Netgear orporated 10400153 N300 Wireless Gigabit Router User Manual FullManual

Netgear Incorporated N300 Wireless Gigabit Router FullManual

User Manual

202-10832-01 April 2011v1.0NETGEAR, Inc.
iiv1.0, April 2011© 2011 by NETGEAR, Inc. All rights reserved.Product Registration, Support, and DocumentationRegister your product at http://www.netgear.com/register. Registration is required before you can use our telephone support service. Product updates and Web support are always available at http://www.netgear.com/support.Setup documentation is available on the CD, on the support website, and on the documentation website. When the wireless router is connected to the Internet, click the Knowledge Base or the Documentation link under Web Support on the main menu to view support information.TrademarksNETGEAR and the NETGEAR logo are registered trademarks, and RangeMax and Smart Wizard are trademarks of NETGEAR. Inc. in the United States and/or other countries. Microsoft, Windows, and Windows NT are registered trademarks and Windows Vista is a trademark of Microsoft Corporation. Other brand and product names are registered trademarks or trademarks of their respective holders.Statement of ConditionsIn the interest of improving internal design, operational function, and/or reliability, NETGEAR reserves the right to make changes to the products described in this document without notice.NETGEAR does not assume any liability that may occur due to the use or application of the product(s) or circuit layout(s) described herein.Certificate of the Manufacturer/ImporterIt is hereby certified that the N300 Wireless Gigabit Router WNR3500Lv2 has been suppressed in accordance with the conditions set out in the BMPT-AmtsblVfg 243/1991 and Vfg 46/1992. The operation of some equipment (for example, test transmitters) in accordance with the regulations may, however, be subject to certain restrictions. Please refer to the notes in the operating instructions. Federal Office for Telecommunications Approvals has been notified of the placing of this equipment on the market and has been granted the right to test the series for compliance with the regulations. Bestätigung des Herstellers/ImporteursEs wird hiermit bestätigt, daß das N300 Wireless Gigabit Router WNR3500Lv2 gemäß der im BMPT-AmtsblVfg 243/1991 und Vfg 46/1992 aufgeführten Bestimmungen entstört ist. Das vorschriftsmäßige Betreiben einiger Geräte (z.B. Testsender) kann jedoch gewissen Beschränkungen unterliegen. Lesen Sie dazu bitte die Anmerkungen in der Betriebsanleitung.Das Bundesamt für Zulassungen in der Telekommunikation wurde davon unterrichtet, daß dieses Gerät auf den Markt gebracht wurde und es ist berechtigt, die Serie auf die Erfüllung der Vorschriften hin zu überprüfen.Regulatory Compliance InformationThis section includes user requirements for operating this product in accordance with National laws for usage of radio spectrum and operation of radio devices. Failure of the end-user to comply with the applicable requirements may result in unlawful operation and adverse action against the end-user by the applicable National regulatory authority.
v1.0, April 2011iiiNOTE: This product's firmware limits operation to only the channels allowed in a particular Region or Country. Therefore, all options described in this user's guide may not be available in your version of the product.Europe – EU Declaration of Conformity Marking by the above symbol indicates compliance with the Essential Requirements of the R&TTE Directive of the European Union (1999/5/EC). This equipment meets the following conformance standards:EN300 328, EN301 489-17, EN60950A printed copy of the EU Declaration of Conformity certificate for this product is provided in the WNR3500Lv2 product package. Europe – Declaration of Conformity in Languages of the European CommunityCesky [Czech] NETGEAR Inc. tímto prohlašuje, že tento Radiolan je ve shode se základními požadavky a dalšími príslušnými ustanoveními smernice 1999/5/ES.Dansk [Danish]Undertegnede NETGEAR Inc. erklærer herved, at følgende udstyr Radiolan overholder de væsentlige krav og øvrige relevante krav i direktiv 1999/5/EF.Deutsch [German]Hiermit erklärt NETGEAR Inc., dass sich das Gerät Radiolan in Übereinstimmung mit den grundlegenden Anforderungen und den übrigen einschlägigen Bestimmungen der Richtlinie 1999/5/EG befindet.Eesti [Estonian]Käesolevaga kinnitab NETGEAR Inc. seadme Radiolan vastavust direktiivi 1999/5/EÜ põhinõuetele ja nimetatud direktiivist tulenevatele teistele asjakohastele sätetele.English Hereby, NETGEAR Inc., declares that this Radiolan is in compliance with the essential requirements and other relevant provisions of Directive 1999/5/EC.Español [Spanish]Por medio de la presente NETGEAR Inc. declara que el Radiolan cumple con los requisitos esenciales y cualesquiera otras disposiciones aplicables o exigibles de la Directiva 1999/5/CE.ζζηνδεή [Greek]Μ ΣΗΝ ΠΑΡΟΤ΢Α NETGEAR Inc. ΗΛΩΝΙ ΟΣΙ Radiolan ΢ΤΜΜΟΡΦΩΝΣΑΙ ΠΡΟ΢ ΣΙ΢ ΟΤ΢ΙΩΙ΢ ΑΠΑΙΣΗ΢Ι΢ ΚΑΙ ΣΙ΢ ΛΟΙΠ΢ ΢ΧΣΙΚ΢ ΙΑΣΑΞΙ΢ ΣΗ΢ ΟΗΓΙΑ΢ 1999/5/Κ.Français [French]Par la présente NETGEAR Inc. déclare que l'appareil Radiolan est conforme aux exigences essentielles et aux autres dispositions pertinentes de la directive 1999/5/CE.Italiano [Italian] Con la presente NETGEAR Inc. dichiara che questo Radiolan è conforme ai requisiti essenziali ed alle altre disposizioni pertinenti stabilite dalla direttiva 1999/5/CE.Latviski [Latvian]Ar šo NETGEAR Inc. deklarē, ka Radiolan atbilst Direktīvas 1999/5/EK būtiskajām prasībām un citiem ar to saistītajiem noteikumiem.Lietuvių [Lithuanian] Šiuo NETGEAR Inc. deklaruoja, kad šis Radiolan atitinka esminius reikalavimus ir kitas 1999/5/EB Direktyvos nuostatas.
v1.0, April 2011ivFCC Requirements for Operation in the United States FCC Information to UserThis product does not contain any user serviceable components and is to be used with approved antennas only. Any product changes or modifications will invalidate all applicable regulatory certifications and approvals.FCC Guidelines for Human ExposureThis equipment complies with FCC radiation exposure limits set forth for an uncontrolled environment. This equipment should be installed and operated with minimum distance of 20 cm between the radiator and your body. This transmitter must not be co-located or operating in conjunction with any other antenna or transmitter. Nederlands [Dutch]Hierbij verklaart NETGEAR Inc. dat het toestel Radiolan in overeenstemming is met de essentiële eisen en de andere relevante bepalingen van richtlijn 1999/5/EG.Malti [Maltese] Hawnhekk, NETGEAR Inc., jiddikjara li dan Radiolan jikkonforma mal-htigijiet essenzjali u ma provvedimenti ohrajn relevanti li hemm fid-Dirrettiva 1999/5/EC.Magyar [Hungarian]Alulírott, NETGEAR Inc. nyilatkozom, hogy a Radiolan megfelel a vonatkozó alapvetõ követelményeknek és az 1999/5/EC irányelv egyéb elõírásainak.Polski [Polish] Niniejszym NETGEAR Inc. oświadcza, że Radiolan jest zgodny z zasadniczymi wymogami oraz pozostałymi stosownymi postanowieniami Dyrektywy 1999/5/EC.Português [Portuguese]NETGEAR Inc. declara que este Radiolan está conforme com os requisitos essenciais e outras disposições da Directiva 1999/5/CE.Slovensko [Slovenian]NETGEAR Inc. izjavlja, da je ta Radiolan v skladu z bistvenimi zahtevami in ostalimi relevantnimi določili direktive 1999/5/ES.Slovensky [Slovak]NETGEAR Inc. týmto vyhlasuje, _e Radiolan spĺňa základné po_iadavky a všetky príslušné ustanovenia Smernice 1999/5/ES.Suomi [Finnish]NETGEAR Inc. vakuuttaa täten että Radiolan tyyppinen laite on direktiivin 1999/5/EY oleellisten vaatimusten ja sitä koskevien direktiivin muiden ehtojen mukainen.Svenska [Swedish]Härmed intygar NETGEAR Inc. att denna Radiolan står I överensstämmelse med de väsentliga egenskapskrav och övriga relevanta bestämmelser som framgår av direktiv 1999/5/EG.Íslenska [Icelandic]Hér með lýsir NETGEAR Inc. yfir því að Radiolan er í samræmi við grunnkröfur og aðrar kröfur, sem gerðar eru í tilskipun 1999/5/EC.Norsk [Norwegian]NETGEAR Inc. erklærer herved at utstyret Radiolan er i samsvar med de grunnleggende krav og øvrige relevante krav i direktiv 1999/5/EF.
v1.0, April 2011
IndustryCanadaStatementThisClassBdigitalapparatuscomplieswithCanadianICES‐003.Operationissubjecttothefollowingtwoconditions:(1)thisdevicemaynotcauseinterference,and(2)thisdevicemustacceptanyinterference,includinginterferencethatmaycauseundesiredoperationofthedevice.ForproductavailableintheUSA/Canadamarket,onlychannel1~11canbeoperated.Selectionofotherchannelsisnotpossible.Toreducepotentialradiointerferencetootherusers,theantennatypeanditsgainshouldbesochosenthattheequivalentisotropicallyradiatedpower(e.i.r.p)isnotmorethanthatpermittedforsuccessfulcommunication.Thedevicecouldautomaticallydiscontinuetransmissionincaseofabsenceofinformationtotransmit,oroperationalfailure.Notethatthisisnotintendedtoprohibittransmissionofcontrolorsignalinginformationortheuseofrepetitivecodeswhererequiredbythetechnology.IMPORTANTNOTE:ICRadiationExposureStatement:ThisequipmentcomplieswithICRSS‐102radiationexposurelimitssetforthforanuncontrolledenvironment.Thisequipmentshouldbeinstalledandoperatedwithminimumdistance20cmbetweentheradiator&yourbody.ICDéclarationSonfonctionnementestsoumisauxdeuxconditionssuivantes:(1)cetappareilnepeutpasprovoquerd'interfǪrenceset(2)cetappareildoitacceptertouteinterfǪrence,ycomprislesinterfǪrencesquipeuventcauserunmauvaisfonctionnementdudispositif.CetappareilnumǪriquedelaclasseBconformeǢlanormeNMB‐003duCanada.PourlesproduitsdisponiblesauxÉtats‐Unis/CanadadumarchǪ,seullecanal1ǡ11peuventǫtreexploitǪs.SǪlectiond'autrescanauxn'estpaspossible.DanslebutderǪduirelesrisquesdebrouillageradioǪlectriqueǡl'intentiondesautresutilisateurs,ilfautchoisirletyped'antenneetsongaindesortequelapuissanceisotroperayonnǪeǪquivalente(p.i.r.e.)nedǪpassepasl'intensitǪnǪcessaireǡl'Ǫtablissementd'unecommunicationsatisfaisante.Ledispositifpourraitautomatiquementcesserd'émettreencasd'absenced'informationsàtransmettre,ouunedéfaillanceopérationnelle.Notezquecen'estpasl'intentiond'interdirelatransmissiondesinformationsdecontrôleoudesignalisationoul'utilisationdecodesrépétitifslorsquerequisparlatechnologie.Cetéquipementestconformeàl'expositionauxrayonnementsICRSS‐102deslimitesdéfiniespourunenvironnementnoncontrôlé.Cetéquipementdoitêtreinstalléetutiliséavecunminimumde20cmdedistanceentreleradiateuretvotrecorps.
v1.0, April 2011viProduct and Publication DetailsModel Number: WNR3500Lv2Publication Date: April 2011Product Family: Wireless RouterProduct Name: N300 Wireless Gigabit Router WNR3500Lv2Home or Business Product: HomeLanguage: EnglishPublication Part Number: 202-10832-01
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Contents vii
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Contents viiiv1.0, April 2011Chapter 3 Protecting Your NetworkProtecting Access to Your WNR3500v2 Router .............................................................3-1Changing the Built-In Password ...............................................................................3-2Restricting Access by MAC Address ..............................................................................3-3Blocking Access to Internet Sites ...................................................................................3-4Blocking Access to Internet Services .............................................................................3-6Configuring a User-Defined Service .........................................................................3-7Scheduling Blocking .......................................................................................................3-8Viewing Logs of Web Access or Attempted Web Access ...............................................3-9Configuring E-mail Alert and Web Access Log Notifications ........................................3-10Setting the Time ............................................................................................................ 3-11Chapter 4 Using Network Monitoring ToolsUpgrading the Router Firmware .....................................................................................4-1Upgrading Automatically to New Router Software ...................................................4-3Upgrading Manually to New Router Software ..........................................................4-3Viewing Wireless Router Status Information ...................................................................4-4Viewing a List of Attached Devices .................................................................................4-9Managing the Configuration File .....................................................................................4-9Backing Up and Restoring the Configuration .........................................................4-10Erasing the Configuration ....................................................................................... 4-11Enabling Remote Management Access ....................................................................... 4-11Chapter 5 Customizing Your Network SettingsUsing the LAN IP Setup Options ....................................................................................5-1Using the Router as a DHCP Server ........................................................................5-4Using Address Reservation ......................................................................................5-4Using a Dynamic DNS Service .......................................................................................5-5Configuring the WAN Setup Options ..............................................................................5-7Setting Up a Default DMZ Server .............................................................................5-8Configuring Static Routes ...............................................................................................5-9Allowing Inbound Connections to Your Network ........................................................... 5-11How Your Computer Accesses a Remote Computer through Your Router ............ 5-11How Port Triggering Changes the Communication Process ..................................5-13
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Contents ixv1.0, April 2011How Port Forwarding Changes the Communication Process ................................5-14How Port Forwarding Differs from Port Triggering .................................................5-15Configuring Port Forwarding to Local Servers ..............................................................5-16Adding a Custom Service .......................................................................................5-17Editing or Deleting a Port Forwarding Entry ...........................................................5-18Configuring Port Triggering ...........................................................................................5-18Wireless Repeating (Also Called WDS) .......................................................................5-21Wireless Repeating Function .................................................................................5-22Setting Up the Base Station ...................................................................................5-23Setting Up a Repeater Unit ....................................................................................5-24Chapter 6 Fine-Tuning Your NetworkAssessing Your Speed Requirements ............................................................................6-2Optimizing Your Network Bandwidth ..............................................................................6-3Optimizing Wireless Performance ..................................................................................6-5Changing the MTU Size .................................................................................................6-6Quality of Service ...........................................................................................................6-7Using WMM QoS for Wireless Multimedia Applications ...........................................6-8Configuring QoS for Internet Access ........................................................................6-8Using Universal Plug and Play .....................................................................................6-13Chapter 7 USB StorageUSB Drive Requirements ...............................................................................................7-1File Sharing Scenarios ...................................................................................................7-2USB Storage Basic Settings ...........................................................................................7-4Editing a Network Folder ..........................................................................................7-6Configuring USB Storage Advanced Settings ................................................................7-7Creating a Network Folder .......................................................................................7-9ReadyShare Access .....................................................................................................7-10Unmounting a USB Drive .............................................................................................7-10Specifying Approved USB Devices ............................................................................... 7-11Connecting to the USB Drive from a Remote Computer ..............................................7-12Locating the Internet Port IP Address ....................................................................7-12Accessing the Router’s USB Drive Remotely Using FTP ......................................7-12
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Contents xv1.0, April 2011Connecting to the USB Drive with Microsoft Network Settings ....................................7-12Enabling File and Printer Sharing ..........................................................................7-13Chapter 8 TroubleshootingQuick Tips .......................................................................................................................8-1Troubleshooting Basic Functions ....................................................................................8-3Cannot Access the Router Main Menu ...........................................................................8-5Cannot Access the Internet ............................................................................................8-6Troubleshooting a Network Using the Ping Utility ...........................................................8-8Testing the LAN Path to Your Router .......................................................................8-8Testing the Path from Your Computer to a Remote Device .....................................8-9Problems with Date and Time .......................................................................................8-10Wireless Connectivity ...................................................................................................8-10Using Your Wireless Card Setup Program ............................................................. 8-11Setting Up and Testing Basic Wireless Connectivity .............................................. 8-11Restoring the Default Configuration and Password ......................................................8-14Appendix A Default Configuration and Technical SpecificationsTechnical Specifications ................................................................................................. A-3Appendix B Related DocumentsIndex
1-1v1.0, April 2011Chapter 1Configuring Your Internet ConnectionThis chapter describes how to configure your WNR3500Lv2 router Internet connection. When you install your wireless router, these settings are configured automatically for you. This chapter provides instructions on how to log in to the wireless router for further configuration.This chapter includes the following sections:•“Logging In to Your Wireless Router” on page 1-2•“Using the Setup Wizard” on page 1-5•“Using the Setup Wizard” on page 1-5•“Viewing or Manually Configuring Your ISP Settings” on page 1-5Logging In to Your Wireless Router You can log in to the wireless router to view or change its settings. Note: NETGEAR recommends using the Smart Wizard™ on the Resource CD for initial configuration, as described in the NETGEAR Wireless Router Setup Manual.Note: Your computer must be configured for DHCP. For help with configuring DHCP, see the documentation that came with your computer or see the link to the online document in “Preparing Your Network” in Appendix B.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Configuring Your Internet Connection 1-2v1.0, April 2011To log in to the wireless router:1. Connect to the wireless router by typing http://www.routerlogin.net or the router’s LAN IP address (the default is 192.168.1.1) in the address field of your browser, and then press Enter. A login window opens:2. Enter admin for the router user name and your password (or the default, password). For information about how to change the password, see “Changing the Built-In Password” on page 3-2.Figure 1-1Tip: You can connect to the wireless router by typing either of these URLs in the address field of your browser, and then pressing Enter:•http://www.routerlogin.net•http://www.routerlogin.comIf these URLs do not work, you must type the IP address of the router, for example, http://www.192.168.1.1.Note: The router user name and password are not the same as any other user name or password you might use to log in to your Internet connection.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Configuring Your Internet Connection 1-3v1.0, April 2011The Checking for Firmware Updates screen displays unless you previously cleared the Check for Updated Firmware Upon Log-in check box.If the router discovers a newer version of software, you are asked if you want to upgrade to the new software (see “Upgrading the Router Firmware” on page 4-1 for details). If no new firmware is available, the following message displays.3. The Basic Settings screen displays showing the wireless router’s settings.Figure 1-2Figure 1-3
