Security Settings

56

N600 Wireless Dual Band Gigabit ADSL2+ Modem Router DGND3700



To make a local web server public:

1.

Assign your web server either a fixed IP address or a dynamic IP address using DHCP

address reservation. In this example, your router will always give your web server an IP

address of 192.168.1.33.

2.

In the Port Forwarding screen, configure the router to forward the HTTP service to the local

address of your web server at

192.168.1.33

. HTTP (port 80) is the standard protocol for web

servers.

3.

(Optional) Register a host name with a Dynamic DNS service, and configure your router to

use the name. To access your web server from the Internet, a remote user has to know the

IP address that has been assigned by your ISP. However, if you use a Dynamic DNS

service, the remote user can reach your server by a user-friendly Internet name, such as

mynetgear.dyndns.org.

Configure Port Triggering

Port triggering is a dynamic extension of port forwarding that is useful in these cases:

•

More than one local computer needs port forwarding for the same application (but not

simultaneously).

•

An application needs to open incoming ports that are different from the outgoing port.

When port triggering is enabled, the router monitors outbound traffic looking for a specified

outbound “trigger” port. When the router detects outbound traffic on that port, it remembers

the IP address of the local computer that sent the data. The router then temporarily opens the

specified incoming port or ports, and forwards incoming traffic on the triggered ports to the

triggering computer.

While port forwarding creates a static mapping of a port number or range to a single local

computer, port triggering can dynamically open ports to any computer that needs them and

can close the ports when they are no longer needed.

Note:

If you use applications such as multiplayer gaming, peer-to-peer

connections, real-time communications such as instant messaging,

or remote assistance (a feature in Windows XP), you should also

enable Universal Plug and Play (UPnP).

To configure port triggering, you need to know which inbound ports the application needs.

Also, you need to know the number of the outbound port that will trigger the opening of the

inbound ports. You can usually determine this information by contacting the publisher of the

application or user groups or newsgroups.



To set up port triggering:

1.

Select

Content Filtering > Port Forwarding/Port Triggering

to display the following

screen:

Downloaded from

www.Manualslib.com

manuals search engine

Security Settings

57

N600 Wireless Dual Band Gigabit ADSL2+ Modem Router DGND3700

2.

Select the

Port Triggering

radio button to display the port triggering information.

Figure 24.

Set up port triggering

3.

Clear the

Disable Port Triggering

check box.

Note:

If the Disable Port Triggering check box is selected after you

configure port triggering, port triggering is disabled. However, any

port triggering configuration information you added to the router is

retained even though it is not used.

4.

In the

Port Triggering Timeout

field, enter a value up to 9999 minutes. This value controls

the inactivity timer for the designated inbound ports. The inbound ports close when the

inactivity time expires. This is required because the router cannot be sure when the

application has terminated.

5.

Click

Add Service

.

Figure 25.

Add a service for port triggering

6.

In the

Service Name

field, type a descriptive service name.

7.

In the

Service User

field, select

Any

(the default) to allow this service to be used by any

computer on the Internet. Otherwise, select

Single address

, and enter the IP address of

one computer to restrict the service to a particular computer.

8.

Select the service type, either

TCP

or

UDP

or both (

TCP/UDP

). If you are not sure, select

TCP/UDP.

9.

In the

Triggering Port

field, enter the number of the outbound traffic port that will cause the

inbound ports to be opened.

Downloaded from

www.Manualslib.com

manuals search engine

Security Settings

58

N600 Wireless Dual Band Gigabit ADSL2+ Modem Router DGND3700

10.

Enter the inbound connection port information in the

Connection Type

,

Starting Port

, and

Ending Port

fields.

11.

Click

Apply

. The service appears in the Port Triggering Portmap table.

Configure Services

Services are functions performed by server computers at the request of client computers. For

example, web servers serve web pages, time servers serve time and date information, and

game hosts serve data about other players’ moves. When a computer on the Internet sends a

request for service to a server computer, the requested service is identified by a service or

port number. This number appears as the destination port number in the transmitted IP

packets. For example, a packet that is sent with destination port number 80 is an HTTP (web

server) request.

The service numbers for many common protocols are defined by the Internet Engineering

Task Force (IETF at

) and published in RFC1700, “Assigned Numbers.”

Service numbers for other applications are typically chosen from the range 1024 to 65535 by

the authors of the application. Although the wireless modem router already holds a list of

many service port numbers, you are not limited to these choices.



To create your own service definitions:

1.

Select

Content Filtering > Services

to display the following screen:

Figure 26.

Services screen

•

To create a new service, click the

Add Custom Service

button to display the Add

Services screen.

•

To edit a service, select its button on the left side of the table, and click

Edit Service

.

•

To delete a service, select its button on the left side of the table, and click

Delete

Service

.

2.

Use the following screen to define or edit a service.

Figure 27.

Add Services screen

•

Name

. Enter a meaningful name for the service.

Downloaded from

www.Manualslib.com

manuals search engine

Security Settings

59

N600 Wireless Dual Band Gigabit ADSL2+ Modem Router DGND3700

•

Type

. Select the correct type for this service. If in doubt, select

TCP/UDP

. The options

are TCP, UDP, TCP/UDP.

•

Start Port

and

End Port

. If a port range is required, enter the range here. If a single

port is required, enter the same value in both fields.

3.

Click

Apply

to save your changes.

Set the Time Zone

The wireless modem router uses the Network Time Protocol (NTP) to obtain the current time

and date from one of several network time servers on the Internet.



To set the time zone:

1.

Select

Content Filtering > Schedule

to display the following screen:

Figure 28.

Schedule screen

2.

Select your time zone. This setting determines the blocking schedule and time-stamping of

log entries.

3.

If your time zone is in daylight savings time, select the

Adjust for Daylight Savings Time

check box to add one hour to standard time.

Note:

If your region uses daylight savings time, select Adjust for Daylight

Savings Time on the first day and clear it after the last day.

4.

The wireless modem router has a list of NETGEAR NTP servers. If you would prefer to use

a particular NTP server as the primary server, select the

Use this NTP Server

check box,

and enter its IP address.

5.

Click

Apply

to save your settings.

Downloaded from

www.Manualslib.com

manuals search engine

Security Settings

60

N600 Wireless Dual Band Gigabit ADSL2+ Modem Router DGND3700

Schedule Firewall Services

If you enabled services blocking in the Block Services screen or port forwarding in the Port

Forwarding/Port Triggering screen, you can set up a schedule for when blocking occurs or

when access is not restricted.



To schedule firewall services:

1.

Select

Content Filtering > Schedule

to display the following screen:

Figure 29.

Schedule screen

2.

To block Internet services based on a schedule, select

Every Day

, or select one or more

days. If you want to limit access completely for the selected days, select

All Day

. Otherwise,

to limit access during certain times for the selected days, enter times in the

Start Time

and

End Time

fields.

Note:

Enter the values in 24-hour time format. For example, 10:30 a.m.

would be 10 hours and 30 minutes, and 10:30 p.m. would be 22

hours and 30 minutes. If you set the start time after the end time, the

schedule is effective through midnight the next day.

3.

Click

Apply

to save your settings.

Enable Security Event Email Notification

To receive logs and alerts by email, provide your email information in the E-mail screen, and

specify which alerts you want to receive and how often.

Downloaded from

www.Manualslib.com

manuals search engine