Netgear orporated 14400297 User Manual
ADSL2+ Gateway
DRAFT
Model D2200D-1FRNAS
User Manual
May 2015
202-11541-01
350 East Plumeria Drive
San Jose, CA 95134
USA
ADSL2+ Gateway
DRAFT
Support
Thank you for selecting NETGEAR products.
Contact your Internet service provider for technical support.
Trademarks
© NETGEAR, Inc., NETGEAR and the NETGEAR logo are trademarks of NETGEAR, Inc. Any non-NETGEAR trademarks are
used for reference purposes only.
Compliance
For regulatory compliance information, visit http://www.netgear.com/about/regulatory/.
See the regulatory compliance document before connecting the power supply.
2
Contents
DRAFT
Chapter 1 Hardware Setup
Chapter 2 Connect to the Network and Access the Gateway
Chapter 3 Specify Your Internet Settings
Unpack Your Gateway. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
Front and Top Panel. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
Rear Panel. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Position Your Gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Cable Your Gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Connect to the Network. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
Wired Connection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
WiFi Connection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
Label . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Types of Logins . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Log In to the Gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Use Auto Configuration to Set Up Your Internet Connection . . . . . . . . . . . . . . . 16
Rerun the Setup Wizard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
Chapter 4 Control Access to the Internet
Set General Firewall Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
Set Up Custom Firewall Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
View the Security Log. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
Port Forwarding Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Port Forwarding to Permit External Host Communications . . . . . . . . . . . . . . 23
Set Up Port Forwarding to Local Servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
Add a Port Forwarding Rule . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
Add or Edit a Port Forwarding Profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
Set Up a Default DMZ Host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
Set Up Static NAT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
Set Up Remote Management. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
Specify ALG Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
Chapter 5 Specify Network Settings
View Network Computers and Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
Specify the IP Addresses that the Gateway Assigns . . . . . . . . . . . . . . . . . . . . . . 32
Disable the DHCP Server Feature in the Gateway . . . . . . . . . . . . . . . . . . . . . . . . 33
3
ADSL2+ Gateway
DRAFT
Specify Private LAN Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
Specify Public LAN Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36
Reserve LAN IP Addresses. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
RIP Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38
Enable or Disable Multicast IGMP Proxy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
View the Routing Table. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
Improve Network Connections with Universal Plug and Play . . . . . . . . . . . . . . . 41
Specify Basic WiFi Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
Change the WiFi Security Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
Create a Hidden Wireless Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
Restrict Wireless Access by MAC Address. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46
Set Up a Guest Network. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
WPS Overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
Enable WPS Simple Config . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
Connect Using WPS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
Control the Wireless Radios . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50
Quality of Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
Enable QoS. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
Manage QoS Rules and Filters. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52
Add a Queue . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53
Change the Wireless Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54
Chapter 6 Manage Your Network
Change the admin Password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57
View Gateway Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57
View Advanced Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58
View the Ethernet Status. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59
View the ATM Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60
View the DSL Status. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
View the ADSL Status. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62
View the Wireless Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63
Upgrade the Firmware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63
Upgrade Firmware from the Internet. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64
Upgrade Firmware from a Computer. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65
Run the Ping Utility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67
Run the Traceroute Utility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68
View Devices Currently on the Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69
Manage the Gateway Configuration File . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69
Save the Configuration Settings. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69
Load Configuration Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70
Restore the Factory Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71
Dynamic DNS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72
Specify a DNS Account . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72
Specify a DNS Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73
Specify the Date and Time Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74
Reboot the Gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75
Specify the VPN Pass-Through Method . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76
4
ADSL2+ Gateway
DRAFT
Appendix A Supplemental Information
Factory Settings. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78
Technical Specifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79
Appendix B Wall-Mount the Gateway
5
1. Hardware Setup
DRAFT
This chapter covers the following topics:
• Unpack Your Gateway
• Front and Top Panel
• Rear Panel
• Position Your Gateway
• Cable Your Gateway
1
6
Unpack Your Gateway
DRAFT
Your package contains the following items.
ADSL2+ Gateway
Gateway
Phone cable
Figure 1. Package contents
Front and Top Panel
The gateway has status LEDs.
Power adapter
Ethernet cable
POWER
E1, E2, E3, E4
INTERNET
DSL
WIRELESS
Figure 2. Gateway front and side view
Hardware Setup
7
ADSL2+ Gateway
DRAFT
You can use the LEDs to verify status and connections. The following table lists and
describes each LED and button on the front panel of the gateway.
LED Description
POWER
• Green. Power is supplied to the gateway.
• Off. No power is supplied to the gateway.