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Configuring Your Internet Connection 1-4v1.0, April 2011If the wireless router is connected to the Internet, you can select Knowledge Base or Documentation under Web Support in the main menu to view support information or the documentation for the wireless router.If you do not click Logout, the wireless router will wait for 5 minutes after no activity before it automatically logs you out.Figure 1-4Note: If the Check for New Version Upon Log-in check box is selected, the home page is the Router Upgrade screen. Otherwise, it is the Basic Settings screen.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Configuring Your Internet Connection 1-5v1.0, April 2011Using the Setup WizardYou can manually configure your Internet connection using the Basic Settings screen, or you can allow the Setup Wizard to determine your Internet Service Provider (ISP) configuration.The Setup Wizard searches your Internet connection for servers and protocols to determine your ISP configuration. This feature is not the same as the Smart Wizard on the Resource CD. To use the Setup Wizard to assist with configuration or to verify the Internet connection settings:1. From the main menu, select Setup Wizard.2. Click Next to proceed. Enter your ISP settings, as needed.3. At the end of the Setup Wizard, click Test to verify your Internet connection. If you have trouble connecting to the Internet, see Chapter 8, “Troubleshooting.”Viewing or Manually Configuring Your ISP SettingsTo view or configure the basic settings: 1. Log in to the wireless router as described in “Logging In to Your Wireless Router” on page 1-2.The Basic Settings screen displays (described in Table 1-1 on page 1-7).2. Select Ye s or No depending on whether your ISP requires a login. This selection changes the fields available on the Basic Settings screen.•Yes . If your ISP requires a login, select the encapsulation method. Enter the login name. If you want to change the login time-out, enter a new value in minutes.•No. If your ISP does not require a login, enter the account name, if required, and the domain name, if required.3. Enter the settings for the IP address and DNS server. If you enter or change a DNS address, restart the computers on your network so that these settings take effect.4. If no login is required, you can specify the MAC Address setting.5. Click Apply to save your settings.6. Click Test to test your Internet connection. If the NETGEAR website does not appear within one minute, refer to Chapter 8, “Troubleshooting.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Configuring Your Internet Connection 1-6v1.0, April 2011When your Internet connection is working you do not need to launch the ISP’s login program on your computer to access the Internet. When you start an Internet application, your wireless router automatically logs you inThe fields that are displayed depend on whether or not your Internet connection requires a login.The following table explains the fields in the Basic Settings screen.Figure 1-5ISP does not require login ISP does require login
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Configuring Your Internet Connection 1-7v1.0, April 2011Table 1-1. Basic Settings screen fields Settings DescriptionDoes Your ISP Require a Login? • Yes•NoThese fields appear only if no login is required.Account Name (If required)Enter the account name provided by your ISP. This might also be called the host name.Domain Name (If required)Enter the domain name provided by your ISP.These fields appear only if your ISP requires a login.Internet Service Provider • PPTP (Point to Point Tunneling Protocol). This is used primarily in Austrian DSL services.•Telstra Bigpond. This setting is only for older cable modem service accounts that still require a Bigpond Login utility. Telstra has discontinued this type of account. Those with Telstra DSL accounts and newer cable modem accounts should select No for Does Your Internet Connection Require A Login?.•Other. This is the default setting. It is for PPPoE (Point to Point Protocol over Ethernet), the protocol used by most DSL services worldwide.Login The login name provided by your ISP. This is often an e-mail address.Password The password that you use to log ISP.Service Name If your ISP provided a Service Name, enter it here. This field appears if the Internet Service Provider is defined as “Other” (PPPoE)Connection Mode Specify when the router will connect to and disconnect from the Internet.•Always On. The router logs in to the Internet immediately after booting and never disconnects.•Dial on Demand. The router logs in only when outgoing traffic is present and logs out after the idle time-out.•Manually Connect. The router logs in or logs out only when you click Connect or Disconnect in the Router Status screen.Idle Timeout (In minutes) If you want to change the Internet login time-out, enter a new value in minutes. This determines how long the wireless router keeps the Internet connection active after there is no Internet activity from the LAN. Entering an Idle Timeout value of 0 (zero) means never log out.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Configuring Your Internet Connection 1-8v1.0, April 2011Internet IP Address • Get Dynamically from ISP. Your ISP automatically assigns these addresses.•Use Static IP Address. Enter the IP address that your ISP assigned. Also enter the IP subnet mask and the gateway IP address. The gateway is the ISP’s gateway to which your wireless router will connect.Domain Name Server (DNS) Address The DNS server is used to look up site addresses based on their names. •Get Automatically from ISP. Your ISP automatically assigns this address. •Use These DNS Servers. If you know that your ISP does not automatically transmit DNS addresses to the wireless router during login, select this option, and enter the IP address of your ISP’s primary DNS server. If a secondary DNS server address is available, enter it also.This field appears if no login is required or the Internet Service Provider is not defined as “Other.”Router MAC Address The Ethernet MAC address that will be used by the wireless router on the Internet port. Some ISPs register the Ethernet MAC address of the network interface card in your computer when your account is first opened. They will then accept traffic only from the MAC address of that computer. This feature allows your wireless router to masquerade as that computer by “cloning” its MAC address. •Use Default Address. Use the default MAC address.•Use Computer MAC Address. The wireless router will capture and use the MAC address of the computer that you are now using. You must be using the one computer that is allowed by the ISP.•Use This MAC Address. Enter the MAC address that you want to use.Table 1-1. Basic Settings screen fields (continued)Settings Description
2-1v1.0, April 2011Chapter 2Safeguarding Your NetworkFor a wireless connection, the SSID, also called the wireless network name, and the wireless security setting must be the same for the wireless router and wireless computers or wireless adapters. NETGEAR strongly recommends that you use wireless security. This chapter includes:•“Planning Your Wireless Network”•“Manually Configuring Your Wireless Settings” on page 2-4•“Using Push ‘N’ Connect to Configure Your Wireless Network” on page 2-9•“Adding Both WPS-Capable Clients and Non-WPS-Capable Clients” on page 2-14•“Restricting Access to Your Router” on page 2-15Planning Your Wireless NetworkFor compliance and compatibility between similar products in your area, the operating channel and region must be set correctly. To configure the wireless network, you can either specify the wireless settings, or you can use Wi-Fi Protected Setup (WPS) to automatically set the SSID and implement WPA/WPA2 security.• To manually configure the wireless settings, you must know the following:– SSID. The default SSID for the wireless router is NETGEAR. – The wireless mode (802.11n, 802.11g, or 802.11b) that each wireless adapter supports.– Wireless security option. To successfully implement wireless security, check each wireless adapter to determine which wireless security option it supports. See “Manually Configuring Your Wireless Settings” on page 2-4.Warning: Computers can connect wirelessly at a range of several hundred feet. This can allow others outside of your immediate area to access your network.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Safeguarding Your Network 2-2v1.0, April 2011• Push 'N' Connect (WPS) automatically implements wireless security on the wireless router while, at the same time, allowing you to automatically implement wireless security on any WPS-enabled devices (such as wireless computers and wireless adapter cards). You activate WPS by pressing a WPS button on the wireless router, clicking an onscreen WPS button, or entering a PIN number. This generates a new SSID and implements WPA/WPA2 security.To set up your wireless network using the WPS feature:– Use the WPS button on the side of the wireless router (there is also an onscreen WPS button), or enter the PIN of the wireless device. – Make sure that all wireless computers and wireless adapters on the network are Wi-Fi certified and WPA or WPA 2 capable, and that they support WPS configuration.See “Using Push ‘N’ Connect to Configure Your Wireless Network” on page 2-9.Wireless Placement and Range GuidelinesThe range of your wireless connection can vary significantly based on the physical placement of the wireless router. The latency, data throughput performance, and notebook power consumption of wireless adapters also vary depending on your configuration choices.For best results, place your wireless router according to the following guidelines:• Near the center of the area in which your PCs will operate.• In an elevated location such as a high shelf where the wirelessly connected PCs have line-of-sight access (even if through walls).• Away from sources of interference, such as PCs, microwave ovens, and 2.4 GHz cordless phones.• Away from large metal surfaces.• If using multiple access points, it is better if adjacent access points use different radio frequency channels to reduce interference. The recommended channel spacing between adjacent access points is 5 channels (for example, use Channels 1 and 6, or 6 and 11).The time it takes to establish a wireless connection can vary depending on both your security settings and placement. Note: NETGEAR’s Push 'N' Connect feature is based on the Wi-Fi Protected Setup (WPS) standard (for more information, see http://www.wi-fi.org). All other Wi-Fi-certified and WPS-capable products should be compatible with NETGEAR products that implement Push 'N' Connect.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Safeguarding Your Network 2-3v1.0, April 2011Wireless Security OptionsComputers can connect over a 802.11g or 802.11n network at a range of up to 300 feet. Such distances can allow for others outside your immediate area to access your network.Unlike wired network data, your wireless data transmissions can extend beyond your walls and can be received by anyone with a compatible adapter. For this reason, use the security features of your wireless equipment. The WNR3500Lv2 router provides highly effective security features which are covered in detail in this chapter. Deploy the security features appropriate to your needs.There are several ways you can enhance the security of your wireless network:•WEP. Wired Equivalent Privacy (WEP) data encryption provides data security. WEP Shared Key authentication and WEP data encryption block all but the most determined eavesdropper. This data encryption mode has been superseded by WPA-PSK and WPA2-PSK.•WPA-PSK (TKIP), WPA2-PSK (AES). Wi-Fi Protected Access (WPA) using a pre-shared key to perform authentication and generate the initial data encryption keys. The very strong authentication along with dynamic per frame re-keying of WPA makes it virtually impossible to compromise. For more information about wireless technology, see the link to the online document in “Wireless Networking Basics” in Appendix B.Figure 2-11. Open system: Easy, butno security2. WEP: Security, but someperformance impact3. WPA-PSK: Strong security4. WPA-2-PSK: Very strong security
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Safeguarding Your Network 2-4v1.0, April 2011Manually Configuring Your Wireless SettingsYou can view or manually configure the wireless settings for the wireless router in the Wireless Settings screen. If you want to make changes, make sure to note the current settings first. To view or manually configure the wireless settings:1. Log in to the wireless router at its default LAN address of http://www.routerlogin.net with its default user name of admin, and default password of password, or using whatever user name, password, and LAN address you have chosen for the wireless router.2. Select Wireless Settings from the main menu to display the Wireless Settings screen:The settings for this screen are explained in Table 2-1.3. Select the region in which the wireless router will operate. 4. For initial configuration and test, leave the other settings unchanged. 5. To save your changes, click Apply.Note: If you use a wireless computer to change the wireless network name (SSID) or wireless security settings, you will be disconnected when you click Apply. To avoid this problem, use a computer with a wired connection to access the wireless router.Figure 2-2
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Safeguarding Your Network 2-5v1.0, April 20116. Configure and test your computers for wireless connectivity.Program the wireless adapter of your computers to have the same SSID and wireless security settings as your wireless router. Check that they have a wireless link and are able to obtain an IP address by DHCP from the wireless router. If there is interference, adjust the channel.Table 2-1. Wireless SettingsSettings DescriptionWireless NetworkName (SSID): The SSID is also known as the wireless network name. Enter a 32-character (maximum) name in this field. This field is case-sensitive. In a setting where there is more than one wireless network, different wireless network names provide a means for separating the traffic. Any device you want to participate in a wireless network must use the SSID.Region: The location where the router is used.Channel: The wireless channel used by the gateway. The default is Auto.Do not change the wireless channel unless you experience interference (shown by lost connections or slow data transfers). If this happens, you might need to experiment with different channels to see which is the best. Mode: The default is up to 145 Mbps, which allows 802.11n, 802.11g, and 802.11b wireless stations access.Security Options • None. You can use this setting to establish wireless connectivity before implementing wireless security. NETGEAR strongly recommends that you implement wireless security.•WEP (Wired Equivalent Privacy). Use encryption keys and data encryption for data security. You can select 64-bit or 128-bit encryption. See “Configuring WEP Wireless Security”.• WPA-PSK [TKIP] (WiFi Protected Access Pre-Shared Key). Allow only computers configured with WPA to connect to the wireless router. See “Configuring WPA, WPA2, or WPA/WPA2 Wireless Security”.• WPA2-PSK [AES] (Wi-Fi Protected Access with 2 Pre-Shared Keys). Allow only computers configured with WPA2 to connect to the wireless router. See “Configuring WPA, WPA2, or WPA/WPA2 Wireless Security”. •WPA-PSK [TKIP] + WPA2-PSK [AES]. Allow computers configured with either WPA-PSK or WPA2-PSK security to connect to the wireless router. See “Configuring WPA, WPA2, or WPA/WPA2 Wireless Security”.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Safeguarding Your Network 2-6v1.0, April 2011Configuring WEP Wireless SecurityTo configure WEP data encryption:1. Log in to the wireless router at its default LAN address of http://www.routerlogin.net with its default user name of admin, and default password of password, or using whatever user name, password, and LAN address you have chosen for the wireless router.2. From the main menu, select Wireless Settings to display the Wireless Settings screen.3. In the Security Options section, select the WEP (Wired Equivalent Privacy) radio button:4. Select the Authentication Type: Automatic or Shared Key. The default is Automatic.Note: If you use a wireless computer to configure wireless security settings, you will be disconnected when you click Apply. Reconfigure your wireless computer to match the new settings, or access the wireless router from a wired computer to make further changes.Figure 2-3Note: The authentication scheme is separate from the data encryption. If you require strong security, use both the Shared Key and WEP encryption settings.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Safeguarding Your Network 2-7v1.0, April 20115. Select the Encryption Strength setting:•WEP (Wired Equivalent Privacy) 64-bit encryption. Enter 10 hexadecimal digits (any combination of 0–9, a–f, or A–F).•WEP (Wired Equivalent Privacy) 128-bit encryption. Enter 26 hexadecimal digits (any combination of 0–9, a–f, or A–F).6. Enter the encryption keys. You can manually or automatically program the four data encryption keys. These values must be identical on all computers and Access Points in your network:•Passphrase. To use a passphrase to generate the keys, enter a passphrase, and click Generate. This automatically creates the keys. Wireless stations must use the passphrase or keys to access the wireless router. •Key 1 – Key 4. These values are not case-sensitive. You can manually enter the four data encryption keys. These values must be identical on all computers and access points in your network. Enter 10 hexadecimal digits (any combination of 0–9, a–f, or A–F) for WEP-64 and 26 hexadecimal digits for WEP-128.7. Select which of the four keys will be the default. Data transmissions are always encrypted using the default key. The other keys can be used only to decrypt received data. The four entries are disabled if WPA-PSK or WPA authentication is selected. 8. Click Apply to save your settings.Note: Not all wireless adapters support passphrase key generation.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Safeguarding Your Network 2-8v1.0, April 2011Configuring WPA, WPA2, or WPA/WPA2 Wireless SecurityTo set up wireless security, you can either manually configure it in the Wireless Settings screen, or you can use Wi-Fi Protected Setup (WPS) to automatically set the SSID and implement WPA/WPA2 security (see “Using Push ‘N’ Connect to Configure Your Wireless Network” on page 2-9. Both WPA and WPA2 provide strong data security. WPA with TKIP is a software implementation that can be used on Windows systems with Service Pack 2 or later; WPA2 with AES is a hardware implementation; see your device documentation before implementing it. Consult the product documentation for your wireless adapter for instructions for configuring WPA settings.To configure WPA or WPA2 in the wireless router:1. Log in to the wireless router at its default LAN address of http://www.routerlogin.net with its default user name of admin and default password of password, or using whatever user name, password, and LAN address you have chosen for the wireless router.2. Select Wireless Settings from the main menu. 3. On the Wireless Settings screen, select the radio button for the WPA or WPA2 option of your choice.Note: If you use a wireless computer to configure wireless security settings, you will be disconnected when you click Apply. If this happens, reconfigure your wireless computer to match the new settings, or access the wireless router from a wired computer to make further changes.Figure 2-4
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Safeguarding Your Network 2-9v1.0, April 20114. The settings displayed on the screen depend on which security option you select.5. For WPA-PSK or WPA2-PSK, enter the passphrase. 6. To save your settings, click Apply.Using Push ‘N’ Connect to Configure Your Wireless NetworkIf your wireless clients support Wi-Fi Protected Setup (WPS), you can use this feature to configure the wireless router’s SSID and security settings and, at the same time, connect the wireless client securely and easily to the wireless router. Look for the symbol on your client device (computers that will connect wirelessly to the wireless router are clients). WPS automatically configures the network name (SSID) and wireless security settings for the wireless router (if the wireless router is in its default state) and transmits these settings to the wireless client.Some considerations regarding WPS are:• WPS supports non-security, WPA-PSK, WPA2-PSK, and WEP with auto or open authentication. WEP with Shared Key authentication is not supported.• If your wireless network will include a combination of WPS capable devices and non-WPS capable devices, NETGEAR suggests that you set up your wireless network and security settings manually first, and use WPS only for adding additional WPS capable devices. See “Adding Both WPS-Capable Clients and Non-WPS-Capable Clients” on page 2-14.A WPS client can be added using the Push Button method or the PIN method.•Using the Push Button. This is the preferred method. See the following section, “Using the WPS Button to Configure Your Network and Add a Client”.•Entering a PIN. For information about using the PIN method, see “Using a PIN to Configure Your Network and Add a Client” on page 2-11.Note: NETGEAR’s Push 'N' Connect feature is based on the Wi-Fi Protected Setup (WPS) standard (for more information, see http://www.wi-fi.org). All other Wi-Fi-certified and WPS-capable products should be compatible with NETGEAR products that implement Push 'N' Connect.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Safeguarding Your Network 2-10v1.0, April 2011Using the WPS Button to Configure Your Network and Add a ClientAny wireless computer or wireless adapter that will connect to the wireless router wirelessly is a client. The client must support a WPS button, and must have a WPS configuration utility, such as the NETGEAR Smart Wizard or Atheros Jumpstart.To use the wireless router WPS button to add a WPS client: 1. Log in to the wireless router at its default LAN address of http://www.routerlogin.net with its default user name of admin and default password of password, or using whatever LAN address and password you have set up.2. On the wireless router main menu, select Add a WPS Client, and then click Next. The following screen displays:By default, the Push Button (recommended) radio button is selected.3. Either press the WPS button on the side of the wireless router, or click the onscreen button.The wireless router tries to communicate with the client for 2 minutes.4. Go to the client wireless computer, and run a WPS configuration utility. Follow the utility’s instructions to click a WPS button.5. Go back to the wireless router screen to check for a message.Figure 2-5WPS button
