Internet. The options are Low, Normal, High, and
Highest.
8. Click Apply
to save this rule to the QoS Policy list and return to the QoS Setup screen.
QoS for a Router LAN Port
To create a QoS policy for a device connected to one of the router’s LAN ports:
1. Select Advance
Turn Internet Access QoS On check box.
2. Click the Setup QoS
3. Click the Add Prio
d > Setup > QoS Setup to display the QoS Setup screen. Select the
Rule button.
rity Rule button.
genie Advanced Home
46
N600 Wireless Dual Band Router WNDR3400v2
4. From the Priority Category list, select Ethernet LAN Port, as shown in the following figure:
5. From the LAN port list, select the LAN port that will have a QoS policy.
6. From the Priority list, select the
priority that this port’s traffic should receive relative to other
applications and traffic when accessing the Internet. The options are Low, Normal, High, and
Highest.
7. Click App
8. In the QoS Se
ly to save this rule to the QoS Policy list and return to the QoS Setup screen.
tup screen, click Apply.
QoS for a MAC Address
To create a QoS policy for traffic from a specific MAC address:
1. Select Adv
QoS Setup screen displays.
2. Click Add
3. From the Priority Category
anced > Setup > QoS Setup, and click the Setup QoS Rule button. The
Priority Rule.
list, select MAC Address to display the following screen:
genie Advanced Home
47
N600 Wireless Dual Band Router WNDR3400v2
4. If the device to be prioritized appears in the MAC Device List, select its radio button. The
information from the MAC Device List populates the policy name, MAC Address, and Device
Name fields. If the device does not appear in the MAC Device List, click Refresh. If it still
does not appear, you have to complete these fields manually.
5. From the Priority list, select the priority that this device’s traffic should receive relative to
other applications and traffic when accessing the Internet. The options are Low, Normal,
High, and Highest. Click Add to add this rule to MAC Device List.
6. Click Apply to save this rule to the QoS Policy list and return to the QoS Setup screen.
7. In the QoS Setup screen, select the Turn Internet Access QoS On check box.
8. Click Apply.
Editing or Deleting an Existing QoS Policy
To edit or delete a QoS policy:
1. Select Advanced > QoS Setup to display the QoS Setup screen.
2. Select the radio button next to the QoS policy to be edited or deleted, and do one of the
following:
• Click Delete to remove the QoS policy.
• Click Edit to edit the QoS policy. Follow the instructions in the preceding sections to
change the policy settings.
3. Click Apply in the QoS Setup screen to save your changes.
genie Advanced Home
48
5. USB Storage
Accessing and configuring a USB storage drive
5
This chapter describes how to access and configure a USB storage drive attached to your router.
The USB port on the router can be used only to connect USB storage devices like flash drives or
hard drives. Do not connect computers, USB modems, printers, CD drives, or DVD drives to the
router USB port.
This chapter contains the following sections:
• USB Drive Requirements
• ReadySHARE Access
• File-Sharing Scenarios
• Basic Settings
• USB Storage Advanced Settings
• Safely Remove a USB Drive
• Specify Approved USB Devices
• Connect to the USB Drive from a Remote Computer
49
N600 Wireless Dual Band Router WNDR3400v2
USB Drive Requirements
The router works with 1.0 and 1.1 (USB Full Speed) and 2.0 (USB High Speed) standards.
The approximate USB bus speeds are shown in the following table. Actual bus speeds can
vary, depending on the CPU speed, memory, speed of the network, and other variables.
Table 3. USB Drive Speeds
Bus Speed/Sec
USB 1.1 12 Mbits
USB 2.0 480 Mbits
The router should work with most USB-compliant external flash and hard drives. For the most
up-to-date list of USB drives supported by the router, go to:
http://kbserver.netgear.com/readyshare
The router supports both read and write for FAT16, FAT32, NTFS, and Linux file systems
(EXT2 and
EXT3).
Note: Some USB external hard drives and flash drives require drivers to
be loaded in to the Windows computer before the Windows
computer can access the USB device. Such USB devices do not
work with the router.
ReadySHARE Access
Once you have set up your router, you can connect any USB storage device and share the
contents with other users on your network.
You can access your USB device in any of the following ways:
• On Windo
Run, and enter \\readyshare in the dialog box. Click OK.
• On Win
Explorer, or Safari, and enter \\readyshare in the address bar.
• On Mac OS X (version
• In
My Network Places, enter \\readyshare in the address bar.
ws 7, Windows XP, Windows Vista, and Windows 2000 systems, select Start >
dows 7, Windows XP, Windows Vista, and Windows 2000 systems, open Internet
10.2 or later), enter smb://readyshare in the address bar.
USB Storage
50
N600 Wireless Dual Band Router WNDR3400v2
File-Sharing Scenarios
You can share files on the USB drive for a wide variety of business and recreational
purposes. The files can be any Windows computer, Mac, or Linux file type including text files,
Word, PowerPoint, Excel, MP3, pictures, and multimedia. USB drive applications include:
• Sharing multimedia, such as MP3 files, pictures, and so on, with friends and family who
are local or remote.
• Sharing resources on your network. You might want to store files in a central location so
that you do not need to power up a computer to perform local sharing. In addition, you
can share files between Macintosh, Linux, and Windows computers by using the USB
drive as a go-between across the systems.
• Sharing files such as Word documents, PowerPoint presentations, and text files with
remote users.
A few common uses are described in the following sections.
Sharing Photos
You can create your own central storage location for photos and multimedia. This eliminates
the need to log in to (and pay for) an external photo sharing site.
To share files with your friends and family:
1. Insert your USB drive into the USB port on the router either directly or with a USB cable.
Computers on your local area network (LAN) can automatically access this USB drive
using a web browser or Microsoft Networking.
2. If you want to specify read-only access or to allow access from the Internet, see USB
Storage Advanced Settings on page 54.
Storing Files in a Central Location for Printing
This scenario is for a family that has one high-quality color printer directly attached to a
computer, but not shared on the local area network (LAN). This family does not have a print
server.
• One family member has photos on a Macintosh computer that they want to print.
• The photo-capable color printer is directly attached to a Windows computer, but not
shared on the network.
• The Mac and Windows computer are not visible to each other on the network.
To print photos from a Mac on the printer attached to a Windows computer:
1. On the Mac, access the USB drive by typing \\readyshare in the address field of a web
browser. Then copy the photos to the USB drive.
2. On the Windows computer, use a web browser or Microsoft Networking to copy the files
from the USB drive to the Windows computer. Then print the files.
USB Storage
51
N600 Wireless Dual Band Router WNDR3400v2
Sharing Large Files over the Internet
Sending files that are larger than 5 MB can pose a problem for many email systems. The
router allows you to share large files such as PowerPoint presentations or .zip files over the
Internet. FTP can be used to easily download shared files from the router.
Sharing files with a remote colleague involves
• The
• On the
• Be sure to
re are two user accounts: admin and guest. The password for admin is the same one
that you use to access the router. By default, it is password. The guest user account has
no password.
FTP site, the person receiving the files should use the guest user account and
enter any password (FTP requires that you type something in the password field).
select the FTP (via Internet) check box in the USB Storage (Advanced
Settings) screen. This option supports both downloading and uploading of files.
Note: You can enable the HTTP (via Internet) option on the USB Storage
(Advanced Settings) screen to share large files. This option supports
downloading files only.
the following considerations:
Basic Settings
You can view or edit basic settings for the USB storage device attached to your router.