E1, E2, E3, E4
WIRELESS
DSL
INTERNET
• Green. A powered-on device is connected to this Ethernet port.
• Off. No device is connected to this Ethernet port.
• Green. The wireless radio is on.
• Off. The wireless
• Green. The gateway has a DSL connection.
• Slow blinking green. The gateway
• Fast blinking green. The gateway found the signal and is performing negotiation and
handshaking.
• Off
.
The gateway does not have a DSL connection.
• Solid blue. The gateway is online.
• Blinking blue. The gateway
• Off. The gateway
radio is off.
is looking for a signal.
is sending or receiving Internet traffic.
is offline.
Rear Panel
The rear panel has the connections and button shown the following figure.
Figure 3. Gateway rear panel
button
Hardware Setup
8
On/Off
button
PowerEthernet LAN ports PowerResetDSL port
adapter
input
ADSL2+ Gateway
DRAFT
Position Your Gateway
The gateway lets you access your network anywhere within the operating range of your
wireless network. However, the operating distance or range of your wireless connection can
vary significantly depending on the physical placement of your gateway. For example, the
thickness and number of walls the wireless signal passes through can limit the range.
Additionally, other wireless access points in and around your home might affect your
gateway’
any other device that emits a wireless signal for network access.
Position your gateway according to the following guidelines:
• Place your gateway near the center of the area where your computers and other devices
• Make sure that the gateway is within reach of an
• Place the gateway in an elevated location, minimizing the number walls and ceilings
• Place the gateway away from electrical devices such as these:
• Place the gateway away from large metal surfaces, large glass surfaces, and insulated
s signal. Wireless access points are gateways, repeaters, WiFi range extenders, or
operate, and within line of sight to your wireless devices.
AC power outlet and near Ethernet
cables for wired computers.
between the gateway and your other devices.
- Ceiling fans
- Home security systems
- Microwaves
- Computers
- Base of a cordless phone
- 2.4 GHz cordless phone
walls such as these:
- Solid metal doors
- Aluminum studs
- Fish tanks
- Mirrors
- Brick
- Concrete
Hardware Setup
9
ADSL2+ Gateway
DRAFT
Cable Your Gateway
The gateway comes configured to work as both a modem and a router. You can share your
Internet connection without connecting the gateway to a router or gateway.
To cable your gateway:
1. Connect the phone line cable that came in the package to the DSL port.
PowerPowerDSL port
On/Of
button
2. Connect the other end of the phone line cable to your DSL line wall jack.
3. Connect the power adapter provided in the package to the gateway and plug the power
adapter in to an electrical outlet.
4. Press the Power On/Off button.
The Power LED lights green.
To set up your Internet connection, you must connect a computer or wireless device to the
gateway’
Chapter 3, Specify Your Internet Settings.
s network and use a web browser
. See Connect to the Network on page 12 and
adapter
input
Hardware Setup
10
2. Connect to the Network and
DRAFT
Access the Gateway
This chapter contains the following sections:
• Connect to the Network
• Types of Logins
• Log In to the Gateway
2
11
ADSL2+ Gateway
DRAFT
Connect to the Network
You can connect to the gateway’s network through a wired or WiFi connection. If you set up
your computer to use a static IP address, change the settings so that it uses Dynamic Host
Configuration Protocol (DHCP).
Wired Connection
You can connect your computer to the gateway using an Ethernet cable and join the
gateway’s local area network (LAN).
To connect your computer to the gateway with an Ethernet cable:
1. Make sure that the gateway has power (its Power LED is lit).
2. Connect an Ethernet cable to an Ethernet port on your computer
3. Connect the other end of the Ethernet cable to Ethernet port E2, E3, or E4 on the gateway.
.
Note: Do not use port E1 during setup.
Your computer connects to the local area network (LAN). A message might display on
your computer page to notify you that an Ethernet cable is connected.
WiFi Connection
Y ou can connect to the gateway’ s WiFi network with Wi-Fi Protected Setup (WPS) or you can
find and select the WiFi network. For information about using WPS, see WPS Overview on
page 49.
To find and select the WiFi network:
1. Make sure that the gateway has power (its Power LED is lit).
2. On your computer or wireless device, find and select the WiFi network.
The WiFi network name is on the gateway’s label.
3. Join the WiFi network and enter the WiFi password.
The password is on the gateway’s label.
Your wireless device connects to the WiFi network.
Connect to the Network and Access the Gateway
12
ADSL2+ Gateway
DRAFT
Label
The label on the gateway shows the login information, MAC address, and serial number.
Serial number
WiFi password
MAC address
FOR POSITION ONLY
SSID
(WiFi network)
Figure 4. Gateway label
Login information
(default access)
Types of Logins
Separate types of logins have different purposes. It is important that you understand the
difference so that you know which login to use when.