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Safeguarding Your Network 2-11v1.0, April 2011The wireless router WPS screen displays a message confirming that the client was added to the wireless network. The wireless router generates an SSID, and implements WPA/WPA2 wireless security if the wireless settings on the router are not configured. The wireless router will keep these wireless settings unless you change them, or you clear the Keep Existing Wireless Settings check box in the WPS Settings screen.6. Note the new SSID and WPA/WPA2 passphrase for the wireless network. You can view these settings on the Wireless Settings screen. See Step 3 of the “Configuring WPA, WPA2, or WPA/WPA2 Wireless Security” section.To access the Internet from any computer connected to your wireless router, launch a browser such as Microsoft Internet Explorer or Mozilla Firefox. You should see the wireless router’s Internet LED blink, indicating communication to the ISP.Using a PIN to Configure Your Network and Add a ClientAny wireless computer or wireless adapter that will connect to the wireless router wirelessly is a client. The client must support a WPS PIN, and must have a WPS configuration utility, such as the NETGEAR Smart Wizard or Atheros Jumpstart.The first time you add a WPS client, make sure that the Keep Existing Wireless Settings check box on the WPS Settings screen is cleared. This is the default setting for the wireless router, and allows it to generate the SSID and WPA/WPA2 security settings when it implements WPS. After WPS is implemented, the wireless router automatically selects this check box so that your SSID and wireless security settings remain the same if other WPS-enabled devices are added later.Figure 2-6Note: If no WPS-capable client devices are located during the 2-minute timeframe, the SSID and security settings will not be changed.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Safeguarding Your Network 2-12v1.0, April 2011To use a PIN to add a WPS client: 1. Log in to the wireless router at its default LAN address of http://www.routerlogin.net with its default user name of admin and default password of password, or using whatever LAN address and password you have set up.2. On the wireless router main menu, select Add a WPS Client (computers that will connect wirelessly to the wireless router are clients), and then click Next. The Add WPS Client screen displays:3. Select the PIN Number radio button.4. Go to the client wireless computer. Run a WPS configuration utility. Follow the utility’s instructions to generate a PIN. Take note of the client PIN.5. From the wireless router Add WPS Client screen, enter the client PIN number, and then click Next.• The wireless router tries to communicate with the client for 4 minutes.• The wireless router WPS screen displays a message confirming that the client was added to the wireless network. The wireless router generates an SSID, and implements WPA/WPA2 wireless security if the wireless settings on the router are not configured. 6. Note the new SSID and WPA/WPA2 passphrase for the wireless network. You can view these settings on the Wireless Settings screen. See Step 3 of the “Configuring WPA, WPA2, or WPA/WPA2 Wireless Security” section.Figure 2-7
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Safeguarding Your Network 2-13v1.0, April 2011To access the Internet from any computer connected to your wireless router, launch a browser such as Microsoft Internet Explorer or Mozilla Firefox. You should see the wireless router’s Internet LED blink, indicating communication to the ISP.Configuring Advanced WPS SettingsFrom the main menu, select Advanced Wireless Settings to display the following screen:The WPS settings show the wireless router PIN, Disable Router’s PIN, and the Keep Existing Wireless Settings check box. By default, the Keep Existing Wireless Settings check box is cleared. This allows the wireless router to automatically generate the SSID and WPA/WPA2 security settings when it implements WPS. After WPS is implemented, the wireless router automatically selects this check box so that your SSID and wireless security settings remain the same if you add WPS-enabled devices or if you manually add non WPS-capable devices later. Note: If no WPS-capable client devices are located during the 4-minute timeframe, the SSID and security settings will not be changed.Figure 2-8Note: If you clear the Keep Existing Wireless Settings check box, all wireless settings and connections will be lost.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Safeguarding Your Network 2-14v1.0, April 2011Adding Both WPS-Capable Clients and Non-WPS-Capable ClientsIf you have a wireless network with both WPS-capable clients and non-WPS-capable clients, you should set up your wireless network manually. Then, use Push ‘N’ Connect (WPS) to quickly and easily add additional WPS-capable clients.First, you must set up your wireless network manually (see “Manually Configuring Your Wireless Settings” on page 2-4).To add a wireless client device that is WPS-enabled:1. Log in to the wireless router at its default LAN address of http://www.routerlogin.net with its default user name of admin and default password of password, or using whatever LAN address and password you have set up.2. On the wireless router main menu, select Add a WPS Client (computers that will connect wirelessly to the wireless router are clients), and then click Next. The Add WPS Client screen displays.3. By default, the WPS button is selected. Either click the onscreen button, or press the WPS button on the side of the wireless router.The wireless router tries to communicate with the client for 2 minutes.4. Go to the client wireless computer, and run a WPS configuration utility. Follow the utility’s instructions to click a WPS button.5. Go back to the wireless router screen to check for a message. The wireless router WPS screen will display a message confirming that the client was added to the wireless network.To view a list of all devices connected to your wireless router (including wireless and Ethernet-connected), see “Viewing a List of Attached Devices” on page 4-9.To connect a non-WPS enabled client to the wireless router:1. On the device you want to connect to the router, open the networking utility. Note: Your wireless settings remain the same when you add another WPS-enabled client, as long as the Keep Existing Wireless Settings checkbox is selected in the Advanced Wireless screen (listed under the Advanced heading in the wireless router main menu). If you clear this checkbox, when you add the client, a new SSID and passphrase will be generated, and all existing connected wireless clients will be disassociated and disconnected from the wireless router.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Safeguarding Your Network 2-15v1.0, April 20112. Follow the utility’s instructions to enter the SSID (name you selected for your router).3. Select the security type you selected for your router, and enter the security passphrase that you entered for your router.4. Click Enter.5. Select your wireless network and click Connect.To view a list of all devices connected to your wireless router (including wireless and Ethernet-connected), see “Viewing a List of Attached Devices” on page 4-9.Restricting Access to Your RouterYou can use the Advanced Wireless Settings screen to enable or disable the wireless router and the SSID broadcast. From the main menu, select Advanced Wireless Settings to display the following screen:Note: NETGEAR recommends selecting either WPA/PSK, WPA2/PSK, or a mixed network of both WPA/PSK and WPA2/PSK.Figure 2-9
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Safeguarding Your Network 2-16v1.0, April 2011•Enable Wireless Router Radio. You can completely turn off the wireless portion of the wireless router. For example, if you use your notebook computer to wirelessly connect to your wireless router, and you take a business trip, you can turn off the wireless portion of the wireless router while you are traveling. Other members of your household who use computers connected to the wireless router via Ethernet cables can still use the wireless router. To do this, clear the Enable Wireless Access Point check box on the Advanced Wireless Settings screen, and then click Apply.•Enable SSID Broadcast. Clear this check box to disable broadcast of the SSID, so that only devices that know the correct SSID can connect. Disabling SSID broadcast nullifies the wireless network discovery feature of some products such as Windows XP.The Fragmentation Threshold, CTS/RTS Threshold, and Preamble Mode options are reserved for wireless testing and advanced configuration only. Do not change these settings.•WPS Settings. For information about WPS settings, see “Using Push ‘N’ Connect to Configure Your Wireless Network” on page 2-9. •Restricting access by MAC address. You can use a Wireless Card Access List to restrict access. See “Restricting Access by MAC Address” on page 3-3.Note: The SSID of any wireless access adapters must match the SSID you configure in the wireless router. If they do not match, you will not get a wireless connection to the wireless router.
3-1v1.0, April 2011Chapter 3Protecting Your NetworkThis chapter includes the following sections:•“Protecting Access to Your WNR3500L Router”•“Restricting Access by MAC Address” on page 3-3•“Blocking Access to Internet Sites” on page 3-4•“Blocking Access to Internet Services” on page 3-6•“Scheduling Blocking” on page 3-8•“Viewing Logs of Web Access or Attempted Web Access” on page 3-9•“Configuring E-mail Alert and Web Access Log Notifications” on page 3-10•“Setting the Time” on page 3-11Protecting Access to Your WNR3500L RouterFor security reasons, the wireless router has its own user name and password. Also, after a period of inactivity for a set length of time, the administrator login automatically disconnects. When prompted, enter admin for the wireless router user name and password for the wireless router password. You can use procedures in the following sections to change the wireless router password and the amount of time for the administrator’s login time-out.NETGEAR recommends that you change this password to a more secure password. The ideal password should contain no dictionary words from any language, and should be a mixture of both upper and lower case letters, numbers, and symbols. Your password can be up to 30 characters.Note: The user name and password are not the same as a user name or password you might use to log in to your Internet connection.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Protecting Your Network 3-2v1.0, April 2011Changing the Built-In Password1. Log in to the wireless router at its default LAN address of http://www.routerlogin.net with its default user name of admin, default password of password, or using whatever password and LAN address you have chosen for the wireless router.2. From the main menu, under the Maintenance heading, select Set Password to display the Set Password screen:3. To change the password, first enter the old password, and then enter the new password twice.4. Click Apply to save your changes. Figure 3-1Figure 3-2Note: After changing the password, you must log in again to continue the configuration. If you have backed up the wireless router settings previously, you should do a new backup so that the saved settings file includes the new password.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Protecting Your Network 3-3v1.0, April 2011Restricting Access by MAC AddressFor increased security, you can restrict access to the wireless network to allow only specific PCs based on their MAC addresses. You can restrict access to only trusted PCs so that unknown PCs cannot wirelessly connect to the WNR3500Lv2 router. MAC address filtering adds an obstacle against unwanted access to your network, but the data broadcast over the wireless link is fully exposed. To restrict access based on MAC addresses:1. Log in to the wireless router at its default LAN address of http://www.routerlogin.net with its default user name of admin, and default password of password, or using whatever user name, password, and LAN address you have chosen for the wireless router.2. From Advanced section of the main menu, select Wireless Settings, and then click Setup Access List to display the Wireless Station Access List screen.3. Click Add to add a wireless device to the wireless access control list. The Wireless Card Access Setup screen opens and displays a list of currently active wireless cards and their MAC addresses.Note: If you configure the router from a wireless computer, add your computer’s MAC address to the access list. Otherwise you will lose your wireless connection when you click Apply. You must then access the wireless router from a wired computer, or from a wireless computer that is on the access control list, to make any further changes.Figure 3-3
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Protecting Your Network 3-4v1.0, April 20114. Adjust the list as needed for your network. You can add devices using either of the following methods: • If the computer is in the Available Wireless Cards table, select the radio button of that computer to capture its MAC address.• Use the Add button to enter the MAC address of the device to be added. The MAC address can usually be found on the bottom of the wireless device. 5. Click Add, and then click Apply to save these settings. Now, only devices on this list will be allowed to wirelessly connect to the router.Blocking Access to Internet SitesThe WNR3500Lv2 router allows you to restrict access based on Web addresses and Web address keywords. Up to 255 entries are supported in the Keyword list.Keyword application examples:• If the keyword XXX is specified, the URL www.zzzyyqq.com/xxx.html is blocked.Figure 3-4Note: If no device name appears when you enter the MAC address, you can type a descriptive name for the computer that you are adding.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Protecting Your Network 3-5v1.0, April 2011• If the keyword .com is specified, only websites with other domain suffixes (such as .edu, .org, or .gov) can be viewed.To block access to Internet sites:1. Select Block Sites under Content Filtering in the main menu. The Block Sites screen displays.2. Enable keyword blocking by selecting either Per Schedule or Always. To block by schedule, be sure to specify a time period in the Schedule screen. For information about scheduling, see “Scheduling Blocking” on page 3-8.Block all access to Internet browsing during a scheduled period by entering a dot (.) as the keyword, and then set a schedule in the Schedule screen.3. Add a keyword or domain by entering it in the keyword field and clicking Add Keyword. The keyword or domain name then appears the Block sites containing these keywords or domain names list. Delete a keyword or domain name by selecting it from the list and clicking Delete Keyword.4. You can specify one trusted user, which is a computer that is exempt from blocking and logging. Specify a trusted user by entering that computer’s IP address in the Trusted IP Address fields.Since the trusted user is identified by IP address, you should configure that computer with a fixed IP address.Figure 3-5
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Protecting Your Network 3-6v1.0, April 20115. Click Apply to save all your settings in the Block Sites screen.Blocking Access to Internet ServicesThe WNR3500Lv2 router allows you to block the use of certain Internet services by computers on your network. This is called service blocking or port filtering. Services are functions performed by server computers at the request of client computers. For example, Web servers serve Web pages, time servers serve time and date information, and game hosts serve data about other players’ moves. When a computer on your network sends a request for service to a server computer on the Internet, the requested service is identified by a service or port number. This number appears as the destination port number in the transmitted IP packets. For example, a packet that is sent with destination port number 80 is an HTTP (Web server) request.To block access to Internet services:1. Select Block Services under Content Filtering in the main menu. The Block Services screen displays.2. Enable service blocking by selecting either Per Schedule or Always, and then click Apply. To block by schedule, be sure to specify a time period in the Schedule screen. For information about scheduling, see “Scheduling Blocking” on page 3-8.Figure 3-6
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Protecting Your Network 3-7v1.0, April 20113. Specify a service for blocking by clicking Add. The Block Services Setup screen displays.4. From the Service Type list, select the application or service to be allowed or blocked. The list already displays several common services, but you are not limited to these choices. To add any additional services or applications that do not already appear, select User Defined.5. Select the radio button for the IP address configuration you want to block, and then enter the IP addresses in the appropriate fields.You can block the specified service for a single computer, a range of computers (having consecutive IP addresses), or all computers on your network.6. Click Add to enable your Block Services Setup selections.Configuring a User-Defined ServiceTo define a service, first you must determine which port number or range of numbers is used by the application. The service port numbers for many common protocols are defined by the Internet Engineering Task Force (IETF) and published in RFC1700, “Assigned Numbers.” Service numbers for other applications are typically chosen from the range 1024 to 65535 by the authors of the application. You can often determine port number information by contacting the publisher of the application, by asking user groups or newsgroups, or by searching.• Enter the starting port and ending port numbers. If the application uses a single port number, enter that number in both fields.• If you know that the application uses either TCP or UDP, select the appropriate protocol. If you are not sure, select Both.Figure 3-7
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Protecting Your Network 3-8v1.0, April 2011Scheduling BlockingThe WNR3500Lv2 router allows you to specify when blocking is enforced. To schedule blocking:1. Select Schedule under Content Filtering in the main menu. The Schedule screen displays.2. Configure the schedule for blocking keywords and services.a. Days to Block. Select days on which you want to apply blocking by selecting the appropriate check boxes. Select Every Day to select the check boxes for all days. Click Apply.b. Time of Day to Block. Select a start and end time in 24-hour format. Select All Day for 24-hour blocking. Click Apply.Be sure to select your time zone in the E-mail screen as described in “Setting the Time” on page 3-11.3. Click Apply to save your settings.Figure 3-8
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Protecting Your Network 3-9v1.0, April 2011Viewing Logs of Web Access or Attempted Web AccessThe log is a detailed record of the websites you have accessed or attempted to access. Up to 128 entries are stored in the log. Select Logs under Content Filtering in the main menu. The Logs screen displays.Table 3-1 describes the log entries.To refresh the log screen, click the Refresh button.To clear the log entries, click the Clear Log button.To e-mail the log immediately, click the Send Log button.Figure 3-9Table 3-1. Log Entry DescriptionsField DescriptionDate and time The date and time the log entry was recorded.Source IP The IP address of the initiating device for this log entry.Target address The name or IP address of the website or newsgroup visited or to which access was attempted.Action Whether the access was blocked or allowed.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Protecting Your Network 3-10v1.0, April 2011Configuring E-mail Alert and Web Access Log NotificationsTo receive logs and alerts by e-mail, you must provide your e-mail account information. To configure e-mail alert and web access log notifications:1. Select E-mail under Content Filtering in the main menu. The E-mail screen displays.2. To receive e-mail logs and alerts from the router, select the Turn E-mail Notification On check box.a. Enter the name of your ISP’s outgoing (SMTP) mail server (such as mail.myISP.com) in the Your Outgoing Mail Server field. You might be able to find this information in the configuration screen of your e-mail program. If you leave this field blank, log and alert messages will not be sent by e-mail.b. Enter the e-mail address to which logs and alerts are sent in the Send To This E-mail Address field. This e-mail address will also be used as the From address. If you leave this field blank, log and alert messages will not be sent by e-mail.3. If your e-mail server requires authentication, select the My Mail Server requires authentication check box.Figure 3-10
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Protecting Your Network 3-11v1.0, April 2011a. Enter your user name for the e-mail server in the User Name field.b. Enter your password for the e-mail server in the Password field.4. You can specify that logs are automatically sent by e-mail with these options:•Send alert immediately. Select this check box for immediate notification of attempted access to a blocked site or service.•Send Logs According to this Schedule. Specifies how often to send the logs: Hourly, Daily, Weekly, or When Full. –Day. Specifies which day of the week to send the log. Relevant when the log is sent weekly.–Time. Specifies the time of day to send the log. Relevant when the log is sent daily or weekly.If you select the Weekly, Daily, or Hourly option and the log fills up before the specified period, the log is automatically e-mailed to the specified e-mail address. After the log is sent, the log is cleared from the router’s memory. If the router cannot e-mail the log file, the log buffer might fill up. In this case, the router overwrites the log and discards its contents.5. Click Apply to save your settings.So that the log entries are correctly time-stamped and sent at the correct time, be sure to set the time as described in the next section.Setting the TimeThe wireless router uses Network Time Protocol (NTP) to obtain the current time and date from one of several network time servers on the Internet. To localize the time for your log entries, you must specify your time zone from the E-mail screen:•Time Zone. Select your local time zone. This setting is used for the blocking schedule and for time-stamping log entries.•Automatically Adjust for Daylight Savings Time. Select this check box if your region supports daylight savings time. The router will automatically adjust the time at the start and end of the daylight savings time period.
