By default, the firewall of a NETGEAR router blocks all connection attempts by devices on the Internet to devices in your local network. This is called inbound traffic. If you want devices on the Internet to connect to devices on your local network (for example, you have an IP Camera or an FTP server that you want to be accessible via the Internet), you will have to reconfigure the router. Here are three ways to do that:
- Universal Plug and Play (UPnP). If the router and the device on your local network both support UPnP, the required router configuration will happen automatically.
- Port Forwarding, also called inbound firewall rules. You create port forwarding rules that look into the header of each inbound packet, and either block it or forward it to specified devices on you local network, based on the source IP address, destination TCP port number, and other characteristics of the packet. Packets with different characteristics can be forwarded to different devices on your local network.
Note: If you create more than one port forwarding rule, the order that they appear on the screen matters. Each inbound packet will be checked against the top rule first, followed by the second-from-top etc. until a rule that matches the packet characteristics is found. This means that if, for example, the top rule forwards all packets to server A, and a later rule forwards some packets to server B, all packets will get forwarded to server A and none to server B.
- DMZ on NETGEAR routers
Note: When you use a DMZ to forward all inbound traffic to a device in you local network, that device loses all the protection of the router's firewall. It is totally exposed to the Internet, and must be capable of protecting itself from attack.
Details:
Before starting, you need to determine which type of service, application, or game you want to provide, and the local IP address of the computer that will provide the service. The server computer must always have the same IP address.
Tip: To ensure that your server computer always has the same IP address, see How do I reserve an IP address on my NETGEAR router?
For a list of common ports, see Port numbers for port forwarding.
If you need to trigger a port, see How to configure port triggering on a NETGEAR router.
To test whether your port forwarding is secure, see How are computer or router ports secured?.
For more information, see How do I configure port forwarding on my DG834, DG834G, DG824M, FR114W, FM114P, FR114P, FR328S, FVL328, FVS328, FWAG114, FWG114P, or FVS318 router or firewall?.
Note: For details of routers not shown here, refer to the specific product manual. See http://support.netgear.com/for_home/default.aspx and search for your router model.
Last Updated:04/27/2017
|
Article ID: 20917