You can access this feature through Ba
Storage > ReadySHARE.
sic > ReadySHARE, or through Advanced > USB
The USB Storage (Basic Settings) screen displays:
USB Storage
52
N600 Wireless Dual Band Router WNDR3400v2
By default, the USB storage device is available to all computers on your local area network
(LAN).
To access your USB device:
1. Click the ne
twork device name or the share name in your computer’s network folders
list.
2. For SMB://readyshare, click Connect.
Note: If you logged in to the router before you connected your USB
device, you might not see your USB device in the router screens
until you log out and then log back in again.
Add or Edit a Network Folder
1. You can access this feature by selecting Basic > ReadyShare > Edit, or Advanced >
USB Storage > Advanced Settings.
2. Specify the changes that you want to make:
USB Storage
53
N600 Wireless Dual Band Router WNDR3400v2
• To add a folder, click Create Network Folder.
• To edit a folder, select its radio button, and click Edit.
3. Y
ou can use this screen to select a folder, to change the share name, or to change the read
access or write access from All
– no password to admin.
The user name (account name) for All – no p
the same one that is used to log in to the router. By default, it is password.
4. Click Apply
for your changes to take effect.
assword is guest. The password for admin is
USB Storage Advanced Settings
You can set up the device name, workgroups, and network folders for your USB device. On
the Advanced tab, select USB Storage > Advanced Settings to display the following
screen:
You can use this screen to specify access to the USB storage device.
USB Storage
54
N600 Wireless Dual Band Router WNDR3400v2
• Network Device Name. The default is readyshare. This is the name used to access the
USB device connected to the router.
• Wo
rkgroup. If you are using a Windows workgroup rather than a domain, the workgroup
name is displayed here. The name works only in an operating system that supports
NetBIOS, such as Microsoft Windows.
• Access
Method. The access methods are described here.
Network Connection.
Enabled by default, this connection allows all users on the LAN to
have access to the USB drive.
HTTP. Enab
led by default. You can type http://readyshare.routerlogin.net/shares to
access the USB drive.
HTTP (via Internet). Disa
bled by default. If you enable this setting, remote users can
type http://<public IP address>/shares (for example, http://1.1.10.102/shares) or a
URL domain name to access the USB drive over the Internet. This setting supports file
uploading only.
FTP. Disabled by defa
FTP (via Internet). Disabled
ult.
by default. If you enable this setting, remote users can
access the USB drive through FTP over the Internet. This setting supports both
downloading and uploading of files.
Available Network Folders
You might need to scroll down to view this section of the screen:
• Share Name. If only 1 device is connected, the default share name is USB_Storage. You
can click the name shown, or you can type it in the address field of your web browser. If
Not Shared is shown, the default share has been deleted, and no other share for the root
folder exists. Click the link to change this setting.
USB Storage
55
N600 Wireless Dual Band Router WNDR3400v2
• Read/Write Access. Shows the permissions and access controls on the network folder:
All - no password (the default) allows all users to access the network folder. The
password for admin is the same one that you use to log in to the router.
• Fol
• V
• T
der Name. Full path used by the network folder.
olume Name. Volume name from the storage device (either USB drive or HDD).
otal/Free Space. Shows the current utilization of the storage device.
Safely Remove a USB Drive
To safely remove a USB disk drive so that no users can access it, select USB Storage >
Basic Settings, and click the Safely Remove USB Device button. This takes the drive
offline.
Specify Approved USB Devices
For more security, you can set up the router to share approved USB devices only. You can
access this feature from the Advanced Setup menu on the Advanced tab.
To set up approved USB devices:
1. Select Advance
d > Advanced Setup > USB Settings. The following screen displays:
USB Storage
56
N600 Wireless Dual Band Router WNDR3400v2
2. Click the Approved Devices button. The USB Drive Approved Devices screen displays:
This screen shows the approved USB devices and the available USB devices. You can
remove or add approved USB devices.
3. T
o add an approved USB device, select it from the Available USB Devices list and click
Add.
4. Select th
5. Click App
If you want to work with another USB device, you have to click the Safely Remove US
Device button for the currently connected USB device. Connect the other USB device and
repeat this process.
e Allow only approved devices check box.
ly so that your change takes effect.
Connect to the USB Drive from a Remote Computer
To connect to the USB drive from remote computers with a web browser, you have to use the
router’s Internet port IP address. If you are using Dynamic DNS, you can type the DNS name
rather than the IP address. You can view the router’s Internet IP address from the dashboard
on the Basic Home screen or the Advanced Home screen.
Access the Router’s USB Drive Remotely Using FTP
To connect to the router’s USB drive using a web browser:
B
1. Con
nect to the router by typing ftp:// and the Internet port IP address in the address
field of Internet Explorer or Netscape Navigator, for example:
ftp://10.1.65.4
If you are using Dynamic DNS, you can type the
USB Storage
57
DNS name rather than the IP address.
N600 Wireless Dual Band Router WNDR3400v2
2. Type the account name and password that has access rights to the USB drive. The user
name (account name) for All – no password is guest.
3. The directories of the USB drive that your account has access to are displayed, for example,
share/partition1/directory1. You can now read and copy files from the USB directory.
USB Storage
58
6. Security
Keeping unwanted content out of your network
6
This chapter explains how to use the basic firewall features of the router to prevent objectionable
content from reaching the PCs and other devices connected to your network.
This chapter includes the following sections:
• Keyword Blocking of HTTP Traffic
• Block Services (Port Filtering)
• Schedule Blocking
• Security Event Email Notifications
59
N600 Wireless Dual Band Router WNDR3400v2
Keyword Blocking of HTTP Traffic
Use keyword blocking to prevent certain types of HTTP traffic from accessing your network.
The blocking can be always or according to a schedule.
1. Select Advance
2. Select one of the keyword blocking options:
• Per Schedu
ways. Turn on keyword blocking all the time, independent of the Schedule screen.
• Al
3. In
the Keyword field, enter a keyword or domain, click Add Keyword, and click Apply.
d > Security > Block Sites to display the following screen:
le. Turn on keyword blocking according to the Schedule screen settings.
The Keyword list supports up to 32 entries. Here are some sample entries:
pecify XXX to block http://www.badstuff.com/xxx.html.
• S
• S
pecify .com if you want to allow only sites with domain suffixes such as .edu or .gov.
• Ente
To delete a keyword or domain:
1. Select the keyword
2. Click Delete Keyword and Ap
To specify a trusted computer:
You can exempt one trusted computer from blocking and logging. The computer yo
must have a fixed IP address.
1. In the T
2. Click Apply
r a period (.) to block all Internet browsing access.
you want to delete from the list.
ply to save your changes.
rusted IP Address field, enter the IP address.
to save your changes.
Security
u exempt
60
N600 Wireless Dual Band Router WNDR3400v2
Block Services (Port Filtering)
Services are functions performed by server computers at the request of client computers. For
example, web servers serve web pages, time servers serve time and date information, and
game hosts serve data about other players’ moves. When a computer on the Internet sends
a request for service to a server computer, the requested service is identified by a service or
port number. This number appears as the destination port number in the transmitted IP
packets. For example, a packet that is sent with the destination port number 80 is an HTTP
(web server) request.
The service numbers for many common protocols are
Task Force (IETF at http://www.ietf.org/) and published in RFC1700, “Assigned Numbers.”
Service numbers for other applications are typically
the authors of the application. Although the router already holds a list of many service port
numbers, you are not limited to these choices. You can often determine port number
information by contacting the publisher of the application, by asking user groups or
newsgroups, or by searching.