4-1v1.0, April 2011Chapter 4Using Network Monitoring ToolsThis chapter describes how to use the maintenance features of your N300 Wireless Gigabit Router WNR3500Lv2. You can access these features by selecting the items under Maintenance in the main menu of the browser interface.This chapter includes the following sections:•“Upgrading the Router Firmware”•“Viewing Wireless Router Status Information” on page 4-4•“Viewing a List of Attached Devices” on page 4-9•“Managing the Configuration File” in Chapter 4•“Enabling Remote Management Access” on page 4-11Upgrading the Router FirmwareThe routing software (also called firmware) of the WNR3500Lv2 router is stored in flash memory, and can be upgraded as NETGEAR releases new software. Your router can download and install the new software, or you can download upgrade files from the NETGEAR website and manually send the upgrade file to the router using your browser.Tip: To ensure that you are always using the latest router firmware, enable the Firmware Upgrade Assistant feature so that the router will automatically detect a new version of the firmware on the Internet and alert you to its availability upon login.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Using Network Monitoring Tools 4-2v1.0, April 2011The Checking for Firmware Updates screen appears at login unless you clear the Check for Updated Firmware Upon Log-in check box.A screen is also provided for upgrading the router. From the main menu of the browser interface, under Maintenance, select Router Upgrade to display the Router Upgrade screen.From this screen, you can check for new software versions by clicking the Check button. If a new version is found, you can download and install it in one step. To enable the router to automatically check for a new software version upon login, select the Check for New Version Upon Log-in check box.Alternatively, you can manually install an upgrade file stored on your computer.Figure 4-1Figure 4-2Tip: Before upgrading the router software, use the router Settings Backup screen to save your configuration settings. A router upgrade might cause the router settings to revert to the factory defaults. If this happens, after completing the upgrade, you can restore your settings from the backup.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Using Network Monitoring Tools 4-3v1.0, April 2011Upgrading Automatically to New Router SoftwareIf you have selected Check for New Version Upon Log-in, your router alerts you to the new software when you log in. Otherwise, you can click the Check button in the Router Upgrade screen to search for new software.If the router discovers a newer version of software, the message on the left displays when you log in. If no new software is available, the message on the right displays.To automatically upgrade to the new software, click Yes to allow the router to download and install the new software file from NETGEAR.When the upload is complete, your router automatically restarts. The upgrade process typically takes about 1 minute. Read the new software release notes to determine whether you must reconfigure the router after upgrading.Upgrading Manually to New Router SoftwareTo manually select, download, and install new software to your router:1. Under Maintenance on the main menu, select Router Status. Note the version number of your router firmware.2. Go to the WNR3500Lv2 support page on the NETGEAR website athttp://www.netgear.com/support.Figure 4-3Warning: When uploading software to the WNR3500Lv2 router, do not interrupt the Web browser by closing the window, clicking a link, or loading a new page. If the browser is interrupted, it could corrupt the software.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Using Network Monitoring Tools 4-4v1.0, April 20113. Check the most recent firmware version offered against the firmware version shown on your Router Status screen.4. If the version on the NETGEAR website is more recent, download the file to your computer.5. Under Maintenance on the main menu, select Router Upgrade.6. Click Browse, and locate the firmware image that you downloaded to your PC (the file ends in .img or .chk). 7. Click Upload to send the firmware to the router.When the upload is complete, your router automatically restarts. The upgrade process typically takes about 1 minute. Read the new software release notes to determine whether you must reconfigure the router after upgrading.Viewing Wireless Router Status InformationTo view router status and usage information:1. From the main menu of the browser interface, under Maintenance, select Router Status. The Router Status screen displays.Warning: When uploading software to the WNR3500Lv2 router, do not interrupt the Web browser by closing the window, clicking a link, or loading a new page. If the browser is interrupted, it could corrupt the software.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Using Network Monitoring Tools 4-5v1.0, April 2011Table 4-1 describes the router status fields.Figure 4-4Table 4-1. Wireless Router Status FieldsField DescriptionHardware Version The router model.Firmware Version The version of the current software installed in the router. This will change if you upgrade your router.Internet Port These settings apply to the Internet (WAN) port of the router. MAC Address The Media Access Control address. This is the unique physical address being used by the Internet (WAN) port of the router. IP Address The IP address being used by the Internet (WAN) port of the router. If no address is shown, or is 0.0.0.0, the router cannot connect to the Internet.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Using Network Monitoring Tools 4-6v1.0, April 2011DHCP If set to None, the router is configured to use a fixed IP address on the WAN. If set to DHCP Client, the router is configured to obtain an IP address dynamically from the ISP.IP Subnet Mask The IP subnet mask being used by the Internet (WAN) port of the router. For an explanation of subnet masks and subnet addressing, click the link to the online document “TCP/IP Networking Basics” in Appendix B.Domain Name Server The Domain Name Server addresses being used by the router. A Domain Name Server translates human-language URLs such as www.netgear.com into IP addresses.LAN Port These settings apply to the Ethernet (LAN) port of the router. MAC Address The Media Access Control address. This is the unique physical address being used by the LAN port of the router. IP Address The IP address being used by the Ethernet (LAN) port of the router. The default is 192.168.1.1.DHCP Identifies whether the router’s built-in DHCP server is active for the LAN-attached devices.IP Subnet Mask The IP subnet mask being used by the Ethernet (LAN) port of the router. The default is 255.255.255.0.Wireless Port These settings apply to the wireless port of the router. Name (SSID) The wireless network name (SSID) being used by the wireless port of the router. The default is NETGEAR.Region The geographic region where the router is being used. It might be illegal to use the wireless features of the router in some parts of the world.Channel Identifies the channel of the wireless port being used. Click the link to the online document “Wireless Networking Basics” in Appendix B for the frequencies used on each channel. In Up to 300 Mbps mode, there are two channels: a primary channel (P) and a secondary channel (S).Mode Indicates the wireless communication mode: • Up to 54 Mbps• Up to 145 Mbps• Up to 300 MbpsWireless AP Indicates whether the radio feature of the router is enabled. If not enabled, the Wireless LED on the front panel is off.Broadcast Name Indicates whether the router is broadcasting its SSID.Table 4-1. Wireless Router Status Fields (continued)Field Description
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Using Network Monitoring Tools 4-7v1.0, April 20112. Click Connection Status to display the connection status.Table 4-2 describes the connection status settings.Click the Close Window button to close the Connection Status screen.Figure 4-5Table 4-2. Connection Status SettingsItem DescriptionIP Address The IP address that is assigned to the router.Subnet Mask The subnet mask that is assigned to the router.Default Gateway The IP address for the default gateway that the router communicates with.DNS Server The IP address of the Domain Name Service server that provides translation of network names to IP addresses.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Using Network Monitoring Tools 4-8v1.0, April 20113. Click Show Statistics to display router usage statistics.Table 4-3 describes the router statistics.To change the polling frequency, enter a time in seconds in the Poll Interval field, and click Set Interval.To stop the polling entirely, click Stop.Figure 4-6Table 4-3. Router StatisticsItem DescriptionSystem Up Time The time elapsed since the router was last restarted.Port The statistics for the WAN (Internet) and LAN (Ethernet) ports. For each port, the screen displays the following:Status The link status of the port.TxPkts The number of packets transmitted on this port since reset.RxPkts The number of packets received on this port since reset.Collisions The number of collisions on this port since reset.Tx B/s The current transmission (outbound) bandwidth used on the WAN and LAN ports (the average bytes per second transmitted since reset). Tx B/s is the total bytes transmitted divided by the system up time (in seconds).Rx B/s The current reception (inbound) bandwidth used on the WAN and LAN ports (the average bytes per second received since reset). Rx B/s is the total bytes received divided by the system up time (in seconds).Up Time The time elapsed since this port acquired the link.Poll Interval The intervals at which the statistics are updated in this screen.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Using Network Monitoring Tools 4-9v1.0, April 2011Viewing a List of Attached DevicesThe Attached Devices screen contains a table of all IP devices that the router has discovered on the local network. From the main menu of the browser interface, under Maintenance, select Attached Devices to view the table.For each device, the table shows the IP address, NetBIOS host name or device name (if available), and the Ethernet MAC address. To force the router to look for attached devices, click Refresh.Managing the Configuration FileThe configuration settings of the WNR3500Lv2 router are stored within the router in a configuration file. You can back up (save) this file to your computer, restore it, or reset it to the factory default settings.Figure 4-7Note: If the router is rebooted, the table data is lost until the router rediscovers the devices.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Using Network Monitoring Tools 4-10v1.0, April 2011From the main menu of the browser interface, under Maintenance, select Backup Settings.The following sections describe the three available options.Backing Up and Restoring the ConfigurationThe Restore and Backup options in the Settings Backup screen let you save and retrieve a file containing your router’s configuration settings.To save your settings, click Back Up. Your browser extracts the configuration file from the router and prompts you for a location on your computer to store the file. You can give the file a meaningful name at this time, such as comcast.cfg.To restore your settings from a saved configuration file, enter the full path to the file on your computer, or click Browse to browse to the file. When you have located it, click Restore to send the file to the router. The router then reboots automatically.Figure 4-8Tip: Before saving your configuration file, change the administrator password to the default, password. Then change it again after you have saved the configuration file. If you forget the password, you will need to reset the configuration to factory defaults.Warning: Do not interrupt the reboot process.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Using Network Monitoring Tools 4-11v1.0, April 2011Erasing the ConfigurationUnder some circumstances (for example, if you move the router to a different network or if you have forgotten the password) you might want to erase the configuration and restore the factory default settings. After an erase, the router’s username is admin, the password is password, the LAN IP address is 192.168.1.1 (or www.routerlogin.net), and the router’s DHCP server is enabled.To erase the configuration, click the Erase button in the Settings Backup screen.To restore the factory default configuration settings when you do not know the login password or IP address, you must use the restore factory settings button on the rear panel of the router (see “Restoring the Default Configuration and Password” on page 8-14).Enabling Remote Management AccessUsing the Remote Management feature, you can allow a user on the Internet to configure, upgrade, and check the status of your WNR3500Lv2 router. From the main menu of the browser interface, under Advanced, select Remote Management.Figure 4-9
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Using Network Monitoring Tools 4-12v1.0, April 2011To configure your router for remote management:1. Select the Turn Remote Management On check box.2. Under Allow Remote Access By, specify what external IP addresses will be allowed to access the router’s remote management.• To allow access from any IP address on the Internet, select Everyone. • To allow access from a range of IP addresses on the Internet, select IP Address Range.Enter a beginning and ending IP address to define the allowed range. • To allow access from a single IP address on the Internet, select Only This Computer.Enter the IP address that will be allowed access. 3. Specify the port number for accessing the management interface.Normal Web browser access uses the standard HTTP service port 80. For greater security, enter a custom port number for the remote management Web interface. Choose a number between 1024 and 65535, but do not use the number of any common service port. The default is 8080, which is a common alternate for HTTP.4. Click Apply to have your changes take effect.Note: Be sure to change the router’s default configuration password to a very secure password. The ideal password should contain no dictionary words from any language, and should be a mixture of letters (both uppercase and lowercase), numbers, and symbols. Your password can be up to 30 characters.Note: For enhanced security, restrict access to as few external IP addressesas practical.Note: When accessing your router from the Internet, type your router’s WAN IP address into your browser’s address or location field, followed by a colon (:) and the custom port number. For example, if your external address is 134.177.0.123 and you use port number 8080, then enter http://134.177.0.123:8080 in your browser.
