Advanced Configuration

6-1

202-10090-01, April 2005

Chapter 6

Advanced Configuration

This chapter describes how to configure the advanced features of your WGT624 v3 108 Mbps

Wireless Firewall Router. These features can be found under the Advanced heading in the Main

Menu of the browser interface.

Configuring Port Forwarding to Local Servers

Although the router causes your entire local network to appear as a single machine to the Internet,

you can make a local server (for example, a web server or game server) visible and available to the

Internet. This is done using the Port Forwarding menu. From the Main Menu of the browser

interface, under Advanced, click on Port Forwarding to view the port forwarding menu, shown

below.

Figure 6-1:

Port Forwarding Menu

.

Note:

If you are unfamiliar with networking and routing, refer to

Appendix B,

“Network, Routing, Firewall, and Basics

,” to become more familiar with the terms and

procedures used in this manual.

Reference Manual for the 108 Mbps Wireless Firewall Router WGT624 v3

6-2

Advanced Configuration

202-10090-01, April 2005

Use the Port Forwarding menu to configure the router to forward incoming protocols to computers

on your local network. In addition to servers for specific applications, you can also specify a

Default DMZ Server to which all other incoming protocols are forwarded. The DMZ Server is

configured in the WAN Setup Menu.

Before starting, you'll need to determine which type of service, application or game you'll provide

and the IP address of the computer that will provide each service. Be sure the computer’s IP

address never changes. To configure port forwarding to a local server:

1.

From the Service Name box, select the service or game that you will host on your network.

If the service does not appear in the list, refer to the following section, “

Adding a Port

Forwarding Custom Service

”.

2.

Enter the IP address of the local server in the corresponding Server IP Address box.

3.

Click the Add button.

Adding a Port Forwarding Custom Service

To define a service, game or application that does not appear in the Service Name list, you must

determine what port numbers are used by the service. For this information, you may need to

contact the manufacturer of the program that you wish to use. When you have the port number

information, follow these steps:

1.

Click the Add Custom Service button.

2.

Enter the first port number in an unused Starting Port box.

3.

To forward only one port, enter it again in the Ending Port box. To specify a range of ports,

enter the last port to be forwarded in the End Port box.

4.

Enter the IP address of the local server in the corresponding Server IP Address box.

5.

Type a name for the service.

6.

Click Apply at the bottom of the menu.

Editing or Deleting a Port Forwarding Entry

To edit or delete a Port Forwarding entry, follow these steps.

1.

In the table, select the button next to the service name.

2.

Click Edit or Delete.

Reference Manual for the 108 Mbps Wireless Firewall Router WGT624 v3

Advanced Configuration

6-3

202-10090-01, April 2005

Local Web and FTP Server Example

If a local PC with a private IP address of 192.168.1.33 acts as a web and FTP server, configure the

Ports menu to forward HTTP (port 80) and FTP (port 21) to local address 192.168.1.33

In order for a remote user to access this server from the Internet, the remote user must know the IP

address that has been assigned by your ISP. If this address is 172.16.1.23, for example, an Internet

user can access your web server by directing the browser to http://172.16.1.23. The assigned IP

address can be found in the Maintenance Status Menu, where it is shown as the WAN IP Address.

Some considerations for this application are:

•

If your account’s IP address is assigned dynamically by your ISP, the IP address may change

periodically as the DHCP lease expires.

•

If the IP address of the local PC is assigned by DHCP, it may change when the PC is rebooted.

To avoid this, you can manually configure the PC to use a fixed address.

•

Local PCs must access the local server using the PCs’ local LAN address (192.168.1.33 in this

example). Attempts by local PCs to access the server using the external IP address

(172.16.1.23 in this example) will fail.

Multiple Computers for Half Life, KALI or Quake III Example

To set up an additional computer to play Half Life, KALI or Quake III:

1.

Click the button of an unused port in the table.

2.

Select the game again from the Service Name list.

3.

Change the beginning port number in the Start Port box.

For these games, use the supplied number in the default listing and add +1 for each additional

computer. For example, if you've already configured one computer to play Hexen II (using

port 26900), the second computer's port number would be 26901, and the third computer

would be 26902.

4.

Type the same port number in the End Port box that you typed in the Start Port box.

5.

Type the IP address of the additional computer in the Server IP Address box.

6.

Click Apply.

Reference Manual for the 108 Mbps Wireless Firewall Router WGT624 v3

6-4

Advanced Configuration

202-10090-01, April 2005

Some online games and videoconferencing applications are incompatible with NAT. The

WGT624 v3 wireless router is programmed to recognize some of these applications and to work

properly with them, but there are other applications that may not function well. In some cases, one

local PC can run the application properly if that PC’s IP address is entered as the default in the

PORTS Menu. If one local PC acts as a game or videoconferencing host, enter its IP address as the

default.

Using Port Triggering

Port Triggering is an advanced feature that allows you to dynamically open inbound ports on the

basis of outbound traffic on different ports. This is an advanced feature that can be used for gaming

and other Internet applications.

Port Forwarding can typically be used to enable similar functionality, but it is static and has some

limitations. Ports will be open to traffic from the Internet until the port forwarding rule is removed.

Additionally, port forwarding does not work well for some applications when your WAN IP

address is assigned by DHCP, and is changed frequently. Port Triggering opens an incoming port

temporarily and does not require the server on the Internet to track your IP address if it is changed.

Port Triggering monitors outbound traffic. When the gateway detects traffic on the specified

outbound port, it remembers the IP address of the computer that sent the data and “triggers” the

incoming port. Incoming traffic on the triggered port is then forwarded to the triggering computer.

Once configured, operation is as follows:

•

A PC makes an outgoing connection using a port number defined in the Port Triggering table.

•

This Router records this connection, opens the INCOMING port or ports associated with this

entry in the Port Triggering table, and associates them with the PC.

•

The remote system receives the PCs request, and responds using a different port number.

•

This Router matches the response to the previous request, and forwards the response to the PC.

•

(Without Port Triggering, this response would be treated as a new connection request rather

than a response. As such, it would be handled in accordance with the Port Forwarding rules.)

Note:

Only 1 PC can use a "Port Triggering" application at any time.

After a PC has finished using a "Port Triggering" application, there is a "Time-out" period before

the application can be used by another PC. This is required because this Router cannot be sure

when the application has terminated.

Reference Manual for the 108 Mbps Wireless Firewall Router WGT624 v3

Advanced Configuration

6-5

202-10090-01, April 2005

Port Triggering Rules Menu

The Port Triggering Rules Menu lists the current rules:

•

Enable - Indicates if the rule is enabled or disabled. Generally, there is no need to disable a rule

unless it interferes with some other function, such as Port Forwarding.

•

Name - The name for this rule.

•

Outgoing Ports - The port or port range for outgoing traffic. An outgoing connection using one

of these ports will "Trigger" this rule.

•

Incoming Ports - The port or port range used by the remote system when it responds to the

outgoing request. A response using one of these ports will be forwarded to the PC which

triggered this rule.

Figure 6-2:

Port Triggering screens

Adding a new Rule

To add a new rule, click the Add and enter the following data on the resulting screen.

•

Name - enter a suitable name for this rule (e.g. the name of the application)

•

Enable/Disable - select the desired option.

•

Outgoing (Trigger) Port Range - enter the range of port numbers used by the application when

it generates an outgoing request.