Types of logins:
• WiFi network key or password. Your gateway is preset with a unique wireless network
name (SSID) and password for wireless access.
Note: Your gateway broadcasts dual-band 2.4 GHz and 5 GHz WiFi signals.
The label shows the SSID for the 2.4 GHz signal. For information about
5 GHz WiFi settings, see Specify Basic WiFi Settings on page 41.
This information is on the gateway label.
• Gateway login.This logs you in to the gateway interface as admin from an Internet
browser
Log In to the Gateway
When you first set up your gateway, NETGEAR genie automatically starts when you launch
an Internet browser on a computer that is connected to the gateway. If you want to view or
change settings for the gateway, you can use genie again.
To log in to the gateway:
1. Launch an Internet browser from a computer or wireless device that is connected to the
network.
2. T
ype http:/192.168.254.254.
.
Connect to the Network and Access the Gateway
13
ADSL2+ Gateway
DRAFT
If you are accessing the gateway for the first time, the Auto Configuration page displays.
To bypass Auto Configuration, click the Cancel button.
The login window opens.
3. Enter the gateway user name and password.
The user name is admin. The
are case-sensitive.
The Main page displays.
default password is admin. The user name and password
Connect to the Network and Access the Gateway
14
3. Specify Your Internet Settings
DRAFT
Usually, the quickest way to set up the gateway to use your Internet connection is to allow the
genie to detect the Internet connection when you first access the gateway with an Internet
browser. You can also customize or specify your Internet settings.
This chapter contains the following sections:
• Use Auto Configuration to Set Up Your Internet Connection
• Rerun the Setup Wizard
3
15
ADSL2+ Gateway
DRAFT
Use Auto Configuration to Set Up Your Internet Connection
The first time that you use a web browser to access the gateway, the Auto Configuration
page displays. You can use Auto Configuration to detect the Internet connection, or you can
click the Cancel button to exit, and then log in to the gateway.
To use Auto Configuration:
1. Launch an Internet browser from a computer or wireless device that is connected to the
network.
2. T
ype http:/192.168.254.254.
The Auto Configuration page displays. The gateway detects your Internet connection.
3. Follow the onscreen instructions to complete your Internet setup.
Rerun the Setup Wizard
After you install the gateway, you can rerun the Setup Wizard to detect your Internet
connection.
To rerun the Setup Wizard:
1. Launch an Internet browser from a computer or wireless device that is connected to the
network.
2. T
ype http:/192.168.254.254.
A login window opens.
3. Enter the gateway user name and password.
The user name is admin. The
are case-sensitive.
The Main page displays.
4. Select Advanced.
5. When prompted, click the Y
The Advanced page displays.
6. Select Re-Run Setup W
izard.
default password is admin. The user name and password
es button to proceed.
The Re-Run Setup Wizard page displays.
7. Click the Detect Configuration button.
The gateway restarts and the Auto Configuration page displays.
8. Follow the Setup Wizard onscreen instructions.
Specify Your Internet Settings
16
ADSL2+ Gateway
DRAFT
If you are prompted to enter PPP account settings, enter your Frontier email address and
password.
The gateway detects your Internet connection and the Main page displays.
Specify Your Internet Settings
17
4. Control Access to the Internet
DRAFT
4
The gateway comes with a built-in firewall that helps protect your home network from unwanted
intrusions from the Internet.
This chapter includes the following sections:
• Set General Firewall Settings
• Set Up Custom Firewall Rules
• View the Security Log
• Port Forwarding Overview
• Set Up a Default DMZ Host
• Set Up Static NAT
• Set Up Remote Management
• Specify ALG Settings
18
ADSL2+ Gateway
DRAFT
Set General Firewall Settings
To set general firewall settings:
1. Launch an Internet browser from a computer or wireless device that is connected to the
network.
2. Type http:/192.168.254.254.
A login window opens.
3. Enter the user name and password.
The user name is
are case-sensitive.
The Main page displays.
4. Select Firewall Settings > General.
admin. The
default
password is admin. The user name and password
5. Select a radio button.
6. Click the Apply button.
Your settings are saved.
Control Access to the Internet
19
ADSL2+ Gateway
DRAFT
Set Up Custom Firewall Rules
To add a custom firewall rule:
1. Launch an Internet browser from a computer or wireless device that is connected to the
network.
2. Type http:/192.168.254.254
A login window opens.
3. Enter the user name and password.
.
The user name is admin. The
are case-sensitive.
The Main page displays.