5-1v1.0, April 2011Chapter 5Customizing Your Network SettingsThis chapter describes advanced features of the N300 Wireless Gigabit Router WNR3500Lv2. This chapter includes the following sections:•“Using the LAN IP Setup Options”•“Using a Dynamic DNS Service” on page 5-5•“Configuring the WAN Setup Options” on page 5-7•“Configuring Static Routes” on page 5-9•“Allowing Inbound Connections to Your Network” on page 5-11•“Configuring Port Forwarding to Local Servers” on page 5-16•“Configuring Port Triggering” on page 5-18•“Wireless Repeating (Also Called WDS)” on page 5-21Using the LAN IP Setup OptionsThe LAN Setup screen allows configuration of LAN IP services such as Dynamic Host Configuration Protocol (DHCP) and Routing Information Protocol (RIP).The router is shipped preconfigured to use private IP addresses on the LAN side and to act as a DHCP server. The router’s default LAN IP configuration is:• LAN IP address: 192.168.1.1• Subnet mask: 255.255.255.0These addresses are part of the designated private address range for use in private networks and should be suitable for most applications. If your network has a requirement to use a different IP addressing scheme, you can make those changes in the LAN Setup screen.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Customizing Your Network Settings 5-2v1.0, April 2011To configure LAN IP settings, log in to the router, and under the Advanced heading, select LAN Setup. The following screen displays:.If you make changes, you must click Apply in order for the changes to take effect.The LAN Setup fields are explained in the following table.Figure 5-1Note: If you change the LAN IP address of the router while connected through the browser, you will be disconnected. You must then open a new connection to the new IP address and log in again.Table 5-1. LAN IP Setup Settings DescriptionDevice Name A descriptive name for the router, which will be shown in the Network on Windows Vista and the Network Explorer on all Windows systems. The Device Name field cannot be blank.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Customizing Your Network Settings 5-3v1.0, April 2011LAN TCP/IP SetupIP Address The LAN IP address of the wireless router.IP Subnet Mask The LAN subnet mask of the wireless router. Combined with the IP address, the IP Subnet Mask allows a device to know which other addresses are local to it, and which must be reached through a gateway or wireless router.RIP Direction RIP (Router Information Protocol) allows a wireless router to exchange routing information with other routers. This setting controls how the wireless router sends and receives RIP packets. Both is the default. •Both or Out Only. The wireless router broadcasts its routing table periodically. •Both or In Only. The wireless router incorporates the RIP information that it receives. •None. The wireless router will not send any RIP packets and will ignore any RIP packets received. RIP Version This controls the format and the broadcasting method of the RIP packets that the wireless router sends. It recognizes both formats when receiving. By default, this is RIP-1. • RIP-1 is universally supported. It is adequate for most networks, unless you have an unusual network setup. • RIP-2 carries more information. Both RIP-2B and RIP-2M send the routing data in RIP-2 format. RIP-2B uses subnet broadcasting. RIP-2M uses multicasting.DHCP ServerFor more informationUse Router as a DHCP ServerThis check box is usually selected so that the wireless router functions as a Dynamic Host Configuration Protocol (DHCP) server. See “Using the Router as a DHCP Server” on page 5-4.Starting IP Address Specify the start of the range for the pool of IP addresses in the same subnet as the wireless router.Ending IP Address Specify the end of the range for the pool of IP addresses in the same subnet as the wireless router.Address ReservationFor more information, see “Using Address Reservation” on page 5-4.When you specify a reserved IP address for a computer on the LAN, that computer receives the same IP address each time it access the router’s DHCP server. Assign reserved IP addresses to servers that require permanent IP settings. Table 5-1. LAN IP Setup (continued)Settings Description
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Customizing Your Network Settings 5-4v1.0, April 2011Using the Router as a DHCP ServerBy default, the router functions as a DHCP server, allowing it to assign IP, DNS server, and default gateway addresses to all computers connected to the router’s LAN. The assigned default gateway address is the LAN address of the router. The router assigns IP addresses to the attached computers from a pool of addresses specified in this screen. Each pool address is tested before it is assigned to avoid duplicate addresses on the LAN.For most applications, the default DHCP and TCP/IP settings of the router are satisfactory. Click the link to the online document “TCP/IP Networking Basics” in Appendix B for an explanation of DHCP and information about how to assign IP addresses for your network. Specify the pool of IP addresses to be assigned by setting the starting IP address and ending IP address. These addresses should be part of the same IP address subnet as the router’s LAN IP address. Using the default addressing scheme, you should define a range between 192.168.1.2 and 192.168.1.254, although you might wish to save part of the range for devices with fixed addresses.The router delivers the following parameters to any LAN device that requests DHCP:• An IP address from the range you have defined• Subnet mask• Gateway IP address (the router’s LAN IP address)• Primary DNS server To use another device on your network as the DHCP server, or to manually specify the network settings of all of your computers, clear the Use Router as DHCP Server check box. Otherwise, leave it selected. If this service is not selected and no other DHCP server is available on your network, you need to set your computers’ IP addresses manually or they will not be able to access the router.Using Address ReservationWhen you specify a reserved IP address for a computer on the LAN, that computer always receives the same IP address each time it accesses the router’s DHCP server. Reserved IP addresses should be assigned to computers or servers that require permanent IP settings. To reserve an IP address: 1. Click Add. 2. In the IP Address field, type the IP address to assign to the computer or server. (Choose an IP address from the router’s LAN subnet, such as 192.168.1.x.)
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Customizing Your Network Settings 5-5v1.0, April 20113. Type the MAC address of the computer or server.4. Click Apply to enter the reserved address into the table. To edit or delete a reserved address entry: 1. Click the button next to the reserved address you want to edit or delete. 2. Click Edit or Delete.Using a Dynamic DNS ServiceIf your Internet Service Provider (ISP) gave you a permanently assigned IP address, you can register a domain name and have that name linked with your IP address by public Domain Name Servers (DNS). However, if your Internet account uses a dynamically assigned IP address, you do not know in advance what your IP address will be, and the address can change frequently. In this case, you can use a commercial Dynamic DNS service, which allows you to register your domain to their IP address, and forwards traffic directed at your domain to your current IP address.Your router contains a client that can connect to the Dynamic DNS service provided by DynDNS.org. You must first visit their website at www.dyndns.org and obtain an account and host name, which you specify in the router. Then, whenever your ISP-assigned IP address changes, your router automatically contacts the Dynamic DNS service provider, logs in to your account, and registers your new IP address. If your host name is hostname, for example, you can reach your router at hostname.dyndns.org.Tip: If the computer is already present on your network, you can copy its MAC address from the Attached Devices screen and paste it here.Note: The reserved address is not assigned until the next time the computer contacts the router’s DHCP server. Reboot the computer or access its IP configuration and force a DHCP release and renew.Note: If your ISP assigns a private WAN IP address (such as 192.168.x.x or 10.x.x.x), the Dynamic DNS service will not work because private addresses are not routed on the Internet.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Customizing Your Network Settings 5-6v1.0, April 2011From the main menu of the browser interface, under Advanced, select Dynamic DNS to display the Dynamic DNS screen.To configure Dynamic DNS:1. Register for an account with one of the Dynamic DNS service providers whose names appear in the Service Provider list. For example, for DynDNS.org, select www.dyndns.org.2. Select the Use a Dynamic DNS Service check box. 3. Select the name of your Dynamic DNS service provider. 4. Type the host name (or domain name) that your Dynamic DNS service provider gave you.5. Type the user name for your Dynamic DNS account. This is the name that you use to log in to your account, not your host name.6. Type the password (or key) for your Dynamic DNS account. 7. Click Apply to save your configuration.Figure 5-2
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Customizing Your Network Settings 5-7v1.0, April 2011Configuring the WAN Setup OptionsThe WAN Setup screen lets you configure a DMZ (demilitarized zone) server, change the Maximum Transmit Unit (MTU) size, and enable the wireless router to respond to a ping on the WAN (Internet) port. From the main menu, under Advanced, click WAN Setup to view the WAN Setup screen. The WAN Setup fields are described in the following table:Figure 5-3Table 5-2. WAN Setup SettingsSetting DescriptionDisable SPI Firewall The Stateful Packet Inspection (SPI) firewall protects your network and computers against attacks and intrusions. A stateful packet firewall carefully inspects incoming traffic packets, looking for known exploits such as malformed, oversized, or out-of-sequence packets. The firewall should be disabled only in special circumstances, such as when you are troubleshooting application issues. Default DMZ Server This feature is sometimes helpful when you are using some online games and videoconferencing. Be careful when using this feature because it makes the firewall security less effective. See the following section, Setting Up a Default DMZ Server.Respond to Ping on Internet WAN PortIf you want the wireless router to respond to a ping from the Internet, select this check box. This should be used only as a diagnostic tool, since it allows your wireless router to be discovered. Do not select this check box unless you have a specific reason to do so.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Customizing Your Network Settings 5-8v1.0, April 2011Setting Up a Default DMZ ServerThe default DMZ server feature is helpful when you are using some online games and videoconferencing applications that are incompatible with Network Address Translation (NAT). The router is programmed to recognize some of these applications and to work correctly with them, but there are other applications that might not function well. In some cases, one local computer can run the application correctly if that computer’s IP address is entered as the default DMZ server.Incoming traffic from the Internet is usually discarded by the router unless the traffic is a response to one of your local computers or a service that you have configured in the Port Forwarding/Port Triggering screen. Instead of discarding this traffic, you can have it forwarded to one computer on your network. This computer is called the default DMZ server.The WAN Setup screen lets you configure a default DMZ server.To assign a computer or server to be a default DMZ server: 1. In the last Default DMZ Server field, type the last digit of the IP address for that computer. To remove the default DMZ server, enter 0 (zero).2. Select the Default DMZ Server check box, and click Apply.MTU Size (in bytes) The normal MTU (Maximum Transmit Unit) value for most Ethernet networks is 1500 bytes, or 1492 Bytes for PPPoE connections. For some ISPs you might need to reduce the MTU. This is rarely required, and should not be done unless you are sure it is necessary for your ISP connection. See “Changing the MTU Size” on page 6-6.NAT Filtering Network Address Translation (NAT) determines how the router processes inbound traffic. Secured NAT provides a secured firewall to protect the computers on the LAN from attacks from the Internet, but might prevent some Internet games, point-to-point applications, or multimedia applications from functioning. Open NAT provides a much less secured firewall, but allows almost all Internet applications to function. Warning: DMZ servers pose a security risk. A computer designated as the default DMZ server loses much of the protection of the firewall, and is exposed to exploits from the Internet. If compromised, the DMZ server computer can be used to attack other computers on your network.Table 5-2. WAN Setup SettingsSetting Description
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Customizing Your Network Settings 5-9v1.0, April 2011Configuring Static RoutesStatic routes provide additional routing information to your router. Under usual circumstances, the router has adequate routing information after it has been configured for Internet access, and you do not need to configure additional static routes. You must configure static routes only for unusual cases such as multiple routers or multiple IP subnets located on your network.As an example of when a static route is needed, consider the following case:• Your primary Internet access is through a cable modem to an ISP.• You have an ISDN router on your home network for connecting to the company where you are employed. This router’s address on your LAN is 192.168.1.100.• Your company’s network address is 134.177.0.0.When you first configured your router, two implicit static routes were created. A default route was created with your ISP as the gateway, and a second static route was created to your local network for all 192.168.1.x addresses. With this configuration, if you attempt to access a device on the 134.177.0.0 network, your router forwards your request to the ISP. The ISP forwards your request to the company where you are employed, and the request is likely to be denied by the company’s firewall.In this case you must define a static route, telling your router that 134.177.0.0 should be accessed through the ISDN router at 192.168.1.100. In this example:•The Destination IP Address and IP Subnet Mask fields specify that this static route applies to all 134.177.x.x addresses. •The Gateway IP Address field specifies that all traffic for these addresses should be forwarded to the ISDN router at 192.168.1.100. •A Metric value of 1 will work. •Private is selected only as a precautionary security measure in case RIP is activated.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Customizing Your Network Settings 5-10v1.0, April 2011Select Static Routes under Advanced in the main menu. The Static Routes screen displays.To add or edit a static route:1. Click Add to expand the Static Routes screen.2. In the Route Name field, type a name for this static route. (This is for identification purposes only.) 3. Select the Private check box if you want to limit access to the LAN only. If Private is selected, the static route is not reported in RIP. 4. Select the Active check box to make this route effective. 5. Type the IP address of the final destination. 6. Type the IP subnet mask for this destination.If the destination is a single host, type 255.255.255.255. Figure 5-4Figure 5-5
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Customizing Your Network Settings 5-11v1.0, April 20117. Type the gateway IP address, which must be a router on the same LAN segment as the WNR3500Lv2 router. 8. Type a number between 1 and 15 as the metric value. This represents the number of routers between your network and the destination. Usually, a setting of 2 or 3 works. 9. Click Apply to have the static route entered into the table.Allowing Inbound Connections to Your NetworkBy default, the WNR3500Lv2 router blocks any inbound traffic from the Internet to your computers except for replies to your outbound traffic. However, you might need to create exceptions to this rule for the following purposes:• To allow remote computers on the Internet to access a server on your local network. • To allow certain applications and games to work correctly when their replies are not recognized by your router.Your router provides two features for creating these exceptions: port forwarding and port triggering. This section explains how a normal outbound connection works, followed by two examples explaining how port forwarding and port triggering operate and how they differ.How Your Computer Accesses a Remote Computer through Your RouterWhen a computer on your network needs to access a computer on the Internet, your computer sends your router a message containing source and destination address and process information. Before forwarding your message to the remote computer, your router must modify the source information and must create and track the communication session so that replies can be routed back to your computer. Here is an example of normal outbound traffic and the resulting inbound responses:1. You open Internet Explorer, beginning a browser session on your computer. Invisible to you, your operating system assigns a service number (port number) to every communication process running on your computer. In this example, let’s say Windows assigns port number 5678 to this browser session. 2. You ask your browser to get a Web page from the Web server at www.example.com. Yo ur computer composes a Web page request message with the following address andport information:
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Customizing Your Network Settings 5-12v1.0, April 2011• The source address is your computer’s IP address.• The source port number is 5678, the browser session. • The destination address is the IP address of www.example.com, which your computer finds by asking a DNS server.• The destination port number is 80, the standard port number for a Web server process.Your computer then sends this request message to your router.3. Your router creates an entry in its internal session table describing this communication session between your computer and the Web server at www.example.com. Before sending the Web page request message to www.example.com, your router stores the original information and then modifies the source information in the request message, performing Network Address Translation (NAT):• The source address is replaced with your router’s public IP address.This is necessary because your computer uses a private IP address that is not globally unique and cannot be used on the Internet.• The source port number is changed to a number chosen by the router, such as 33333. This is necessary because two computers could independently be using the same session number.Your router then sends this request message through the Internet to the Web server at www.example.com.4. The Web server at www.example.com composes a return message with the requested Web page data. The return message contains the following address and port information:• The source address is the IP address of www.example.com.• The source port number is 80, the standard port number for a Web server process.• The destination address is the public IP address of your router.• The destination port number is 33333.The Web server then sends this reply message to your router.5. Upon receiving the incoming message, your router checks its session table to determine whether there is an active session for port number 33333. Finding an active session, the router then modifies the message, restoring the original address information replaced by NAT. The message now contains the following address and port information: • The source address is the IP address of www.example.com.• The source port number is 80, the standard port number for a Web server process.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Customizing Your Network Settings 5-13v1.0, April 2011• The destination address is your computer’s IP address.• The destination port number is 5678, the browser session that made the initial request.Your router then sends this reply message to your computer, which displays the Web page from www.example.com.6. When you finish your browser session, your router senses the termination of communications. Your router then removes the session information from its session table, and incoming traffic is no longer accepted on port number 33333.How Port Triggering Changes the Communication ProcessIn the preceding example, requests are sent to a remote computer by your router from a particular service port number, and replies from the remote computer to your router are directed to that port number. If the remote server sends a reply back to a different port number, your router will not recognize it and will discard it. However, some application servers (such as FTP and IRC servers) send replies back to multiple port numbers. Using the port triggering function of your router, you can tell the router to open additional incoming ports when a particular outgoing port originatesa session.An example is Internet Relay Chat (IRC). Your computer connects to an IRC server at destination port 6667. The IRC server not only responds to your originating source port, but also sends an “identify” message to your computer on port 113. Using port triggering, you can tell the router, “When you initiate a session with destination port 6667, you must also allow incoming traffic on port 113 to reach the originating computer.” Using steps similar to the preceding example, the following sequence shows the effects of the port triggering rule you have defined:1. You open an IRC client program, beginning a chat session on your computer. 2. Your IRC client composes a request message to an IRC server using a destination port number of 6667, the standard port number for an IRC server process. Your computer then sends this request message to your router.3. Your router creates an entry in its internal session table describing this communication session between your computer and the IRC server. Your router stores the original information, performs Network Address Translation (NAT) on the source address and port, and sends this request message through the Internet to the IRC server. 4. Noting your port triggering rule, and having observed the destination port number of 6667, your router creates an additional session entry to send any incoming port 113 traffic to your computer.