The Block Services screen lets you add and block specific Interne
your network. This is called service blocking or port filtering. To add a service for blocking,
first determine which port number or range of numbers use the application.
To block services:
1. Select
Advanced > Security > Block Services to display the following screen:
defined by the Internet Engineering
chosen from the range 1024 to 65535 by
t services by computers on
2. Select either Per Schedule or Always to enable service blocking, and click Apply. If you
selected Per Schedule, specify a time period in the Schedule screen as described in
Schedule Blocking on p
age 62.
Security
61
N600 Wireless Dual Band Router WNDR3400v2
3. Click Add to add a service. The Block Services Setup screen displays:
4. From the Service Type list, select the application or service to allow or block. The list already
displays several common services, but you are not limited to these choices. To add
additional services or applications that do not already appear, select User Defined.
5. If
you know that the application uses either TCP or UDP, select the appropriate protocol. If
you are not sure, select Both.
6. Enter th
enter that number in both fields.
7. Sele
addresses. You can block the specified service for a single computer, a range of computers
with consecutive IP addresses, or all computers on your network.
8. Click Add to enable
e starting and ending port numbers. If the application uses a single port number,
ct the radio button for the IP address configuration you want to block and enter the IP
your Block Services Setup selections.
Schedule Blocking
You can specify the days and time that you want to block Internet access.
Security
62
N600 Wireless Dual Band Router WNDR3400v2
To schedule blocking:
1. Select Advanced > Security > Schedule to display the following screen:
2. Set up the schedule for blocking keywords and services.
• Days to
appropriate check boxes, or select Every Day to select the check boxes for all days.
• T
ime of Day to Block. Select a start and end time in 24-hour format, or select All
Day for 24-hour blocking.
3. Select your
Automatically adjust for daylight savings time check box.
4. Click App
Block. Select days on which you want to apply blocking by selecting the
time zone from the list. If you use daylight savings time, select the
ly to save your settings.
Security Event Email Notifications
To receive logs and alerts by email, provide your email information in the Email screen and
specify which alerts you want to receive and how often.
Security
63
N600 Wireless Dual Band Router WNDR3400v2
To set up email notifications:
1. Select Advanced > Security > Email to display the following screen:
2. To receive email logs and alerts from the router, select the Turn Email Notification On
check box.
the Your Outgoing Mail Server field, enter the name of your ISP’s outgoing (SMTP) mail
3. In
server (such as mail.myISP.com). You might be able to find this information in the
configuration screen of your email program. If you leave this field blank, log and alert
messages are not sent by email.
4. Enter
the email address to which logs and alerts are sent in the Send to This Email Address
field. This email address is also used for the From address. If you leave this field blank, log
and alert messages are not sent by email.
5. If
your outgoing email server requires authentication, select the My Mail Server requires
authentication check box. Fill in the User Name and Password fields for the outgoing email
server.
You can have email alerts sent immediately when someone attempts to visit a blocked site
6.
and you can specify that logs are sent automatically.
If you select the Weekly, Daily, or Hourly option and the log fills up before the specified
period, the
log is automatically emailed to the specified email address. After the log is
sent, the log is cleared from the router’s memory. If the router cannot email the log file, the
log buffer might fill up. In this case, the router overwrites the log and discards its contents.
7. Click Apply to save
your settings.
Security
64
7. Administration
Managing your network
7
This chapter describes the router settings for administering and maintaining your router and
home network. See
checking the status of your router over the Internet. See Traffic Meter on page 98 for information
about monitoring the volume of Internet traffic passing through your router’s Internet port.
This chapter includes the following sections:
• Upgrade the Router Firmware
• View Router Status
• View Logs of Web Access or Attempted Web Access
• Manage the Configuration File
• Set Password
Remote Management on page 95 for information about upgrading or
65
N600 Wireless Dual Band Router WNDR3400v2
Click
Check
WARNING!
Upgrade the Router Firmware
The router firmware (routing software) is stored in flash memory. You can update the firmware
from the Administration menu on the Advanced tab. You might see a message at the top of
the genie screens when new firmware is available for your product.
You can use the Check button on the Router Update screen to check and update to the latest
firmware for your p
To check for new firmware and update your router:
roduct.
1. Select Advance
d > Administration > Router Update to display the following screen:
2. Click Check.
The router finds new firmware if available.
3. Click Ye
s to update and locate the firmware you downloaded (the file ends in .img).
When the upload is complete, your router restarts. The upgrade process typically takes
about 1 minute. Read the new firmware release notes to determine whether you need to
reconfigure the router after upgrading.
When uploading firmware to the router, do not interrupt the web
browser by closing the window, clicking a link, or loading a new
page. If the browser is interrupted, the firmware might be
corrupted.
Administration
66
N600 Wireless Dual Band Router WNDR3400v2
View Router Status
To view router status and usage information, select Advanced Home, or select
Administration > Router Status to display the following screen:
Router Information
Hardware Version. The router model.
Firmware Version. The
firmware.
GUI Language Version. The loca
LAN Port.
• MAC Address.
by the Ethernet (LAN) port of the router.
• IP Address. The IP address used
192.168.1.1.
• DH
CP Server. Identifies whether the router’s built-in DHCP server is active for the
LAN-attached devices.
version of the router firmware. It changes if you upgrade the router
lized language of the user interface.
The Media Access Control address is the unique physical address used
by the Ethernet (LAN) port of the router. The default is
Internet Provider (WAN) Setup
MAC Address. The Media Access Control address is the unique physical address used by
the Internet (WAN) port of the router.
IP Address. The
shown or the address is 0.0.0, the router cannot connect to the Internet.
IP address used by the Internet (WAN) port of the router. If no address is
Administration
67
N600 Wireless Dual Band Router WNDR3400v2
Connection. This shows if the router is using a fixed IP address on the WAN. If the value is
DHCP Client, the router obtains an IP address dynamically from the ISP.
IP Subnet Mask.
Domain Name Server. The
The IP subnet mask used by the Internet (WAN) port of the router.
Domain Name Server addresses used by the router. A Domain
Name Server translates human-language URLs such as www.netgear.com into IP
addresses.
Statistics Button
On the Router Status screen, in the Internet Provider (WAN) Setup pane, click the Statistics
button to display the following screen:
Figure 2. System up time and poll interval statistics
System Up Time. The time elapsed since the router was last restarted.
Port. The st
atistics for the WAN (Internet) and LAN (Ethernet) ports. For each port, the
screen displays:
atus. The link status of the port.
• St
• Tx
• RxPkt
• Collis
• Tx B/s.
• Rx B/s.
• Up T
• Poll I
Pkts. The number of packets transmitted on this port since reset or manual clear.
s. The number of packets received on this port since reset or manual clear.
ions. The number of collisions on this port since reset or manual clear.
The current transmission (outbound) bandwidth used on the WAN and LAN ports.
The current reception (inbound) bandwidth used on the WAN and LAN ports.
ime. The time elapsed since this port acquired the link.
nterval. The interval at which the statistics are updated in this screen.
To change the polling frequency, enter a time in seconds in the Poll Interval field and click Set
Interval.
To stop the polling entirely, click St
op.
Administration
68
N600 Wireless Dual Band Router WNDR3400v2
Connection Status Button
On the Router Status screen in the Internet Connection pane, click the Connection Status
button to view connection status information.
Figure 3. View connection status information
The Release button returns the status of all items to 0. The Renew button refreshes the
items. The Close Window button closes the Connection Status screen.
IP Address. The
Subnet Mask. Th
Default Gateway.