4. Select Firewall Settings > General.
The General page displays.
5. Select the Custom Security (None) radio button.
6. When prompted, click the OK button to confirm.
The Edit button is activated.
7. Click the Edit button.
default
password is admin. The user name and password
Control Access to the Internet
20
ADSL2+ Gateway
DRAFT
8. Select a Security Default radio button:
- Allow.
- Deny. Block the packet if no rule matches it.
This specifies the default action to be taken if no rule is found to match the given packet.
Allow the packet if no rule matches it.
9. In the
10. Click the Apply button.
Add Rules section, complete the following fields:
• Rule Name. Name of the new rule.
• Type. Allow or deny the packet matching this rule.
• Protocol. Protocol to match for the new rule.
• Source Address.
subnet mask is also to be provided.
• Destination Address.
against.The subnet mask is also to be provided.
• Source Port.
end ports should be mentioned.
• Destination Port.
start and end ports should be mentioned.
• Mode. Specify if packets needs to be logged.
• Direction.
whether inbound or outbound or both can be specified.
Your settings are saved.
The traffic direction for which the rule is to be applied. The direction
The source address of the packet to check the rule against.The
The destination address of the packet to check the rule
The source port of the packet to check the rule against.The start and
The destination port of the packet to check the rule against.The
View the Security Log
The log is a detailed record of the websites you have accessed or attempted to access and
other gateway actions.
To view the security log:
1. Launch an Internet browser from a computer or wireless device that is connected to the
network.
2. T
ype http:/192.168.254.254.
A login window opens.
3. Enter the user name and password.
The user name is admin. The
are case-sensitive.
The Main page displays.
4. Select Firewall Settings > Security Log.
default password is admin. The user name and password
Control Access to the Internet
21
ADSL2+ Gateway
DRAFT
5. When prompted, click the Yes button to proceed.
6. To customize the log, do the following:
a. Click the Settings button.
The Security Log Settings page displays.
b. Select Enabled or Disabled for each of these settings:
• Log Allowed T
• Log Blocked Traffic
• Log Traffic Specified in Rules.
• Log Administrative Access.
raffic.
.
c. Select or clear the Remote Logging Enable
d. If you enabled remote logging, complete the Remote IP
e. Click the Apply button.
7. T
o refresh the log page, click the Refresh button.
8. To clear the log entries, click the Clear Log button.
9. To save the log in a printable format, click the Printable Format button.
check box
Address
field.
Port Forwarding Overview
Port forwarding allows you to forward incoming traffic from the outside network, to a range of
WAN ports on an IP address on the LAN. You can also enable traffic from local network to a
specified port range to be allowed to go outside of the network in medium firewall settings.
All the settings on this page are associated with a Service Profile in the Current Profile
drop-down list. If no profile has been created, the default profile is used.
To configure port forwarding, you need to know which inbound ports the application needs.
You usually can determine this information by contacting the publisher of the application or
the relevant user groups or news groups.
A typical application of port forwarding occurs when a remote computer
access a web server running on a computer in your local network. Using port forwarding, you
can tell the gateway, “When you receive incoming traffic on port 80 (the standard port number
for a web server process), forward it to the local computer at 192.168.1.123.”
sequence shows the effects of the port forwarding rule you have defined:
’s browser needs to
The following
Control Access to the Internet
22
ADSL2+ Gateway
DRAFT
1. The user of a remote computer opens a browser and requests a web page from
www.example.com, which resolves to the public IP address of your gateway. The
remote computer composes a web page request message with the following destination
information:
Destination address. The IP address www.example.com, which is the gateway’s address.
Destination port number. 80, which is the standard port number for a web server process.
The remote computer then sends this request message through the Internet to your
gateway.
2. Y
our gateway receives the request message and looks in its rules table for any rules
covering the disposition of incoming port 80 traffic. Your port forwarding rule specifies that
incoming port 80 traffic should be forwarded to local IP address 192.168.1.123. Therefore,
your gateway modifies the destination information in the request message:
The destination address is replaced with 192.168.1.123.
Your gateway then sends this request message to your local network.
3. Y
our web server at 192.168.1.123 receives the request and composes a return message
with the requested web page data. Your web server then sends the gateway a reply
message.
4. Y
our gateway performs Network Address Translation (NAT) on the source IP address, and
sends this request message through the Internet to the remote computer, which displays the
web page from www.example.com.
Port Forwarding to Permit External Host Communications
In both the preceding examples, your computer initiates an application session with a server
computer on the Internet. However, you might need to allow a client computer on the Internet
to initiate a connection to a server computer on your network. Normally , your gateway ignores
any inbound traffic that is not a response to your own outbound traffic. You can configure
exceptions to this default rule by using the port forwarding feature.
