1. Home
    2. /
  2. Manuals
    3. /
  3. NETGEAR
    4. /
  4. CVG834G
    5. /
  5. 10
Page 46 / 80 Scroll up to view Page 41 - 45
Wireless Cable Voice Gateway Model CVG834G Reference Manual
3-10
Protecting Your Network
v2.0, November 2007
4.
Click
Add
. The new Port Blocking rule appears in the Outbound Rules table.
To delete an existing rule:
1.
Select the rule from the
Port Filter List
.
2.
Click
Delete
.
Port Forwarding
You can use port forwarding to set up a rule that directs inbound traffic for a particular service to a
local server (for example, a Web server or game server) based on the destination port. This makes
the server visible and available to the Internet.
Unless you set up port forwarding, the gateway prevents this type of traffic.The gateway uses
Network Address Translation (NAT). NAT presents a single IP address for your network to the
Internet. Outside users cannot directly address your local computers.
Before setting up Port Forwarding, consider the following:
If the IP address of the local server PC is assigned by DHCP, it may change when the PC is
rebooted. To avoid this, you can assign a static IP address to your server outside the range that
is assigned by DHCP, but in the same subnet as the rest of your LAN. By default, the IP
addresses in the range of 192.168.0.2 through 192.168.0.9 are reserved for this.
Local computers must access the local server using the local LAN address of the computer
(192.168.0.XXX, by default). Attempts by local computers to access the server using the
external WAN IP address will fail.
Remember that allowing inbound services opens holes in your firewall. Only enable those ports
that are necessary for your network.
Forwarding Inbound Traffic
To forward inbound traffic:
1.
Select the service that you want to forward from the
Predefined Services
drop-down list.
Note:
Some residential broadband ISP accounts do not allow you to run any server
processes (such as a Web or FTP server) from your location. Your ISP may check
for servers and may suspend your account if it discovers active services at your
location. If you are unsure, refer to the acceptable use policy of your ISP.
Page 47 / 80
Wireless Cable Voice Gateway Model CVG834G Reference Manual
Protecting Your Network
3-11
v2.0, November 2007
If the service that you want to forward is not in the predefined list, you can add a custom
service. Enter the range of ports that you want to forward and select whether the ports are TCP,
UDP or Both.
2.
If you want to change the suggested port numbers, enter a new
Start Port
and
End Port
.
3.
From the drop-down
Protocol
list, select the protocol: TCP, UDP, or Both.
4.
Enter the IP address of the computer on your network to which you would like to direct the
inbound traffic in the
Local IP Address
field.
5.
Click
Add
. The new Port Forwarding rule appears in the Active Forwarding Rules table.
Deleting a Rule
To delete an existing rule:
1.
Select the radio button for the rule that you want to delete.
2.
Click
Delete
to delete the Port Forwarding rule.
Figure 3-8
Page 48 / 80
Wireless Cable Voice Gateway Model CVG834G Reference Manual
3-12
Protecting Your Network
v2.0, November 2007
Port Triggering
Port Triggering is an advanced feature that allows you to dynamically open inbound ports based on
outbound traffic on different ports. This feature can be used for gaming and other Internet
applications.
Port Triggering monitors outbound traffic. When the gateway detects traffic on the specified
outbound port, it remembers the IP address of the computer that sent the data and “triggers” the
incoming port. Incoming traffic on the triggered port is then forwarded to the triggering computer.
For example, port triggering can be used for Internet Relay Chat (IRC). When you connect to an
IRC server, the server tries to connect back on the port to do an Ident lookup. Unless you have
configured Port Forwarding to open that port, the traffic will be blocked. In this example, the
initial login to the server in the range of ports is detected. This triggers the gateway to temporarily
forward the port to the PC that initiated the login.
To configure Port Triggering:
1.
Under the Advanced heading on the main menu, select Port Triggering. The Port Triggering
screen appears:
Note:
Port Forwarding is similar to port triggering, but it is static and has some
limitations. Ports are open to traffic from the Internet until the port forwarding rule
is removed. Additionally, port forwarding does not work well for some
applications when your WAN IP address is assigned by DHCP, and is changed
frequently. Port Triggering opens an incoming port temporarily and does not
require the server on the internet to track your IP address if it is changed.
Figure 3-9
Page 49 / 80
Wireless Cable Voice Gateway Model CVG834G Reference Manual
Protecting Your Network
3-13
v2.0, November 2007
2.
In the
Trigger Range
field, enter the outbound ports that will be monitored for activity. This
will be the “trigger.”
3.
In the
Target Range
field, enter the inbound ports that should be forwarded when the trigger
occurs.
4.
Select the appropriate protocol: TCP, UDP or Both.
5.
Select the
Enable
check box
6.
Click
Apply
.
There are two ways to clear a Port Triggering rule:
Clear the
Enable
check box to temporarily disable the rule.
Select the rule, and then click
Delete
.
Setting Up a DMZ Host
The Default DMZ Server feature is helpful when using some online games and video conferencing
applications that are incompatible with NAT. The gateway is programmed to recognize some of
these applications and to work properly with them, but there are other applications that may not
function well. In some cases, one local PC can run the application properly if that PC’s IP address
is entered as the Default DMZ Host.
Incoming traffic from the Internet is normally discarded by the gateway unless the traffic is a
response to one of your local computers or a service that you have configured in the Port
Forwarding or Port Triggering screen. Instead of discarding this traffic, you can have it forwarded
to one computer on your network. This computer is called the default DMZ host.
Note:
For security, you should avoid using the Default DMZ Server feature. When a
computer is designated as the default DMZ server, it loses much of the protection
of the firewall, and is exposed to many exploits from the Internet. If compromised,
the computer can be used to attack your network.
Page 50 / 80
Wireless Cable Voice Gateway Model CVG834G Reference Manual
3-14
Protecting Your Network
v2.0, November 2007
To assign a computer or server to be a DMZ host:
1.
From the main menu, under the Advanced heading, select DMZ Host. The DMZ Host screen
appears:
2.
In the
DMZ Address
field, enter the IP address of the computer that you want to assign as a
DMZ host.
3.
Click
Apply
.
To disable the DMZ host, enter
0
(zero), and then click
Apply
.
If you want the gateway to respond to a ping from the Internet, select the
Respond to Ping on
WAN Port
check box. This should only be used as a diagnostic tool, since it allows your gateway
to be discovered. Do not select this check box unless you have a specific reason to do so.
Figure 3-10

Rate

3.5 / 5 based on 2 votes.

Popular NETGEAR Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top