DHCP Server. The
IP address assigned to the router.
e subnet mask assigned to the router.
The IP address for the default gateway that the router communicates with.
IP address for the Dynamic Host Configuration Protocol server that
provides the TCP/IP configuration for all the computers that are connected to the router.
DNS Server.
The IP address of the Domain Name Service server that provides translation of
network names to IP addresses.
Lease Obtained. The
Lease Expires. The
date and time when the lease was obtained.
date and time that the lease expires.
Administration
69
N600 Wireless Dual Band Router WNDR3400v2
Wireless Settings (2.4 GHz and 5 GHz)
The following settings are displayed:
Name (SSID). The
the 5 GHz ends in -5G to distinguish it from the 2.4 GHz network.
Region. T
wireless features of the router in some parts of the world.
Channel.
channel is Auto. When Auto is selected, the router finds the best operating channel available.
If you notice interference from nearby devices, you can select a different channel. Channels
1, 6, and 11 donot interfere with each other.
Mode. Indicate
(default), and Up to 300 Mbps.
Wireless AP. Ind
enabled, the Wireless LED on the front panel is off.
Broadcast Name. Ind
Wireless Isolation. Select
the router.
Wi-Fi Protected Setup. Ind
network.
he geographic region where the router is being used. It might be illegal to use the
Identifies the operating channel of the wireless port being used. The default
wireless network name (SSID) used by the router. The default names for
s the wireless communication mode: Up to 54 Mbps, Up to 130 Mbps
icates whether the radio feature of the router is enabled. If this feature is not
icates whether the router is broadcasting its SSID.
this check box only if you want to prevent wireless connections to
icates whether Wi-Fi Protected Setup is configured for this
Administration
70
N600 Wireless Dual Band Router WNDR3400v2
Guest Network (2.4 GHz and 5 GHz)
Name (SSID). The 11N wireless network name (SSID) used by the router. The default names
are NETGEAR-Guest and NETGEAR-5G-Guest.
Wireless AP. Indicate
enabled, the Wireless LEDs on the front panel are off.
Broadcast Name. Indicates whethe
Wireless Isolation. Select this
the router.
Allow guest to access My Local Network.
can access local networks associated with the router.
s whether the radio feature of the router is enabled. If this feature is not
r the router is broadcasting its SSID.
check box only if you want to prevent wireless connections to
If selected, any user who connects to this SSID
View Logs of Web Access or Attempted Web Access
g The log is a detailed record of the websites you accessed or attempted to access. Up to
256 entries are stored in the log. Log entries appear only when keyword blocking is enabled
a
nd no log entries are made for the trusted user.
Administration
71
N600 Wireless Dual Band Router WNDR3400v2
Select Advanced > Administration > Logs. The Logs screen displays.
The log screen shows the following information:
• Date and
• Source IP. Th
• T
arget address. The name or IP address of the website or news group visited or to which
access was attempted.
• Action. Wheth
To refresh the log screen, click the Re
To clear the log entries, click the Cle
To email the log immediately, click the Send
time. The date and time the log entry was recorded.
e IP address of the initiating device for this log entry.
er the access was blocked or allowed.
fresh button.
ar Log button.
Log button.
Manage the Configuration File
The configuration settings of the N600 Wireless Dual Band Router are stored within the
router in a configuration file. You can back up (save) this file to your computer, restore it, or
reset it to the factory default settings.
Administration
72
N600 Wireless Dual Band Router WNDR3400v2
WARNING!
Backup Settings
To back up the router’s configuration settings:
1. Select Adv
2. Click Back Up to save a copy of the current settings.
3. Choo
anced > Administration > BackUp Settings to display the following screen:
se a location to store the .cfg file that is on a computer on your network.
Restore Configuration Settings
To restore configuration settings that you backed up:
1. Ent
2. When you
Upon completion, the router reboots.
er the full path to the file on your network or click the Browse button to find the file.
have located the .cfg file, click the Restore button to upload the file to the router.
Do not interrupt the reboot process.
Erase
Under some circumstances (for example, if you move the router to a different network or if
you have forgotten the password), you might want to erase the configuration and restore the
factory default settings.
You can either use the Restore Factory Settings button on the back of the router (see Factory
Settings on p
Erase sets the user name to admin, the password to password, and the LAN IP address to
192.168.1.1, and enables the router’
age 110), or you can click the Erase button in this screen.
s DHCP.
Administration
73
N600 Wireless Dual Band Router WNDR3400v2
Set Password
This feature allows you to change the default password that is used to log in to the router with
the user name admin.
This is not the same as changing the password for wireless access. The label on the bottom
of your rou
access (see Label on
To set the password for the user name admin:
ter shows your unique wireless network name (SSID) and password for wireless
page 14).
1. Select Advance
2. Type the old password and type the new password twice in the fields on this screen.
3. If
you want to be able to recover the password, select the Enable Password Recovery
check box.
4. Click Apply
d > Administration > Set Password to display the following screen:
so that your changes take effect.
Password Recovery
NETGEAR recommends that you enable password recovery if you change the password for
the router’s user name of admin. Then you have an easy way to recover the password if it is
forgotten. This recovery process is supported in Internet Explorer, Firefox, and Chrome
browsers, but not in the Safari browser.
To set up password recovery:
1. Select the Enab
2. Sele
3. Click Apply to
ct two security questions and provide answers to them.
le Password Recovery check box.
save your changes.
Administration
74
N600 Wireless Dual Band Router WNDR3400v2
When you use your browser to access the router, the login window displays. If password
recovery is enabled, when you click Cancel, the password recovery process starts. You can
then enter the saved answers to the security questions to recover the password.
Administration
75
8. Advanced Settings
Fine tuning your network
8
This chapter describes the advanced features of your router. The information is for users with a
solid understanding of networking concepts who want to set the router up for unique situations
such as when remote access from the Internet by IP or domain name is needed.
This chapter includes the following sections:
• Advanced Wireless Settings
• Wireless Repeating Function (WDS)
• Port Forwarding and Triggering
• Set up Port Forwarding to Local Servers
• Set up Port Triggering
• Dynamic DNS
• Static Routes
• Remote Management
• USB Settings
• Universal Plug and Play
• IPv6
• Traffic Meter
76
N600 Wireless Dual Band Router WNDR3400v2
Scroll to view
more settings
Advanced Wireless Settings
Select Advanced > Advanced Setup > Wireless Settings to display the following screen:
The following settings are available in this screen:
Enable Wireless Router Radio. Y
wireless router by clearing this check box. Select this check box again to enable the wireless
portion of the router. When the wireless radio is disabled, other members of your household
can use the router by connecting their computers to the router with an Ethernet cable.
Note: The Fragmentation Length, CTS/RTS Threshold, and Preamble
Mode options are reserved for wireless testing and advanced
configuration only. Do not change these settings.
Turn off wireless signal by schedule. You can use this feature to turn off the wireless signal
from your router at times when you do not need a wireless connection. For example, you
could turn it off for the weekend if you leave town.
WPS Settings.Y
AP Mode. Y
Wireless Card Access List. Click the Set Up Ac
Access List screen. On this screen, you can restrict access to your network to specific
devices based on their MAC address.
ou can add WPS devices to your network.
ou can make the WNDR3400v2 function as an access point.
ou can completely turn off the wireless portion of the
cess List button display the Wireless Card
Advanced Settings
77
N600 Wireless Dual Band Router WNDR3400v2
Repeater
Base station
access point
access point
Wireless Repeating Function (WDS)
You can set the N600 Wireless Dual Band Router up to be used as a wireless access point
(AP). This enables the router to act as a wireless repeater. A wireless repeater connects to
another wireless router as a client where the network to which it connects becomes the ISP
service.