A typical application of port forwarding can be shown by reversing the client-server
relationship from the previous web server example. In this case, a remote computer
browser needs to access a web server running on a computer in your local network. Using
port forwarding, you can tell the gateway, “When you receive incoming traffic on port 80 (the
standard port number for a web server process), forward it to the local computer at
192.168.1.123.” The following sequence shows the effects of the port forwarding rule you
have defined:
1. The user of a remote computer opens a browser and requests a web page from
.example.com, which resolves to the public IP address of your gateway. The
www
remote computer composes a web page request message with the following destination
information:
Destination address. The IP address of www.example.com, which is the address of your
gateway.
Destination port number. 80, which is the standard port number for a web server process.
’s
Control Access to the Internet
23
ADSL2+ Gateway
DRAFT
The remote computer sends this request message through the Internet to your gateway.
2. Y
our gateway receives the request message and looks in its rules table for any rules
covering the disposition of incoming port 80 traffic. Your port forwarding rule specifies that
incoming port 80 traffic should be forwarded to local IP address 192.168.1.123. Therefore,
your gateway modifies the destination information in the request message:
The destination address is replaced with 192.168.1.123.
Your gateway then sends this request message to your local network.
3. Y
our web server at 192.168.1.123 receives the request and composes a return message
with the requested web page data. Your web server then sends this reply message to your
gateway.
4. Y
our gateway performs Network Address Translation (NAT) on the source IP address, and
sends this request message through the Internet to the remote computer, which displays the
web page from www.example.com.
To configure port forwarding, you need to know which inbound ports the application needs. T o
find out, contact the publisher of the application or the relevant user groups or news groups.
Set Up Port Forwarding to Local Servers
Using the port forwarding feature, you can allow certain types of incoming traffic to reach
servers on your local network. For example, you might want to make a local web server, FTP
server, or game server visible and available to the Internet.
Use the Port Forwarding/Port Triggering page to configure the gateway to forward specific
incoming protocols to computers on your local network. In addition to servers for specific
applications, you can also specify a default DMZ server to which all other incoming protocols
are forwarded.
Before starting, you need to determine which type of service, application, or game you want
to provide, and the local IP address of the computer that will provide the service.
computer has to always have the same IP address.
Tip: T
o ensure that your server computer always has the same IP address,
use the reserved IP address feature of your product.
The server
Add a Port Forwarding Rule
You can select an existing service or rule, or you can create a new custom rule.
To add a port forwarding service or rule:
1. Launch an Internet browser from a computer or wireless device that is connected to the
network.
2. T
ype http:/192.168.254.254.
A login window opens.
Control Access to the Internet
24
ADSL2+ Gateway
DRAFT
3. Enter the user name and password.
The user name is admin. The default
are case-sensitive.
The Main page displays.
4. Select Firewall Settings > Port Forwarding.
5. When prompted, click the Ye
6. Click the Add button.
s button to proceed.
password is admin. The user name and password
7. To create a new rule, click the Create button and specify the settings.
The new rule displays in the list below Custom Defined Service.
8. To edit a rule, select it in the list and click the Edit button.
9. In the Port Forwarding page, click the Add button to add the rule that you created.
10. Click the Apply
Your settings are saved.
Add or Edit a Port Forwarding Profile
The service profile associates a service profile with one or more of your Connection Profiles.
This means different connections can allow different services to be associated with them.
button.
Control Access to the Internet
25
ADSL2+ Gateway
DRAFT
To add or edit a port forwarding profile:
1. Launch an Internet browser from a computer or wireless device that is connected to the
network.
2. Type http:/192.168.254.254
A login window opens.
3. Enter the user name and password.
.
The user name is admin. The
are case-sensitive.
The Main page displays.
4. Select Firewall Settings > Port Forwarding.
5. When prompted, click the Ye
The Current Profile list shows the selected profile.
6. To add a profile, click the New button and follow the steps to create a custom service entry.
default
s button to proceed.
password is admin. The user name and password
The new profile is added to the
7. To edit the selected profile, click the Edit
profile.
8. Click the Apply button.
Your settings are saved.
Set Up a Default DMZ Host
The default DMZ Host feature is helpful when you are using some online games and
videoconferencing applications that are incompatible with Network Address Translation
(NAT). The gateway is programmed to recognize some of these applications and to work
correctly with them, but other applications might not function well. In some cases, one local
computer can run the application correctly if the IP address for that computer is entered as
the default DMZ server.
Current Profile list.
button and follow the steps to change a service
Control Access to the Internet
26
Loading...