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Customizing Your Network Settings 5-14v1.0, April 20115. The IRC server sends a return message to your router using the NAT-assigned source port (as in the previous example, let’s say port 33333) as the destination port. The IRC server also sends an “identify” message to your router with destination port 113.6. Upon receiving the incoming message to destination port 33333, your router checks its session table to determine whether there is an active session for port number 33333. Finding an active session, the router restores the original address information replaced by NAT and sends this reply message to your computer.7. Upon receiving the incoming message to destination port 113, your router checks its session table and learns that there is an active session for port 113, associated with your computer. The router replaces the message’s destination IP address with your computer’s IP address and forwards the message to your computer.8. When you finish your chat session, your router senses the termination of communications. The router then removes the session information from its session table, and incoming traffic is no longer accepted on port numbers 33333 or 113.To configure port triggering, you need to know which inbound ports the application needs. Also, you need to know the number of the outbound port that will trigger the opening of the inbound ports. You can usually determine this information by contacting the publisher of the application, or user groups or newsgroups.How Port Forwarding Changes the Communication ProcessIn both of the preceding examples, your computer initiates an application session with a server computer on the Internet. However, you might need to allow a client computer on the Internet to initiate a connection to a server computer on your network. Normally, your router ignores any inbound traffic that is not a response to your own outbound traffic. You can configure exceptions to this default rule by using the port forwarding feature. A typical application of port forwarding can be shown by reversing the client-server relationship from our previous Web server example. In this case, a remote computer’s browser needs to access a Web server running on a computer in your local network. Using port forwarding, you can tell the router, “When you receive incoming traffic on port 80 (the standard port number for a Web server process), forward it to the local computer at 192.168.1.123.” The following sequence shows the effects of the port forwarding rule you have defined:Note: An inbound port can be used by one computer at a time with the triggered application.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Customizing Your Network Settings 5-15v1.0, April 20111. The user of a remote computer opens Internet Explorer and requests a Web page from www.example.com, which resolves to the public IP address of your router. The remote computer composes a Web page request message with the following destination information: • The destination address is the IP address of www.example.com, which is the address of your router.• The destination port number is 80, the standard port number for a Web server process.The remote computer then sends this request message through the Internet to your router.2. Your router receives the request message and looks in its rules table for any rules covering the disposition of incoming port 80 traffic. Your port forwarding rule specifies that incoming port 80 traffic should be forwarded to local IP address 192.168.1.123. Therefore, your router modifies the destination information in the request message:The destination address is replaced with 192.168.1.123.Your router then sends this request message to your local network.3. Your Web server at 192.168.1.123 receives the request and composes a return message with the requested Web page data. Your Web server then sends this reply message to your router.4. Your router performs Network Address Translation (NAT) on the source IP address, and sends this request message through the Internet to the remote computer, which displays the Web page from www.example.com.To configure port forwarding, you need to know which inbound ports the application needs. You usually can determine this information by contacting the publisher of the application or user groups or newsgroups.How Port Forwarding Differs from Port TriggeringThe following points summarize the differences between port forwarding and port triggering:• Port triggering can be used by any computer on your network, although only one computer at a time can use the same ports.• Port forwarding is configured for a single computer on your network.• Port triggering does not need to know the computer’s IP address in advance. The IP address is captured automatically.• Port forwarding requires that you specify the computer’s IP address during configuration, and the IP address must never change.• Port triggering requires specific outbound traffic to open the inbound ports, and the triggered ports are closed after a period of no activity.• Port forwarding is always active and does not need to be triggered.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Customizing Your Network Settings 5-16v1.0, April 2011Configuring Port Forwarding to Local ServersUsing the port forwarding feature, you can allow certain types of incoming traffic to reach servers on your local network. For example, you might make a local Web server, FTP server, or game server visible and available to the Internet. Use the Port Forwarding screen to configure the router to forward specific incoming protocols to computers on your local network. In addition to servers for specific applications, you can also specify a default DMZ server to which all other incoming protocols are forwarded. The DMZ server is configured in the WAN Setup screen, as discussed in “Setting Up a Default DMZ Server” on page 5-8.Before starting, you need to determine which type of service, application, or game you will provide, and the local IP address of the computer that will provide the service. Be sure the computer’s IP address never changes.To configure port forwarding to a local server:1. Select Port Forwarding/Port Triggering under Advanced in the main menu.Tip: To ensure that your server computer always has the same IP address, use the reserved IP address feature of your WNR3500Lv2 router. See “Using Address Reservation” on page 5-4 for instructions on how to use reserved IP addresses.Figure 5-6
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Customizing Your Network Settings 5-17v1.0, April 20112. From the Service Name list, select the service or game that you will host on your network.If the service does not appear in the list, see the following section, “Adding a Custom Service.”3. In the corresponding Server IP Address box, enter the last digit of the IP address of your local computer that will provide this service. 4. Click Add. The service appears in the list in the screen.Adding a Custom ServiceTo define a service, game, or application that does not appear in the Service Name list, you must first determine which port number or range of numbers is used by the application. You can usually determine this information by contacting the publisher of the application or user groups or newsgroups. When you have the port number information, follow these steps:1. Select Port Forwarding/Port Triggering under Advanced in the main menu.2. Click Add Custom Service.3. In the Service Name field, enter a descriptive name. 4. In the Service Type field, select the protocol. If you are unsure, select TCP/UDP.5. In the Starting Port field, enter the beginning port number. • If the application uses only a single port, enter the same port number in the Ending Port field.• If the application uses a range of ports, enter the ending port number of the range in the Ending Port field.6. In the Server IP Address field, enter the IP address of your local computer that will provide this service.7. Click Apply. The service appears in the list in the Port Forwarding/Port Triggering screen.Figure 5-7
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Customizing Your Network Settings 5-18v1.0, April 2011Editing or Deleting a Port Forwarding EntryTo edit or delete a port forwarding entry:1. In the table, select the button next to the service name.2. Click Edit Service or Delete Service.Application Example: Making a Local Web Server PublicIf you host a Web server on your local network, you can use port forwarding to allow Web requests from anyone on the Internet to reach your Web server. To make a local Web server public:1. Assign your Web server either a fixed IP address or a dynamic IP address using DHCP address reservation, as explained in “Using Address Reservation” on page 5-4. In this example, your router will always give your Web server an IP address of 192.168.1.33. 2. In the Port Forwarding screen, configure the router to forward the HTTP service to the local address of your Web server at 192.168.1.33. HTTP (port 80) is the standard protocol for Web servers.3. (Optional) Register a host name with a Dynamic DNS service, and configure your router to use the name as described in “Using a Dynamic DNS Service” on page 5-5. To access your Web server from the Internet, a remote user must know the IP address that has been assigned by your ISP. However, if you use a Dynamic DNS service, the remote user can reach your server by a user-friendly Internet name, such as mynetgear.dyndns.org.Configuring Port TriggeringPort triggering is a dynamic extension of port forwarding that is useful in these cases:• More than one local computer needs port forwarding for the same application (but not simultaneously).• An application needs to open incoming ports that are different from the outgoing port.When port triggering is enabled, the router monitors outbound traffic looking for a specified outbound “trigger” port. When the router detects outbound traffic on that port, it remembers the IP address of the local computer that sent the data. The router then temporarily opens the specified incoming port or ports, and forwards incoming traffic on the triggered ports to the triggering computer.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Customizing Your Network Settings 5-19v1.0, April 2011While port forwarding creates a static mapping of a port number or range to a single local computer, port triggering can dynamically open ports to any computer that needs them and can close the ports when they are no longer needed.To configure port triggering, you need to know which inbound ports the application needs. Also, you need to know the number of the outbound port that will trigger the opening of the inbound ports. You can usually determine this information by contacting the publisher of the application or user groups or newsgroups.To set up port triggering: 1. Select Port Forwarding/Port Triggering under Advanced in the main menu. The Forwarding/Port Triggering screen displays.2. Select the Port Triggering radio button. The port triggering information displays.Note: If you use applications such as multiplayer gaming, peer-to-peer connections, real-time communications such as instant messaging, or remote assistance (a feature in Windows XP), you should also enable Universal Plug and Play (UPnP) according to the instructions in “Using Universal Plug and Play” on page 6-13.Figure 5-8
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Customizing Your Network Settings 5-20v1.0, April 20113. Clear the Disable Port Triggering check box.4. In the Port Triggering Timeout field, enter a value up to 9999 minutes. This value sets the inactivity timer for the designated inbound ports. These ports close when the timer expires. This is required because the router cannot be sure when the application has terminated.5. Click Add Service. 6. In the Service Name field, type a descriptive service name. 7. In the Service User field, select Any (the default) to allow this service to be used by any computer on the Internet. Otherwise, select Single address, and enter the IP address of one computer to restrict the service to a particular computer. 8. Select the service type, either TCP or UDP or both (TCP/UDP). If you are not sure, select TCP/UDP.9. In the Triggering Port field, enter the number of the outbound traffic port that will cause the inbound ports to be opened. 10. Enter the inbound connection port information in the Connection Type, Starting Port, and Ending Port fields.11. Click Apply. The service appears in the Port Triggering Portmap table. Note: If the Disable Port Triggering check box is selected after you configure port triggering, port triggering is disabled. However, any port triggering configuration information you added to the router is retained even though it is not used.Figure 5-9
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Customizing Your Network Settings 5-21v1.0, April 2011Wireless Repeating (Also Called WDS)The WNR3500Lv2 router can be used with a wireless access point (AP) to build large bridged wireless networks. Wireless repeating is a type of Wireless Distribution System (WDS).The following figure shows a wireless repeating scenario: To set up a wireless network using WDS, the following conditions must be met for both APs:• Both APs must use the same wireless channel and encryption mode (see “Manually Configuring Your Wireless Settings” on page 2-4 or “Using Push 'N' Connect (WPS) to Configure Your Wireless Network” on page 2-13).• Both APs must be on the same LAN IP subnet. That is, all the AP LAN IP addresses are in the same network.• All LAN devices (wired and wireless computers) must be configured to operate in the same LAN network address range as the APs.Warning: If you use the wireless repeating function, your options for wireless security are limited to None or WEP. For more information about wireless security, see Chapter 2, “Safeguarding Your Network.”Figure 5-10Repeater APBase Station AP
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Customizing Your Network Settings 5-22v1.0, April 2011Wireless Repeating Function You can view or change wireless repeater settings for the wireless router. From the main menu of the browser interface, under Advanced, click Wireless Repeating Function to display the Wireless Repeating Function screen.The wireless router supports two modes of the wireless repeating function, and allows you to control wireless client association:•Wireless Repeater. The wireless router sends all traffic from its local wireless or wired computers to a remote AP. To configure this mode, you must know the MAC address of the remote parent AP. •Wireless Base Station. The wireless router acts as the parent AP, bridging traffic to and from the child repeater AP, as well as handling wireless and wired local computers. To configure this mode, you must know the MAC addresses of the child repeater AP.•Disable Wireless Client Association. Usually this check box is cleared so that the router is an access point for wireless computers. If this check box is selected, the router communicates wirelessly only with other APs whose MAC addresses are listed in this screen. The router still communicates with wire-connected LAN devices. Figure 5-11
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Customizing Your Network Settings 5-23v1.0, April 2011Setting Up the Base Station The wireless repeating function works only in hub and spoke mode. The units cannot be daisy chained. You must know the wireless settings for both units. You must know the MAC address of the remote unit. First, set up the base station, and then set up the repeater. To set up the base station:1. Set up both units with exactly the same wireless settings (mode, channel, and security). Note that the wireless security option must be set to None or WEP.2. Log into the wireless router base unit, under the Advanced heading, select Wireless Repeating Function to display the Wireless Repeating Function screen.3. Select the Enable Wireless Repeating Function check box and the Wireless Base Station radio button.4. Enter the MAC address for one or more repeater units.5. Click Apply to save your changes.Figure 5-12
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Customizing Your Network Settings 5-24v1.0, April 2011Setting Up a Repeater UnitUse a wired Ethernet connection to set up the repeater unit to avoid conflicts with the wireless connection to the base station.To configure a WNR3500Lv2 router as a repeater unit:1. If you are using the same model of wireless router for both the base station and repeaters, you must change the LAN IP address for each repeater to a different IP address in the same subnet (see “Using the LAN IP Setup Options” on page 5-1). 2. Log in to the router that will be the repeater. Check the Wireless Settings screen, and verify that the wireless settings match the base unit exactly. If the settings are different, be sure to configure the wireless settings to match the base station settings.3. In the Wireless Repeating Function screen, select the Enable Wireless Repeating Function check box and the Wireless Repeater radio button.4. Fill in the IP Address field. This IP address must be in the same subnet as the base station, but different from the LAN IP of the base station.5. Fill in the Base Station MAC Address field.6. Click Apply to save your changes.7. Verify connectivity across the LANs. A computer on any wireless or wired LAN segment of the wireless router should be able to connect to the Internet or share files and printers with any other wireless or wired computer or server connected to the other AP.Note: If you are using the WNR3500Lv2 base station with a non-NETGEAR wireless router as the repeater, you might need to change additional configuration settings. In particular, you should disable the DHCP server function on the wireless repeater AP.Note: Failing to change the LAN IP address will cause an IP address conflict in the network because the factory default LAN IP is the same for both units.
6-1v1.0, April 2011Chapter 6Fine-Tuning Your NetworkThis chapter describes how to modify the configuration of the N300 Wireless Gigabit Router WNR3500Lv2 to allow specific applications to access the Internet or to be accessed from the Internet, and how to make adjustments to enhance your network’s performance.This chapter includes the following sections:•“Assessing Your Speed Requirements” on page 6-2•“Optimizing Your Network Bandwidth” on page 6-3•“Optimizing Wireless Performance” on page 6-5•“Changing the MTU Size” on page 6-6•“Quality of Service” on page 6-7•“Using Universal Plug and Play” on page 6-13Common connection types and their speed and security considerations are:•Broadband Internet. Your Internet connection speed is determined by your modem type, such as ADSL or cable modem, as well as the connection speed of the sites to which you connect, and general Internet traffic. ADSL and cable modem connections are asymmetrical, meaning they have a lower data rate to the Internet (upstream) than from the Internet (downstream). Keep in mind that when you connect to another site that also has an asymmetrical connection, the data rate between your sites is limited by each side’s upstream and downstream data rate. A typical residential ADSL or cable modem connection provides a downstream throughput of about 1 to 3 megabits per second (Mbps). Newer technologies such as ADSL2+ and Fiber to the Home (FTTH) will increase the connection speed to tens of Mbps.•Wireless. Your N300 Wireless Gigabit Router WNR3500Lv2 provides a wireless link rate of up to 300 Mbps using technology called multiple input, multiple output (MIMO), in which multiple antennas transmit multiple streams of data. The use of multiple antennas also provides excellent range and coverage. With the introduction of the newer WPA and WPA2 encryption and authentication protocols, wireless security is extremely strong.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Fine-Tuning Your Network 6-2v1.0, April 2011To get the best performance, use RangeMax NEXT adapters such as the WN511B for your computers. Although the RangeMax NEXT router is compatible with older 802.11b and 802.11g adapters, the use of these older wireless technologies in your network can result in lower throughput overall (typically less than 10 Mbps for 802.11b and less than 40 Mbps for 802.11g). In addition, many older wireless products do not support the latest security protocols, WPA and WPA2.•Powerline. For connecting rooms or floors that are blocked by obstructions or are distant vertically, consider networking over your building’s AC wiring. NETGEAR’s Powerline HD family of products delivers up to 200 Mbps to any outlet, while the older-generation XE family of products delivers 14 Mbps or 85 Mbps. Data transmissions are encrypted for security, and you can configure an individual network password to prevent neighbors from connecting.The Powerline HD family of products can coexist on the same network with older-generation XE family products or HomePlug 1.0 products, but they are not interoperable with these older products.•Wired Ethernet. As gigabit-speed Ethernet ports (10/100/1000 Mbps) become common on newer computers, wired Ethernet remains a good choice for speed, economy, and security. Gigabit Ethernet can extend up to 100 meters with twisted-pair wiring of Cat 5e or better. A wired connection is not susceptible to interference, and eavesdropping would require a physical connection to your network.Assessing Your Speed RequirementsBecause your Internet connection is likely to operate at a much lower speed than your local network, faster local networking technologies might not improve your Internet experience. However, many emerging home applications require high data rates. For example:• Streaming HD video requires 10 to 30 Mbps per stream. Because latency and packet loss can disrupt your video, plan to provide at least twice the capacity you need.• Streaming MP3 audio requires less than 1 Mbps per stream and does not strain most modern networks. Like video, however, streaming audio is also sensitive to latency and packet loss, so a congested network or a noisy link can cause problems.Note: Actual data throughput will vary. Network conditions and environmental factors, including volume of network traffic, building materials and construction, and network overhead, can lower actual data throughput rate.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Fine-Tuning Your Network 6-3v1.0, April 2011• Backing up computers over the network has become popular due to the availability of inexpensive mass storage. Table 6-1 shows approximate, comparative times for transferring 1 gigabyte (1 GB) of data using various networking technologies.Optimizing Your Network BandwidthAs your network grows, it might consist of several segments of different networking technologies, each providing different throughput. In planning your network, you should first consider which devices will have the heaviest traffic flow between them. Examples are:• A media center in one room streaming high-definition video from a server in another room• A storage device that is used for backing up your computersTable 6-1. Theoretical Transfer Time for 1 GigabyteNetwork Connection Theoretical Raw Transfer TimeGigabit wired Ethernet 8 seconds802.11n (40MHz) wireless 26 secondsPowerline HD 40 seconds100 Mbps wired Ethernet 80 seconds802.11n (20MHz) wireless 55 seconds802.11g wireless 150 seconds802.11b wireless 700 seconds10 Mbps wired Ethernet 800 secondsCable modem (3 Mbps) 2700 secondsAnalog modem (56 kbps) 144,000 seconds (40 hours)