Wireless repeating is a type of Wireless Distributio
n System (WDS). A WDS allows a wireless
network to be expanded through multiple access points instead of using a wired backbone to
link them. The following figure shows a wireless repeating scenario.
Figure 4. Wireless repeating scenario
Note: If you use the wireless repeating function, you need to select either
WEP or None as a security option in the Wireless Setup screen. The
WEP option displays only if you select the wireless mode Up to 54
Mbps in the Wireless Setup screen.
Wireless Base Station. The router acts as the parent access point, bridging traffic to and
from the child repeater access point, as well as handling wireless and wired local computers.
Advanced Settings
78
N600 Wireless Dual Band Router WNDR3400v2
Scroll to view
more settings
To configure this mode, you have to know the MAC addresses of the child repeater access
point.
Wireless Repeater. The route
r sends all traffic from its local wireless or wired computers to a
remote access point. To configure this mode, you have to know the MAC address of the
remote parent access point.
The WNDR3400v2 router is always in dual band concurrent mode, unless you turn off one
dio. If you enable the wireless repeater in either radio band, the wireless base station, or
ra
wireless repeater cannot be enabled in the other radio band. However, if you enable the
wireless base station in either radio band and use the other radio band as a wireless router or
wireless base station, dual band concurrent mode is not affected.
For you to set up a wireless network with WDS,
the following conditions have to be met for
both access points:
• Both acce
• Both acce
ss points have to use the same SSID, wireless channel, and encryption mode.
ss points have to be on the same LAN IP subnet. That is, all the access point
LAN IP addresses are in the same network.
• All L
AN devices (wired and wireless computers) have to be configured to operate in the
same LAN network address range as the access points.
Wireless Repeating Function
Select Advanced > Advanced Setup > Wireless Repeating to view or change wireless
repeater settings for the router.
• Enable Wireless Repeating Function. Select the check box for the 2.4 GHz or 5-GHz
network to use the wireless repeating function.
Advanced Settings
79
N600 Wireless Dual Band Router WNDR3400v2
• Wireless MAC of this router. This field displays the MAC address for your router for your
reference. You need to enter this MAC address in the corresponding Wireless Repeating
Function screen of the other access point you are using.
• Wireless Repeater. If your router is the repeater, select this check box.
Repeater IP Address. If your router is the repeater, enter the IP address of the other
access point.
Disable Wireless Client Association. If your router is the repeater, selecting this check
box means that wireless clients cannot associate with it. Only LAN client associations are
allowed.
- If you are setting up a point-to-point bridge, select this check box.
- If you want all client traffic to go through the other access point (repeater with wireless
client association), leave this check box cleared.
Base Station MAC Address. If your router is the repeater, enter the MAC address for the
access point that is the base station.
• Wireless Base Station. If your router is the base station, select this check box.
Disable Wireless Client Association. If your router is the base station, selecting this
check box means that wireless clients cannot associate with it. Only LAN client
associations are allowed.
Repeater MAC Address (1 through 4). If your router is the base station, it can act as the
“parent” of up to four other access points. Enter the MAC addresses of the other access
points in these fields.
Set up the Base Station
The wireless repeating function works only in hub and spoke mode. The units cannot be
daisy-chained. You have to know the wireless settings for both units. You have to know the
MAC address of the remote unit. First, set up the base station. Then set up the repeater.
To set up the base station:
1. Set up both units with the same wireless settings (SSID, mode, channel, and security).
The wireless security option has to be set to None or WEP.
Advanced Settings
80
N600 Wireless Dual Band Router WNDR3400v2
Scroll to view
more settings
2. Select Advanced > Advanced Setup > Wireless Repeating Function to display the
Wireless Repeating Function screen.
3. In the Wireless Repeating Function screen (depending on the frequency you want to use),
select the Enable Wireless Repeating Function check box and select the Wireless Base
Station radio button.
4. Ente
5. Click App
r the MAC address for one or more repeater units.
ly to save your changes.
Set up a Repeater Unit
Use a wired Ethernet connection to set up the repeater unit to avoid conflicts with the
wireless connection to the base station.
Note: If you are using the WNDR3400v2 base station with a
non-NETGEAR router as the repeater, you might need to change
more configuration settings. In particular, you should disable the
DHCP server function on the wireless repeater AP.
To configure the router as a repeater unit:
og in to the router that will be the repeater. Select Basic > Wireless Settings and
1. L
verify that the wireless settings match the base unit exactly. The wireless security option
has to be set to WEP or None.
2. Select Ad
vanced > Wireless Repeating Function, and select the Enable Wireless
Repeating Function check box and the Wireless Repeater radio button.
3. Fill in
the Repeater IP Address field. This IP address has to be in the same subnet as the
base station, but different from the LAN IP of the base station.
Advanced Settings
81
N600 Wireless Dual Band Router WNDR3400v2
4. Click Apply to save your changes.
5. Verify connectivity across the LANs.
A computer on any wireless or wired LAN segment of the router should be able to
connect to the Internet or share files and printers with any other wireless or wired
computer or server connected to the other access point.
Port Forwarding and Triggering
By default, the router blocks inbound traffic from the Internet to your computers except replies
to your outbound traffic. You might need to create exceptions to this rule for these purposes:
• To allow remote computers on the Internet to access a server on your local network.
• To allow certain applications and games to work correctly when their replies are not
recognized by your router.
Your router provides two features for creating these exceptions: port forwarding and port
triggering. The next sections provide background information to help you understand how
port forwarding and port triggering work, and the differences between the two.
Remote Computer Access Basics
When a computer on your network needs to access a computer on the Internet, your
computer sends your router a message containing the source and destination address and
process information. Before forwarding your message to the remote computer, your router
has to modify the source information and create and track the communication session so that
replies can be routed back to your computer.
Here is an example of normal outbound traffic and the resulting inbound responses:
1. You open a browser, and your operating system assigns port number 5678 to this
browser session.
2. You type http://www.example.com into the URL field, and your computer creates a web page
request message with the following address and port information. The request message is
sent to your router.
Source address. Your computer’s IP address.
Source port number. 5678, which is the browser session.
Destination address. The IP address of www.example.com, which your computer finds
by asking a DNS server.
Destination port number. 80, which is the standard port number for a web server
process.
3. Your router creates an entry in its internal session table describing this communication
session between your computer and the web server at www.example.com. Before sending
the web page request message to www.example.com, your router stores the original
Advanced Settings
82
N600 Wireless Dual Band Router WNDR3400v2
information and then modifies the source information in the request message, performing
Network Address Translation (NAT):
• The source address is replaced with your router’s public IP address. This is
necessary because your computer uses a private IP address that is not globally
unique and cannot be used on the Internet.
• The source port number is changed to a number chosen by the router, such as
33333. This is necessary because two computers could independently be using the
same session number.
Your router then sends this request message through the Internet to the web server at
www.example.com.
4. The web server at www.example.com composes a return message with the requested web
page data. The return message contains the following address and port information. The
web server then sends this reply message to your router.
Source address. The IP address of www.example.com.
Source port number. 80, which is the standard port number for a web server process.
Destination address. The public IP address of your router.
Destination port number. 33333.
5. Upon receiving the incoming message, your router checks its session table to determine
whether there are active sessions for port number 33333. Finding an active session, the
router then modifies the message to restore the original address information replaced by
NAT. Your router sends this reply message to your computer, which displays the web
page from www.example.com. The message now contains the following address and port
information.
