Support User Manuals

NETGEAR FVS318 Router User Manual

Open as PDF

of 138

Reference Manual for the Model FVS318 Cable/DSL ProSafe VPN Firewall

Advanced Configuration 8-3

When a remote computer on the Internet wants to access a service at your IP address, the requested

service is identified by a port number in the incoming IP packets. For example, a packet that is sent

to the external IP address of your firewall and destined for port number 80 is an HTTP (Web

server) request. Many service port numbers are already defined in a Services/Games list in the

Ports menu, although you are not limited to these choices. See IETF RFC1700, “Assigned

Numbers,” for port numbers for common protocols. Use the Ports menu to configure the firewall

to forward incoming traffic to IP addresses on your local network based on the port number..

Remember that port forwarding opens holes in your firewall. Only enable those ports that are

necessary for your network.

Default DMZ Server

Incoming traffic from the Internet is normally discarded by the firewall unless the traffic is a

response to one of your local computers or a service that you have configured in the Ports menu.

Instead of discarding this traffic, you can have it forwarded to one computer on your network. This

computer is called the Default DMZ Server.

The Default DMZ Server feature is helpful when using some online games and videoconferencing

applications that are incompatible with NAT. The firewall is programmed to recognize some of

these applications and to work properly with them, but there are other applications that may not

function well. In some cases, one local PC can run the application properly if that PC’s IP address

is entered as the Default DMZ Server..

To assign a computer or server to be a Default DMZ server:

1. Click Default DMZ Server.

2. Type the IP address for that server.

3. Click Apply.

Note: Some residential broadband ISP accounts do not allow you to run any server

processes (such as a Web or FTP server) from your location. Your ISP may periodically

check for servers and may suspend your account if it discovers any active services at

your location. If you are unsure, refer to the Acceptable Use Policy of your ISP.

Note: For security, you should avoid using the Default DMZ Server feature. When a

computer is designated as the Default DMZ Server, it loses much of the protection of the

firewall, and is exposed to many exploits from the Internet. If compromised, the

computer can be used to attack your network.

previous next