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Fine-Tuning Your Network 6-4v1.0, April 2011Next, consider the throughput of your network devices. Where possible, make the heaviest-traffic connections using higher-speed technologies, with no lower-speed bottlenecks in the path.Figure 6-1 shows a sample network using multiple networking technologies. In this network, the two PCs with Gigabit (1000 Mbps) Ethernet adapters have a gigabit connection through the GS605 switch to the storage server. This connection should allow for extremely fast backups or quick access to large files on the server. The PC connected through a pair of Powerline HD adapters is limited to the 200 Mbps speed of the Powerline HD connection. Although any of the links in this example would be sufficient for high-traffic applications such as streaming HD video, the use of older devices such as 10 Mbps Ethernet or 802.11b wireless would create a significant bottleneck.Figure 6-1
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Fine-Tuning Your Network 6-5v1.0, April 2011Optimizing Wireless PerformanceThe speed and operating distance or range of your wireless connection can vary significantly based on the physical placement of the wireless router. You should choose a location for your router that will maximize the network speed.The following list describes how to optimize wireless router performance.•Identify critical wireless links.If your network has several wireless devices, decide which wireless devices need the highest data rate, and locate the router near them. Many wireless products have automatic data-rate fallback, which allows increased distances without loss of connectivity. This also means that devices that are farther away might be slower. Therefore, the most critical links in your network are those where the traffic is high and the distances are great. Optimize those first. •Choose placement carefully.For best results, place your router:– Near the center of the area in which your computers will operate.– In an elevated location such as a high shelf where the wirelessly connected computers have line-of-sight access (even if through walls).– Avoid obstacles to wireless signals.– Keep wireless devices at least 2 feet from large metal fixtures such as file cabinets, refrigerators, pipes, metal ceilings, reinforced concrete, and metal partitions.– Keep away from large amounts of water such as fish tanks and water coolers.• Reduce interference.– Avoid windows unless communicating between buildings.– Place wireless devices away from various electromagnetic noise sources, especially those in the 2400–2500 MHz frequency band. Common noise-creating sources are:• Computers and fax machines (no closer than 1 foot)• Copying machines, elevators, and cell phones (no closer than 6 feet)Note: Failure to follow these guidelines can result in significant performance degradation or inability to wirelessly connect to the router. For complete range and performance specifications, click the link to the online document “Wireless Networking Basics” in Appendix B.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Fine-Tuning Your Network 6-6v1.0, April 2011• Microwave ovens (no closer than 10 feet)• Choose your settings.– Use a scanning utility to determine what other wireless networks are operating nearby, and choose an unused channel.– Turn off SSID broadcast, and change the default SSID. Other nearby devices might automatically try to connect to your network several times a second, which can cause significant performance reduction. • Use WMM to improve the performance of voice and video traffic over the wireless link.Changing the MTU SizeThe Maximum Transmission Unit (MTU) is the largest data packet a network device transmits. When one network device communicates across the Internet with another, the data packets travel through many devices along the way. If any device in the data path has a lower MTU setting than the other devices, the data packets must be split or “fragmented” to accommodate the one with the smallest MTU. The best MTU setting for NETGEAR equipment is often just the default value, and changing the value might fix one problem but cause another. Leave MTU unchanged unless one of these situations occurs:• You have problems connecting to your ISP, or other Internet service, and either the technical support of the ISP or of NETGEAR recommends changing the MTU size. These might require an MTU change:– A secure Web site that will not open, or displays only part of a Web page–Yahoo e-mail–MSN– America Online’s DSL service• You use VPN and have severe performance problems.• You used a program to optimize MTU for performance reasons, and now you have connectivity or performance problems.Note: An incorrect MTU setting can cause Internet communication problems such as the inability to access certain Web sites, frames within Web sites, secure login pages, or FTP or POP servers.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Fine-Tuning Your Network 6-7v1.0, April 2011If you suspect an MTU problem, a common solution is to change the MTU size to 1400. If you are willing to experiment, you can gradually reduce the MTU size from the maximum value of 1500 until the problem goes away. Table 6-2 describes common MTU sizes and applications.To change the MTU size:1. In the main menu, under Advanced, select WA N S e tu p . 2. In the MTU Size field, enter a new size between 64 and 1500.3. Click Apply to save the new configuration.Quality of ServiceQuality of Service (QoS) is an advanced feature that can be used to prioritize some types of traffic ahead of others. The WNR3500Lv2 router can provide QoS prioritization over the wireless link and on the Internet connection. To configure QoS, use the QoS Setup screen. Table 6-2. Common MTU SizesMTU Application1500 The largest Ethernet packet size and the default value. This is the typical setting for non-PPPoE, non-VPN connections, and is the default value for NETGEAR routers, adapters, and switches.1492 Used in PPPoE environments.1472 Maximum size to use for pinging. (Larger packets are fragmented.)1468 Used in some DHCP environments.1460 Usable by AOL if you do not have large e-mail attachments, for example.1436 Used in PPTP environments or with VPN.1400 Maximum size for AOL DSL.576 Typical value to connect to dial-up ISPs.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Fine-Tuning Your Network 6-8v1.0, April 2011From the main menu of the browser interface, under Advanced, select QoS Setup. The QoS Setup screen displays:Using WMM QoS for Wireless Multimedia ApplicationsThe WNR3500Lv2 router supports Wi-Fi Multimedia Quality of Service (WMM QoS) to prioritize wireless voice and video traffic over the wireless link. WMM QoS provides prioritization of wireless data packets from different applications based on four access categories: voice, video, best effort, and background. For an application to receive the benefits of WMM QoS, both it and the client running that application must be WMM enabled. Legacy applications that do not support WMM, and applications that do not require QoS, are assigned to the best effort category, which receives a lower priority than voice and video. WMM QoS is enabled by default. You can disable it in the QoS Setup screen, shown in Figure 6-2 on page 6-8, by clearing the Enable WMM check box and clicking Apply.Configuring QoS for Internet AccessYou can give prioritized Internet access to the following types of traffic:• For specific applications• For specific online games• On individual Ethernet LAN ports of the router• From a specific device by MAC addressFigure 6-2
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Fine-Tuning Your Network 6-9v1.0, April 2011To specify prioritization of traffic, you must create a policy for the type of traffic and add the policy to the QoS Policy table in the QoS Setup screen. For convenience, the QoS Policy table lists many common applications and online games that can benefit from QoS handling.QoS for Applications and Online GamingTo create a QoS policy for applications and online games:1. From the main menu, under Advanced, select QoS Setup. The QoS Setup screen displays, as shown in Figure 6-2 on page 6-8.2. Click Setup QoS Rule. The QoS Priority Rule List displays: 3. In the QOS Priority Rule List, select an existing item, or you can scroll to the bottom of the list and select Add Priority Rule.Figure 6-3
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Fine-Tuning Your Network 6-10v1.0, April 2011a. If you chose to add a new entry, the screen expands as shown:b. In the QoS Policy for field, enter a descriptive name for the new application or game.c. Select the packet type, either TCP, UDP, or both (TCP/UDP), and specify the port number or range of port numbers used by the application or game.4. From the Priority drop-down list, select the priority that this traffic should receive relative to other applications and traffic when accessing the Internet. The options are Low, Normal, High, and Highest.5. Click Apply to save this rule to the QoS Policy list and return to the QoS Setup screen.6. In the QoS Setup screen, select the Turn Internet Access QoS On check box.7. Click Apply.QoS for a Router LAN PortTo create a QoS policy for a device connected to one of the router’s LAN ports:1. From the main menu, under Advanced, select QoS Setup. The QoS Setup screen displays, as shown in Figure 6-2 on page 6-8.2. Click Setup QoS Rule and then click Add Priority Rule. Figure 6-4
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Fine-Tuning Your Network 6-11v1.0, April 20113. On the QoS - Priority Rules screen, go to the Priority Category field, and select Ethernet LAN Port from the drop-down list:4. From the LAN port list, select the LAN port that will have a QoS policy.5. From the Priority drop-down list, select the priority that this port’s traffic should receive relative to other applications and traffic when accessing the Internet. The options are Low, Normal, High, and Highest.6. Click Apply to save this rule to the QoS Policy list and return to the QoS Setup screen.7. Click Apply.QoS for a MAC AddressTo create a QoS policy for traffic from a specific MAC address:1. From the main menu, under Advanced, select QoS Setup. The QoS Setup screen displays, as shown in Figure 6-2 on page 6-8.2. Click Setup QoS Rule and then click Add Priority Rule. Figure 6-5
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Fine-Tuning Your Network 6-12v1.0, April 20113. On the QoS - Priority Rules screen, go to the Priority Category field, and select MAC Address from the drop-down list:4. If the device to be prioritized appears in the MAC Device List, select it. The information from the MAC Device List is used to populate the policy name, MAC Address, and Device Name fields. If the device does not appear in the MAC Device List, click Refresh. If it still does not appear, you must complete these fields manually. 5. From the Priority drop-down list, select the priority that this device’s traffic should receive relative to other applications and traffic when accessing the Internet. The options are Low, Normal, High, and Highest.6. Click Apply to save this rule to the QoS Policy list and return to the QoS Setup screen.7. Click Apply.Editing or Deleting an Existing QoS PolicyTo edit or delete an existing QoS policy:1. From the main menu, under Advanced, select QoS Setup. The QoS Setup screen displays, as shown in Figure 6-2 on page 6-8.2. Click Setup QoS Rule.3. Select the radio button next to the QoS policy to be edited or deleted, and do one of the following:• Click Delete to remove the QoS policy.• Click Edit to edit the QoS policy. Follow the instructions in the preceding sections to change the policy settings.Figure 6-6
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Fine-Tuning Your Network 6-13v1.0, April 20114. Click Apply in the QoS Setup screen to save your changes.Using Universal Plug and PlayUniversal Plug and Play (UPnP) helps devices, such as Internet appliances and computers, to access the network and connect to other devices as needed. UPnP devices can automatically discover the services from other registered UPnP devices on the network.To turn on Universal Plug and Play:1. From the main menu of the browser interface, under Advanced, click UPnP. The UPnP screen displays.2. The available settings and displays in this screen are:•Turn UPnP On. UPnP can be enabled or disabled for automatic device configuration. The default setting for UPnP is enabled. If this check box is not selected, the router does not allow any device to automatically control the resources, such as port forwarding (mapping) of the router.•Advertisement Period. The advertisement period is how often the router broadcasts its UPnP information. This value can range from 1 to 1440 minutes. The default period is 30 minutes. Shorter durations ensure that control points have current device status at the expense of additional network traffic. Longer durations might compromise the freshness of the device status but can significantly reduce network traffic.Note: If you use applications such as multiplayer gaming, peer-to-peer connections, real-time communications such as instant messaging, or remote assistance (a feature in Windows XP), you should enable UPnP.Figure 6-7
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Fine-Tuning Your Network 6-14v1.0, April 2011•Advertisement Time To Live. The time to live for the advertisement is measured in hops (steps) for each UPnP packet sent. The time to live hop count is the number of steps a multicast packet is allowed to propagate for each UPnP advertisement before it disappears. The number of hops can range from 1 to 255. The default value for the advertisement time to live is 4 hops, which should be fine for most home networks. If you notice that some devices are not being updated or reached correctly, then it might be necessary to increase this value.•UPnP Portmap Table. The UPnP Portmap Table displays the IP address of each UPnP device that is currently accessing the router and which ports (Internal and External) that device has opened. The UPnP Portmap Table also displays what type of port is open and whether that port is still active for each IP address. 3. Click Apply to save your settings.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual USB Storage 7-1v1.0, April 2011Chapter 7USB StorageThis chapter describes how to access and configure a USB storage drive attached to your router.This chapter includes the following sections:•“USB Drive Requirements” •“File Sharing Scenarios” on page 7-2 •“ReadyShare Access” on page 7-10 •“USB Storage Basic Settings” on page 7-4 •“Configuring USB Storage Advanced Settings” on page 7-7 •“Unmounting a USB Drive” on page 7-10 •“Specifying Approved USB Devices” on page 7-11 •“Connecting to the USB Drive from a Remote Computer” on page 7-12 •“Connecting to the USB Drive with Microsoft Network Settings” on page 7-12 USB Drive RequirementsThe router works with 1.0 and 1.1 (USB Full Speed) and 2.0 (USB High Speed) standards. The approximate USB bus speeds are shown below.Note: The USB port on the router can be used only to connect USB storage devices like flash drives or hard drives. Do not connect computers, USB modems, printers, CD drives, or DVD drives to the router USB port.Bus Speed/SecUSB 1.1 12 MbitsUSB 2.0 480 Mbits
N300 Wireless Gigabit Router WNR3500Lv2 User Manual USB Storage 7-2v1.0, April 2011Actual bus speeds can vary, depending on the CPU speed, memory, speed of the network, and other variables.The router should work with most USB-compliant external flash and hard drives. For the most up-to-date list of USB drives supported by the router, go to: http://kb.netgear.com/app/answers/detail//a_id/11280.The router supports both READ and WRITE for FAT16, FAT32, and NTFS.File Sharing ScenariosYou can share files on the USB drive for a wide variety of business and recreational purposes. The files can be any PC, Mac, or Linux file type including text files, Word, PowerPoint, Excel, MP3. pictures, and multimedia. USB drive applications include:• Sharing multimedia with friends and family—sharing MP3 files, pictures, and other multimedia with local and remote users.• Sharing resources on your network—storing files in a central location so that you do not have to power up a computer to perform local sharing. In addition, you can share files between Macintosh, Linux, and PC computers by using the USB drive as a go-between across the systems.• Sharing files with offsite coworkers—sharing files such as Word documents, PowerPoint presentations, and text files with remote users.A few common uses are described in the following sections.Sharing Photos with Friends and FamilyYou can create your own central storage location for photos and multimedia. This eliminates the need to log in to (and pay for) an external photo sharing site.To share files with your friends and family:1. Insert your USB drive into the USB port on the router either directly or with a USB cable.Computers on your local area network (LAN) can automatically access this USB drive using a Web browser or Microsoft Networking.Note: Some USB external hard drives and flash drives require drivers to be loaded in to the PC before the PC can access the USB device. Such USB devices will not work with the WNR3500L router.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual USB Storage 7-3v1.0, April 20112. If you want to specify read only access, or to allow access from the Internet, see “Configuring USB Storage Advanced Settings” on page 7-7.Storing Files in a Central Location for PrintingThis scenario is for a family that has one high quality color printer directly attached to a PC, but not shared on the local area network (LAN). This family does not have a print server:• The daughter has some photos on her Macintosh computer that she wants to print.• The mother has a photo-capable color printer directly attached to her PC, but not shared on the network.• The mother and daughter’s computers are not visible to each other on the network.How can the daughter print her photos on the color printer attached to her mother’s PC? This is where the USB drive on the router can save you time and effort.1. The daughter accesses the USB drive by typing \\readyshare in the address field of her Web browser. Then she copies the photos to the USB drive.2. The mother uses her Web browser or Microsoft Networking to transfer the files from the USB drive to the PC. Then she prints the files.Sharing Large Files with ColleaguesSending files that are larger than 5 MB can pose a problem for many e-mail systems. The router allows you to share very large files such as PowerPoint presentations or ZIP files with colleagues at another site. Rather than filling up their mail systems with large files, your colleagues can use FTP to easily download shared files from the router.Sharing files with a remote colleague involves the following considerations:• There are two user accounts: admin and guest. • On the FTP site, your colleagues should use the guest user account. No password is required for guest.Note: The password for admin is the same one that you use to access the router. By default, it is password. The guest user account has no password.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual USB Storage 7-4v1.0, April 2011• Be sure to enable either FTP (via Internet) in the USB Storage (Advanced Settings) screen. This option supports both downloading and uploading of files. See “Configuring USB Storage Advanced Settings” on page 7-7. USB Storage Basic SettingsYou can view or edit basic settings for the USB storage device attached to your router. On the router main menu below the USB Storage heading, select Basic Settings. The following screen displays:By default, the USB storage device is available to all computers on your local area network (LAN). To access your USB device from this screen, you can click the Network/Device Name or the Share Name.Note: You can also enable the HTTP (via Internet) option on the USB Storage (Advanced Settings) screen to share large files. This option supports downloading files only. See “Configuring USB Storage Advanced Settings” on page 7-7.Figure 7-1