Source address. The IP address of www.example.com.
Source port number. 80, which is the standard port number for a web server process.
Destination address. Your computer’s IP address.
Destination port number. 5678, which is the browser session that made the initial
request.
6. When you finish your browser session, your router eventually detects a period of inactivity in
the communications. Your router then removes the session information from its session
table, and incoming traffic is no longer accepted on port number 33333.
Port Triggering to Open Incoming Ports
In the preceding example, requests are sent to a remote computer by your router from a
particular service port number, and replies from the remote computer to your router are
directed to that port number. If the remote server sends a reply to a different port number,
your router does not recognize it and discards it. However, some application servers (such as
FTP and IRC servers) send replies to multiple port numbers. Using the port triggering
function of your router, you can tell the router to open additional incoming ports when a
particular outgoing port originates a session.
Advanced Settings
83
N600 Wireless Dual Band Router WNDR3400v2
An example is Internet Relay Chat (IRC). Your computer connects to an IRC server at
destination port 6667. The IRC server not only responds to your originating source port, but
also sends an “identify” message to your computer on port 113. Using port triggering, you can
tell the router, “When you initiate a session with destination port 6667, you have to also allow
incoming traffic on port 113 to reach the originating computer.” Using steps similar to the
preceding example, the following sequence shows the effects of the port triggering rule you
have defined:
1. You open an IRC client program to start a chat session on your computer.
2. Your IRC client composes a request message to an IRC server using a destination port
number of 6667, the standard port number for an IRC server process. Your computer then
sends this request message to your router.
3. Your router creates an entry in its internal session table describing this communication
session between your computer and the IRC server. Your router stores the original
information, performs Network Address Translation (NAT) on the source address and port,
and sends this request message through the Internet to the IRC server.
4. Noting your port triggering rule and having observed the destination port number of 6667,
your router creates an additional session entry to send any incoming port 113 traffic to your
computer.
5. The IRC server sends a return message to your router using the NAT-assigned source port
(as in the previous example, say port 33333) as the destination port. The IRC server also
sends an identify message to your router with destination port 113.
6. Upon receiving the incoming message to destination port 33333, your router checks its
session table to determine whether there is an active session for port number 33333.
Finding an active session, the router restores the original address information replaced by
NAT and sends this reply message to your computer.
7. Upon receiving the incoming message to destination port 113, your router checks its session
table and learns that there is an active session for port 113, associated with your computer.
The router replaces the message’s destination IP address with your computer’s IP address
and forwards the message to your computer.
8. When you finish your chat session, your router eventually senses a period of inactivity in the
communications. The router then removes the session information from its session table,
and incoming traffic is no longer accepted on port numbers 33333 or 113.
To configure port triggering, you need to know which inbound ports the application needs.
Also, you need to know the number of the outbound port that triggers the opening of the
inbound ports. You can usually determine this information by contacting the publisher of the
application or user groups or newsgroups.
Note: Only one computer at a time can use the triggered application.
Port Forwarding to Permit External Host Communications
In both of the preceding examples, your computer initiates an application session with a
server computer on the Internet. However, you might need to allow a client computer on the
Advanced Settings
84
N600 Wireless Dual Band Router WNDR3400v2
Internet to initiate a connection to a server computer on your network. Normally, your router
ignores any inbound traffic that is not a response to your own outbound traffic. You can
configure exceptions to this default rule by using the port forwarding feature.
A typical application of port forwarding can be shown by reversing the client-server
relationship from the previous web server example. In this case, a remote computer’s
browser needs to access a web server running on a computer in your local network. Using
port forwarding, you can tell the router, “When you receive incoming traffic on port 80 (the
standard port number for a web server process), forward it to the local computer at
192.168.1.123.” The following sequence shows the effects of the port forwarding rule you
have defined:
1. The user of a remote computer opens a browser and requests a web page from
www.example.com, which resolves to the public IP address of your router. The remote
computer composes a web page request message with the following destination
information:
Destination address. The IP address of www.example.com, which is the address of your
router.
Destination port number. 80, which is the standard port number for a web server
process.
The remote computer then sends this request message through the Internet to your
router.
2. Your router receives the request message and looks in its rules table for any rules covering
the disposition of incoming port 80 traffic. Your port forwarding rule specifies that incoming
port 80 traffic should be forwarded to local IP address 192.168.1.123. Therefore, your router
modifies the destination information in the request message:
The destination address is replaced with 192.168.1.123.
Your router then sends this request message to your local network.
3. Your web server at 192.168.1.123 receives the request and composes a return message
with the requested web page data. Your web server then sends this reply message to your
router.
4. Your router performs Network Address Translation (NAT) on the source IP address, and
sends this request message through the Internet to the remote computer, which displays the
web page from www.example.com.
To configure port forwarding, you need to know which inbound ports the application needs.
You can usually determine this information by contacting the publisher of the application or
the relevant user groups and newsgroups.
How Port Forwarding Differs from Port Triggering
The following points summarize the differences between port forwarding and port triggering:
• Port triggering is used by any computer on your network, although only one computer can
use it at a time.
• Port forwarding is configured for a single computer on your network.
Advanced Settings
85
N600 Wireless Dual Band Router WNDR3400v2
• Port triggering requires that you know the computer’s IP address in advance. The IP
address is captured automatically.
• Port forwarding requires that you specify the computer’s IP address during configuration,
and the IP address can never change.
• Port triggering requires specific outbound traffic to open the inbound ports, and the
triggered ports are closed after a period of no activity.
• Port forwarding is always active and does not need to be triggered.
Set up Port Forwarding to Local Servers
Using the port forwarding feature, you can allow certain types of incoming traffic to reach
servers on your local network. For example, you might want to make a local web server, FTP
server, or game server visible and available to the Internet.
Use the Port Forwarding screen to configure the router to forward specific incoming protocols
to computers on your local network. In addition to servers for specific applications, you can
also specify a default DMZ server to which all other incoming protocols are forwarded.
Before starting, you need to determine which type of service, application, or game you want
to provide, and the local IP address of the computer that provides the service. The server
computer has to always have the same IP address.
To set up port forwarding:
Tip: To ensure that your server computer always has the same IP address,
use the reserved IP address feature of your N600 Wireless Dual Band
Router.
Advanced Settings
86
N600 Wireless Dual Band Router WNDR3400v2
1. Select Advanced Setup > Port Forwarding/Port Triggering to display the following
screen:
Port Forwarding is selected as the service type.
2. From the
the service does not appear in the list, see Add a Custom Service on p
3. In the corresponding Server IP
Service Name list, select the service or game that you will host on your network. If
age 87.
Address field, enter the last digit of the IP address of your
local computer that provides this service.
4. Click Add.
The service appears in the list in the screen.
Add a Custom Service
To define a service, game, or application that does not appear in the Service Name list, you
have to first determine which port number or range of numbers is used by the application.
You can usually determine this information by contacting the publisher of the application or
user groups or newsgroups.
To add a custom service:
1. Select Adv
2. Select P
anced > Advanced Setup > Port Forwarding/Port Triggering.
ort Forwarding as the service type.
Advanced Settings
87
N600 Wireless Dual Band Router WNDR3400v2
3. Click the Add Custom Service button to display the following screen:
4. In the Service Name field, enter a descriptive name.
the Protocol list, select the protocol. If you are unsure, select TCP/UDP.
5. In
6. In
the Starting Port field, enter the beginning port number.
• If t
• If t
7. In
service.
8. Click Apply. The service appe
he application uses a single port, enter the same port number in the Ending Port
field.
he application uses a range of ports, enter the ending port number of the range in
the Ending Port field.
the Server IP Address field, enter the IP address of your local computer that provides this
ars in the list in the Port Forwarding/Port Triggering screen.
Editing or Deleting a Port Forwarding Entry
To edit or delete a port forwarding entry:
1. In the t
2. Click Edit Ser
Application Example: Making a Local Web Server Public
If you host a web server on your local network, you can use port forwarding to allow web
requests from anyone on the Internet to reach your web server.
able, select the radio button next to the service name.
vice or Delete Service.
To make a local web server public:
1. Assign your
address reservation. In this example, your router always gives your web server an IP
address of 192.168.1.33.
web server either a fixed IP address or a dynamic IP address using DHCP
Advanced Settings
88
N600 Wireless Dual Band Router WNDR3400v2
2. In the Port Forwarding screen, configure the router to forward the HTTP service to the local
address of your web server at 192.168.1.33. HTTP (port 80) is the standard protocol for web
servers.
3. (Optional) Register a host name with a Dynamic DNS service, and configure your router to
use the name as described in
the Internet, a remote user has to know the IP address assigned by your ISP. However, if
you use a Dynamic DNS service, the remote user can reach your server by a user-friendly
Internet name, such as mynetgear.dyndns.org.
Dynamic DNS on page 91. To access your web server from
Set up Port Triggering
Port triggering is a dynamic extension of port forwarding that is useful in these cases:
• More than one local computer needs port forwarding for the same application (but not
simultaneously).
• An application needs to open incoming ports that are different from the outgoing port.
When port triggering is enabled, the router monitors outbound traffic looking for a specified
outbound “trigger” port. When the router detects outbound traffic on that port, it remembers
the IP address of the local computer that sent the data. The router then temporarily opens the
specified incoming port or ports, and forwards incoming traffic on the triggered ports to the
triggering computer.
While port forwarding creates a static mapping of a port number or range to a single local
computer, port triggering can dynamically open ports to any computer that needs them and
can close the ports when they are no longer needed.
Note: If you use applications such as multiplayer gaming, peer-to-peer
connections, real-time communications such as instant messaging,
or remote assistance (a feature in Windows XP), you should also
enable Universal Plug and Play (UPnP) according to the instructions
in Universal Plug and Play on page 96.
To set up port triggering, you need to know which inbound ports the application needs. Also,
you need to know the number of the outbound port that triggers the opening of the inbound
ports. You can usually determine this information by contacting the publisher of the
application or user groups or newsgroups.
To set up port triggering:
1. Select Advanced > Advanced Setup > Port Forwarding/Port Triggering.
Advanced Settings
89
N600 Wireless Dual Band Router WNDR3400v2
2. Select the Port Triggering radio button to display the port triggering information.
3. Clear the Disable Port Triggering check box if it is selected.
Note: If the Disable Port Triggering check box is selecte
d after you configure
port triggering, port triggering is disabled. However, any port triggering
configuration information you added to the router is retained even though it is
not used.
4. In
the Port Triggering Timeout field, enter a value up to 9999 minutes.
5. Th
is value controls the inactivity timer for the designated inbound ports. The inbound ports
close when the inactivity time expires. This is required because the router cannot be sure
when the application has terminated.
Advanced Settings
90
N600 Wireless Dual Band Router WNDR3400v2
6. Click Add Service to display the following screen:
7. In the Service Name field, type a descriptive service name.
8. In the Service
computer on the Internet. Otherwise, select Single address, and enter the IP address of
one computer to restrict the service to a particular computer.
9. Select
TCP/UDP.
10. In the T
inbound ports to be opened.
11. Ente
Ending Port fields.
12. Click App
the service type, either TCP or UDP or both (TCP/UDP). If you are not sure, select
riggering Port field, enter the number of the outbound traffic port that causes the
r the inbound connection port information in the Connection Type, Starting Port, and
User list, select Any (the default) to allow this service to be used by any
ly. The service appears in the Port Triggering Portmap table.
Dynamic DNS
If your Internet service provider (ISP) gave you a permanently assigned IP address, you can
register a domain name and have that name linked with your IP address by public Domain
Name Servers (DNS). However, if your Internet account uses a dynamically assigned IP
address, you do not know in advance what your IP address is, and the address can change
frequently. In this case, you can use a commercial Dynamic DNS service. This type of service
lets you register your domain to their IP address and forwards traffic directed at your domain
to your frequently changing IP address.
If your ISP assigns a private WAN IP address (such as 192.168.x.x or 10.x.x.x), the Dynamic
DNS se
Your router contains a client that can con
DynDNS.org. First visit their website at http://www.dyndns.org and obtain an account and
rvice will not work because private addresses are not routed on the Internet.
nect to the Dynamic DNS service provided by
Advanced Settings
91
N600 Wireless Dual Band Router WNDR3400v2
host name that you configure in the router. Then, whenever your ISP-assigned IP address
changes, your router automatically contacts the Dynamic DNS service provider, logs in to
your account, and registers your new IP address. If your host name is hostname, for
example, you can reach your router at http://hostname.dyndns.org.
On the Advanced tab, select Advanc
ed Setup > Dynamic DNS to display the following
screen:
Figure 5. Forward traffic to a changing IP address
To set up Dynamic DNS:
1. Register for an
account with one of the Dynamic DNS service providers whose names
appear in the Service Provider list. For example, for DynDNS.org, select
www.dyndns.org.
2. Select the Use a
3. Select the name of your
4. T
ype the host name (or domain name) that your Dynamic DNS service provider gave you.
ype the user name for your Dynamic DNS account. This is the name that you use to log in
5. T
Dynamic DNS Service check box.
Dynamic DNS service provider.
to your account, not your host name.
6. T
ype the password (or key) for your Dynamic DNS account.
7. If
your Dynamic DNS provider allows the use of wildcards in resolving your URL, you can
select the Use Wildcards check box to activate this feature.
For example, the wildcard feature causes *.yourhost.dyndns.org to be aliased to the
same IP ad
8. Click Apply to
dress as yourhost.dyndns.org.
save your configuration.
Advanced Settings
92
N600 Wireless Dual Band Router WNDR3400v2
Static Routes
Static routes provide additional routing information to your router. Under usual
circumstances, the router has adequate routing information after it has been configured for
Internet access, and you do not need to configure additional static routes. You have to
configure static routes only for unusual cases such as multiple routers or multiple IP subnets
located on your network.
As an example of when a static route is needed, consider the following case:
• Your primary Internet access is through a cable modem to an ISP.
• You have an ISDN router on your home network for connecting to the company where
you are employed. This router’s address on your LAN is 192.168.1.100.
• Your company’s network address is 134.177.0.0.
When you first configured your router, two implicit static routes were created. A default route
was created with your ISP as the gateway, and a second static route was created to your
local network for all 192.168.1.x addresses. With this configuration, if you attempt to access a
device on the 134.177.0.0 network, your router forwards your request to the ISP. The ISP
forwards your request to the company where you are employed, and the request is likely to
be denied by the company’s firewall.
In this case you have to define a static route, telling your router that 134.177.0.0 should be
accessed through the ISDN router at 192.168.1.100. In this example:
• The Destination IP Address and IP Subnet Mask fields specify that this static route
applies to all 134.177.x.x addresses.
• The Gateway IP Address field specifies that all traffic for these addresses should be
forwarded to the ISDN router at 192.168.1.100.
• A metric value of 1 works since the ISDN router is on the LAN.
• Private is selected only as a precautionary security measure in case RIP is activated.
Advanced Settings
93
N600 Wireless Dual Band Router WNDR3400v2
To set up a static route:
1. Select Advanced > Advanced Setup > Static Routes, and click Add to display the
following screen:
2. In the Route Name field, type a name for this static route (for identification purposes only.)
3. Select the Priva
te check box if you want to limit access to the LAN only. If Private is
selected, the static route is not reported in RIP.
4. Select the Active check box to make this
5. T
ype the IP address of the final destination.
ype the IP subnet mask for this destination. If the destination is a single host, type
6. T
route effective.
255.255.255.255.
7. T
ype the gateway IP address, which has to be a router on the same LAN segment as the
N600 Wireless Dual Band Router.
8. T
ype a number between 1 and 15 as the metric value.
This value represents the number of routers between your network and the destination.
Usually
9. Click Apply to
, a setting of 2 or 3 works, but if this is a direct connection, set it to 1.
add the static route.
Advanced Settings
94
N600 Wireless Dual Band Router WNDR3400v2
Remote Management
The remote management feature lets you upgrade or check the status of your N600 Wireless
Dual Band Router over the Internet.
To set up remote management:
1. Select Adv
Note: Be sure to change the router’s default login password to a secure
password. The ideal password should contain no dictionary words from any
language and contain uppercase and lowercase letters, numbers, and
symbols. It can be up to 30 characters.
anced > Advanced Setup > Remote Management.
2. Select th
3. Unde
router’s remote management.
Note: For enhanced security, restrict access to as few external IP addresses
as
• T
• T
• T
4. S
pecify the port number for accessing the management interface.
e Turn Remote Management On check box.
r Allow Remote Access By, specify the external IP addresses allowed to access the
practical.
o allow access from a single IP address on the Internet, select Only This Computer.
Enter the IP address that is allowed access.
o allow access from a range of IP addresses on the Internet, select IP Address
Range. Enter a beginning and ending IP address to define the allowed range.
o allow access from any IP address on the Internet, select Everyone.
Advanced Settings
95
N600 Wireless Dual Band Router WNDR3400v2
Normal web browser access uses the standard HTTP service port 80. For greater
security, enter a custom port number for the remote web management interface. Choose
a number between 1024 and 65535, but do not use the number of any common service
port. The default is 8080, which is a common alternate for HTTP.
5. Click Apply to have your changes take effect.
6. When accessing your router from the Internet, type your router’s WAN IP address into your
browser’s address or location field followed by a colon (:) and the custom port number. For
example, if your external address is 134.177.0.123 and you use port number 8080, enter
http://134.177.0.123:8080 in your browser.
USB Settings
For added security, the router can be set up to share only approved USB devices. See
Specify Approved USB Devices on page 56 for the procedure.
Universal Plug and Play
Universal Plug and Play (UPnP) helps devices, such as Internet appliances and computers,
to access the network and connect to other devices as needed. UPnP devices can
automatically discover the services from other registered UPnP devices on the network.
Note: If you use applications such as multiplayer gaming, peer-to-peer
connections, or real-time communications such as instant
messaging or remote assistance (a feature in Windows XP), you
should enable UPnP.
Advanced Settings
96
N600 Wireless Dual Band Router WNDR3400v2
To turn on Universal Plug and Play:
1. Select Advanced > Advanced Setup > UPnP. The UPnP screen displays.
2. The available settings and information in this screen are:
Turn UP nP On. UPn
P can be enabled or disabled for automatic device configuration.
The default setting for UPnP is disabled. If this check box is not selected, the router does
not allow any device to automatically control the resources, such as port forwarding
(mapping) of the router.
Advertisement Period. The
advertisement period is how often the router broadcasts its
UPnP information. This value can range from 1 to 1440 minutes. The default period is 30
minutes. Shorter durations ensure that control points have current device status at the
expense of additional network traffic. Longer durations can compromise the freshness of
the device status, but can significantly reduce network traffic.
Advertisement Time to Live. The
time to live for the advertisement is measured in hops
(steps) for each UPnP packet sent. The time to live hop count is the number of steps a
broadcast packet is allowed to propagate for each UPnP advertisement before it
disappears. The number of hops can range from 1 to 255. The default value for the
advertisement time to live is 4 hops, which should be fine for most home networks. If you
notice that some devices are not being updated or reached correctly, it might be
necessary to increase this value.
UPnP Portmap Table. The
UPnP Portmap Table displays the IP address of each UPnP
device that is currently accessing the router and which ports (internal and external) that
device has opened. The UPnP Portmap Table also displays what type of port is open and
whether that port is still active for each IP address.
3. Click App
ly to save your settings.
Advanced Settings
97
N600 Wireless Dual Band Router WNDR3400v2
IPv6
You can use this feature to set up an IPv6 Internet connection type if NETGEAR genie does
not detect it automatically.
To set up an IPv6 Internet connection type:
1. Select Advance
2. Select the IPv6 connection type from the list. Your Internet service provider (ISP) can provide
this information.
• If your I
• If
you are not sure, select Auto Detect so that the router detects the IPv6 type that is
in use.
• If your I
IPv6 Auto Config.
d > Advanced Setup > IPv6 to display the following screen:
SP did not provide details, you can select IPv6 Tunnel.
nternet connection does not use PPPoE, DHCP, or fixed, but is IPv6, select
3. Click Apply so that your
changes take effect.
Traffic Meter
Traffic metering allows you to monitor the volume of Internet traffic passing through your
router’s Internet port. With the Traffic Meter utility, you can set limits for traffic volume, set a
monthly limit, and get a live update of traffic usage.
Advanced Settings
98
N600 Wireless Dual Band Router WNDR3400v2
Scroll to
view more
settings
To monitor Internet traffic:
1. Click Advanced > Advanced Setup > Traffic Meter to display the following screen:
2. To enable the Traffic Meter, select the Enable Traffic Meter check box.
3. If you would
like to record and restrict the volume of Internet traffic, select the Traffic
volume control by radio button. You can select one of the following options for controlling
the traffic volume:
• No Limit.
• Downlo
• Both Directions. The re
4. Y
ou can limit the amount of data traffic allowed per month by specifying how many Mbytes
No restriction is applied when the traffic limit is reached.
ad only. The restriction is applied to incoming traffic only.
striction is applied to both incoming and outgoing traffic.
per month are allowed or by specifying how many hours of traffic are allowed.
5. Set the
6. Set up T
Traffic Counter to begin at a specific time and date.
raffic Control to issue a warning message before the monthly limit of Mbytes or
hours is reached. You can select one of the following to occur when the limit is attained:
• The
• The I
7. Set up Int
8. Click the T
9. Click App
Internet LED flashes green or amber.
nternet connection is disconnected and disabled.
ernet Traffic Statistics to monitor the data traffic.
raffic Status button to get a live update on Internet traffic status on your router.
ly to save your settings.
Advanced Settings
99
9. Troubleshooting
This chapter provides information to help you diagnose and solve problems you might have with
your router. If you do not find the solution here, visit the NETGEAR support site at
http://support.netgear.com for product and contact information.
This chapter contains the following sections:
• Quick Tips
• Troubleshooting with the LEDs
• Cannot Log in to the Router
• Cannot Access the Internet
• Changes Not Saved
• Incorrect Date or Time
• Wireless Connectivity
• Restore the Factory Settings and Password
• Troubleshoot Your Network Using the Ping Utility
9
100
Loading...