N300 Wireless Gigabit Router WNR3500Lv2 User Manual USB Storage 7-5v1.0, April 2011Alternately, you can also type \\readyshare in the address field of your Web browser.The following table explains the fields and buttons in this screen:.Note: If you logged in to the router before you connected your USB device, you might not see your USB device in the router screens until you log out and then log back in again.Table 7-1. USB Storage Basic SettingsFields and Buttons DescriptionNetwork Device Name The default is \\readyshare. This is the name used to access the USB device connected to the router.Available Network foldersShare Name If only 1 device is connected, the default share name is USB_Storage. You can click the name shown or you can type it in the address field of your Web Browser. If Not Shared is shown, the default share has been deleted and no other share for the root folder exists. Click the Edit button to change this setting.Read/Write AccessShows the permissions/access controls on the network folder: All – no password (the default) allows all users to access the network folder. The user name (account name) for All – no password is guest. The password for admin is the same one that you use to log in to the router main menu. By default, it is password.Folder Name Full path used by the network folder: Volume Name Volume name from the storage device (either USB drive or HDD).Total/Free SpaceShows the current utilization of the storage device.Edit button Click the Edit button to edit the Available Network folder settings. See “Editing a Network Folder” on page 7-6.Safely Remove USB Device button Click to safely remove the USB device attached to your router. See “Unmounting a USB Drive” on page 7-10.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual USB Storage 7-6v1.0, April 2011Editing a Network FolderOn the USB Storage (Advanced Settings) screen, click the Edit button to open the Edit Network Folder screen.You can use this screen to select a folder, change the Share Name, or change the Read Access or Write Access from All – no password to admin. The user name (account name) for All – no password is guest. The password for admin is the same one that is used to log in to the router main menu. By default, it is password.Figure 7-2Note: You must click Apply in order for your changes to take effect.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual USB Storage 7-7v1.0, April 2011Configuring USB Storage Advanced SettingsTo configure advanced USB settings, under the USB heading on the router main menu, select Advanced Settings. The USB Storage (Advanced Settings) screen displays.You can use this screen to specify access to the USB storage device. The following table explains the fields and buttons in the USB Storage Advanced Settings screen.Figure 7-3Table 7-2. USB Storage Advanced SettingsFields and Buttons DescriptionNetwork Device Name The default is readyshare. This is the name used to access the USB device connected to the router. The name works only in an operating system that supports NetBIOS, such as Microsoft Windows.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual USB Storage 7-8v1.0, April 2011Workgroup If you are using a Windows Workgroup rather than a domain, the Workgroup name is displayed here. The name only works in an operating system that supports NETBIOS like Microsoft Windows.Access Method Network ConnectionEnabled by default, this connection allows all users on the LAN to have access to the USB drive.HTTP Disabled by default. If you enable this setting, you can type http://readyshare (http://readyshare.routerlogin.net/shares) to access the USB drive.HTTP (via internet) Disabled by default. If you enable this setting, remote users can type http://public IP address/shares (for example, http://1.1.10.102/shares) or a URL domain name to access the USB drive over the Internet. This setting supports file uploading only.FTP Disabled by default.FTP (via internet) Disabled by default. If you enable this setting, remote users can access the USB drive via FTP over the Internet. This setting supports both downloading and uploading of files.Available Network FoldersShare Name If only 1 device is connected, the default share name is USB_Storage. You can click the name shown or you can type it in the address field of your Web Browser. If Not Shared is shown, the default share has been deleted and no other share for the root folder exists. Click the Edit button to change this setting.Read/Write Access Shows the permissions/access controls on the network folder: All - no password (the default) allows all users to access the network folder. The password for admin is the same one that you use to log in to the router main menu.Folder Name Full path used by the network folder: Volume Name Volume name from the storage device (either USB drive or HDD).Total/Free Space Shows the current utilization of the storage device.Table 7-2. USB Storage Advanced SettingsFields and Buttons Description
N300 Wireless Gigabit Router WNR3500Lv2 User Manual USB Storage 7-9v1.0, April 2011Creating a Network FolderFrom the USB Storage (Advanced Settings) screen, click the Create a Network Folder button to open the Create a Network Folder screen:You can use this screen to create a folder and to specify its Share Name, Read Access, and Write Access from All - no password to admin. The user name (account name) for All – no password is guest. The password for admin is the same one that is used to log in to the router main menu. By default, it is password.Figure 7-4Note: You must click Apply in order for your changes to take effect.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual USB Storage 7-10v1.0, April 2011ReadyShare AccessOnce you have set up your router, you can connect any USB storage device and share the contents with other users on your network.You can access your USB device in any of the following ways:• On Windows 7, Windows XP, Windows Vista, and Windows 2000 systems, select Start > Run and enter \\readyshare in the dialog box. Click OK.• On Windows 7, Windows XP, Windows Vista, and Windows 2000 systems, open Explorer or Safari, and enter \\readyshare in the Address Bar.• On Mac OS X (version 10.2 or later), enter smb://readyshare in the Address Bar.• In My Network Places, enter \\readyshare in the Address Bar.You can also use the ReadyShareConnect utility to automatically map your USB drive on Windows 7, Windows XP, Windows Vista, and Windows 2000 systems:1. Copy ReadyShareConnect from your Resource CD to your PC, and click ReadyShareConnect.exe.2. The Windows Map Network Drive dialog box opens and displays the Folder name: \\readyshare\USB_Storage. Select a drive from the Drive dialog box and click Finish.Unmounting a USB DriveTo unmount a USB disk drive so that no users can access it, from the USB Settings screen, click the Safely Remove USB button. This takes the drive offline.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual USB Storage 7-11v1.0, April 2011Specifying Approved USB DevicesFor more security, you can set up the router to share approved USB devices only.1. Select USB Settings from the Advanced menu, and then click Approved Devices. The USB Drive Approved Settings screen displays:2. Select the USB device from the Available USB Devices list.3. Click Add.4. Select the Allow only approved devices check box.5. Click Apply so that your change takes effect.If you want to approve another USB device, you must first use the Safely Remove USB Device button to unmount the currently connected USB device. Connect the other USB device, and then repeat this process.Figure 7-5
N300 Wireless Gigabit Router WNR3500Lv2 User Manual USB Storage 7-12v1.0, April 2011Connecting to the USB Drive from a Remote ComputerTo connect to the USB drive from remote computers using a Web browser, you must use the router’s Internet port IP address. If you are using dynamic DNS, you can type the DNS name, rather than the IP address.Locating the Internet Port IP AddressThe Router Status screen shows the Internet port IP address:1. Log in to the router.2. Under the Maintenance section in the left navigator, click Router Status.3. Record the IP address that is listed for the Internet Port. This is the IP address you can use to connect to the router remotely.Accessing the Router’s USB Drive Remotely Using FTPYou can connect to the router’s USB drive using a Web browser:1. Connect to the router by typing ftp:// and the Internet port IP address in the address field of Internet Explorer or Netscape Navigator. For example,ftp://206.82.202.46/shares If you are using dynamic DNS, you can type the DNS name, rather than the IP address.2. Type the account name and password that has access rights to the USB drive. The user name (account name) for All – no password is guest. 3. The directories of the USB drive that your account has access to will be displayed, for example, share/partition1/directory1. You can now read and copy files from the USB directory.Connecting to the USB Drive with Microsoft Network SettingsYou can access the USB drive from local computers on your home or office network using Microsoft network settings. You must be running Microsoft Windows 2000, XP, or older versions of Windows with Microsoft networking enabled. You can use normal Explorer operations, such as drag and drop, file open, or cut/paste files from:
N300 Wireless Gigabit Router WNR3500Lv2 User Manual USB Storage 7-13v1.0, April 2011• Microsoft Windows Start Menu, Run option• Windows Explorer• Network Neighborhood or My Network Place.Enabling File and Printer SharingEach computer’s network properties must be set to enable network communication with the USB drive. File and Printer Sharing for Microsoft Networks must be enabled, as described below.Configuring Windows 98SE and Windows METhe easiest way to get to your network properties is to go to your desktop, right-click Network Neighborhood and then click Properties. File and printer sharing for Microsoft Windows should be listed. If not, click Add and follow the installation prompts.Configuring Windows 2000 and Windows XPRight-click on the network connection for your local area network. File and Printer Sharing for Microsoft Windows should be listed. If not, click Install and follow the installation prompts.Note: In Windows 2000 and Windows XP, File and Printer Sharing is enabled by default.Note: If you have any questions on File and Printer Sharing, please contact Microsoft for assistance.
8-1v1.0, April 2011Chapter 8TroubleshootingThis chapter provides information about troubleshooting your N300 Wireless Gigabit Router WNR3500Lv2. After each problem description, instructions are provided to help you diagnose and solve the problem. As a first step, please review the Quick Tips.This chapter includes the following sections:•“Quick Tips”•“Troubleshooting Basic Functions” on page 8-3•“Cannot Access the Router Main Menu” on page 8-5•“Cannot Access the Internet” on page 8-6•“Troubleshooting a Network Using the Ping Utility” on page 8-8•“Problems with Date and Time” on page 8-10•“Wireless Connectivity” on page 8-10•“Restoring the Default Configuration and Password” on page 8-14Quick TipsThis section describes tips for troubleshooting some common problems.Tip: NETGEAR provides helpful articles, documentation, and the latest software updates at http://www.netgear.com/support.Table 8-1. Quick Tips Recommendation InstructionsBe sure to restart your network in this sequence. 1. Turn off and unplug the modem. 2. Turn off the wireless router and computers.3. Plug in the modem and turn it on. Wait 2 minutes.4. Turn on the wireless router and wait 2 minutes.5. Turn on the computers.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Troubleshooting 8-2v1.0, April 2011Make sure that the Ethernet cables are securely plugged in. • The Internet status light on the wireless router is on if the Ethernet cable connecting the wireless router and the modem is plugged in securely and the modem and wireless router are turned on. • For each powered-on computer connected to the wireless router by an Ethernet cable, the corresponding numbered router LAN port light is on. Make sure that the wireless settings in the computer and router match exactly. • For a wirelessly connected computer, the wireless network name (SSID) and wireless security settings of the router and wireless computer must match exactly. • If you set up an Access List in the Advanced Wireless Settings screen, you must add each wireless computer’s MAC address to the router’s access list.Make sure that the network settings of the computer are correct. • Wired and wirelessly connected computers must have network (IP) addresses on the same network as the router. The simplest way to do this is to configure each computer to obtain an IP address automatically using DHCP. Click the link to the online document “Preparing Your Network” in Appendix B, or see the documentation that came with your computer.• Some cable modem service providers require you to use the MAC address of the computer initially registered on the account. You can view the MAC address in the Attached Devices screen.Check the Power light to verify correct router operation. If the Power light does not turn off within 2 minutes after you turn the router on, reset the router according to the instructions in “Restoring the Default Configuration and Password” on page 8-14.Table 8-1. Quick Tips (continued)Recommendation Instructions
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Troubleshooting 8-3v1.0, April 2011Troubleshooting Basic FunctionsAfter you turn on power to the router, the following sequence of events should occur:1. When power is first applied, verify that the Power light is on.2. After approximately 1 minute, verify that:a. The Power light is solid green.b. The Internet light is on if the Internet port is connected.c. A numbered LAN port light is on for any local port that is connected to a computer. This indicates that a link has been established to the connected device.If any of the above conditions does not occur, see the following table.Table 8-2. Troubleshooting LED BehaviorSituation Recommended ActionPower light is off. Check the following:• Make sure that the power cord is properly connected to your router and that the power adapter is properly connected to a functioning power outlet.• Check that you are using the power adapter supplied by NETGEAR for this product.If the error persists, you have a hardware problem and should contact technical support.Power light stays amber. When the router is turned on, the Power light turns amber for about 60 seconds and then turns green. If the light does not turn green, the router has a problem.If the Power light is still amber 2 minutes after turning on power to the router:1. Turn the power off and back on to see if the router recovers.2. Clear the router’s configuration to factory defaults. This will set the router’s IP address to www.routerlogin.net. This procedure is explained in “Restoring the Default Configuration and Password” on page 8-14.If the error persists, you might have a hardware problem and should contact technical support.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Troubleshooting 8-4v1.0, April 2011Power light blinks green slowly and continuously. The wireless router firmware is corrupted.Restore the wireless router firmware:1. Make sure that your PC is connected to your wireless router and the wireless router is powered on.2. Insert the Resource CD that came with your router into your PC.The CD automatically starts and detects the language you are using on your PC. Select a different language option, if you prefer. If the CD does not automatically start, browse the CD and double-click .3. From the CD menu, select Supporting Software, then Netgear Firmware Recovery Utility, and follow the prompts for the recovery process.4. After firmware recovery is complete, follow the prompts to restore your configuration. The firmware recovery utility places a Netgear Router Recovery shortcut on the desktop. Internet light stays amber. When the router is turned on, the Internet light turns amber for about 60 seconds and then turns green. If the light does not turn green, the router has a problem.If the Internet light is still amber 2 minutes after turning on power to the router:1. The Internet is not accessible. Confirm that you have the correct internet setting. 2. Clear the router’s configuration to factory defaults. This will set the router’s IP address to www.routerlogin.net. This procedure is explained in “Restoring the Default Configuration and Password” on page 8-14.3. Turn the power off and back on to see if the router recovers.WPS push-button blinks green after setting WPS security.Check the following:1. Make sure that you are using the push-button (see “Using Push ‘N’ Connect to Configure Your Wireless Network” on page 2-9).2. Check that PIN verification has succeeded for the WPS-enabled device you are connecting to the router.3. Make sure you have not pushed the push-button after disabling the WPS function (you logged into the router and disabled this previously).4. Check that the router is not in the temporary AP setup locked state (if you are using the wireless repeater function).Table 8-2. Troubleshooting LED Behavior (continued)Situation Recommended Action
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Troubleshooting 8-5v1.0, April 2011Cannot Access the Router Main MenuIf you are unable to access the router’s main menu from a computer on your local network, check the following:• If you are connecting from a wireless computer, try connecting from a wired computer.• Check the Ethernet connection between the wired computer and the router as described in “Troubleshooting Basic Functions” on page 8-3.Lights never turn off. When the router is turned on, the Power LED does not go off. The WAN and LAN port LEDs come on after about 10 seconds if the ports are connected. If all lights are still on 1 minute after power up:• Cycle the power to see if the router recovers.• Clear the router’s configuration to factory defaults as explained in “Restoring the Default Configuration and Password” on page 8-14.If the error persists, you might have a hardware problem and should contact Technical Support at www.netgear.com/support.The Internet or Ethernet port lights are off.If either the Ethernet port lights or the Internet light does not light when the Ethernet connection is made, check the following:• Make sure that the Ethernet cable connections are secure at the router and at the modem or computer.• Make sure that power is turned on to the connected modem or computer.• Be sure that you are using the correct cable:When connecting the router’s Internet port to a cable or DSL modem, be sure to use the yellow Ethernet cable that was supplied with your NETGEAR wireless router.Wireless light is off. If the Wireless light does not come on, verify that the Enable Wireless Router Radio check box is selected in the Advanced Wireless Settings screen. See “Restricting Access to Your Router” on page 2-15.Table 8-2. Troubleshooting LED Behavior (continued)Situation Recommended Action
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Troubleshooting 8-6v1.0, April 2011• Make sure that your computer’s IP address is on the same subnet as the router. For instructions, click the link to the online document “Preparing Your Network” in Appendix B to configure your computer.• Make sure that your browser has Java, JavaScript, or ActiveX enabled. If you are using Internet Explorer, click Refresh to be sure that the Java applet is loaded.• Try closing the browser and opening it again, or try a different browser.• Make sure that you are using the correct login information. The factory default login name is admin, and the password is password. Make sure that Caps Lock is off when entering this information.If the router does not save changes you have made in the Web Configuration Interface, check the following:• When entering configuration settings, be sure to click Apply before moving to another screen or tab, or your changes could be lost. • Click Refresh or Reload in the Web browser. The changes might have occurred, but the Web browser might be caching the old configuration.Cannot Access the InternetIf you can access your router but you are unable to access the Internet, you should first determine whether the router can obtain an IP address from your Internet Service Provider (ISP). Unless your ISP provides a static IP address, your router must request an IP address from the ISP. You can determine whether the request was successful using the Web Configuration Manager.To check the WAN IP address: 1. Start your browser, and select an external site such as http://www.netgear.com.2. Access the main menu of the router’s configuration at http://www.routerlogin.net.3. Under Maintenance, select Router Status.Note: If your computer’s IP address is shown as 169.254.x.x: Windows and Mac OS generate and assign an IP address if the computer cannot reach a DHCP server. These autogenerated addresses are in subnet 169.254.x.x. If your IP address is in this range, check the connection from the computer to the router, and reboot your computer.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Troubleshooting 8-7v1.0, April 20114. Check that an IP address is shown for the Internet port. If 0.0.0.0 is shown, your router has not obtained an IP address from your ISP.If your router is unable to obtain an IP address from the ISP, you might need to force your cable or DSL modem to recognize your new router by restarting your network, as described in Table 8-1 o n page 8-1.If your router is still unable to obtain an IP address from the ISP, the problem might be one of the following:• Your ISP might require a login program.Ask your ISP whether they require PPP over Ethernet (PPPoE) or some other type of login.• If your ISP requires a login, the login name or password might be set incorrectly.• Your ISP might check for your computer’s host name.Assign the computer host name of your ISP account as the account name in the Basic Settings screen.• Your ISP allows only one Ethernet MAC address to connect to Internet and might check for your computer’s MAC address. In this case, do one of the following:– Inform your ISP that you have bought a new network device, and ask them to use the router’s MAC address.– Configure your router to spoof your computer’s MAC address. This procedure is explained in “Using the Setup Wizard” on page 1-5.If your router can obtain an IP address, but your computer is unable to load any Web pages from the Internet:• Your computer might not recognize any DNS server addresses. A DNS server is a host on the Internet that translates Internet names (such as www addresses) to numeric IP addresses. Typically, your ISP provides the addresses of one or two DNS servers for your use. If you entered a DNS address during the router’s configuration, reboot your computer, and verify the DNS address as described in the online document you can access from “Preparing Your Network” in Appendix B. You can also configure your computer manually with DNS addresses, as explained in your operating system documentation.• Your computer might not have the router configured as its TCP/IP gateway.If your computer obtains its information from the router by DHCP, reboot the computer, and verify the gateway address as described in the online document you can access from “Preparing Your Network” in Appendix B.• You might be running login software that is no longer needed.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Troubleshooting 8-8v1.0, April 2011If your ISP provided a program to log you in to the Internet (such as WinPoET), you no longer need to run that software after installing your router. You might need to go to Internet Explorer and select Tools > Internet Options, click the Connections tab, and select Never dial a connection.Troubleshooting a Network Using the Ping UtilityMost network devices and routers contain a ping utility that sends an echo request packet to the designated device. The device then responds with an echo reply. Troubleshooting a network is made very easy by using the ping utility in your computer or workstation.Testing the LAN Path to Your RouterYou can ping the router from your computer to verify that the LAN path to your router is set up correctly.To ping the router from a running Windows PC:1. From the Windows toolbar, click Start, and then select Run.2. In the field provided, type ping followed by the IP address of the router, as in this example:ping www.routerlogin.net3. Click OK.You should see a message like this one:Pinging <IP address > with 32 bytes of dataIf the path is working, you see this message:Reply from < IP address >: bytes=32 time=NN ms TTL=xxxIf the path is not working, you see this message:Request timed outIf the path is not functioning correctly, you could have one of the following problems:• Wrong physical connections– For a wired connection, make sure that the numbered LAN port light is on for the port to which you are connected. If the light is off, follow the instructions in Table 8-2 on page 8-3.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Troubleshooting 8-9v1.0, April 2011– Check that the corresponding Link lights are on for your network interface card. If your router and computer are connected to a separate Ethernet switch, make sure that the Link lights are on for the switch ports that are connected to your computer and router.• Wrong network configuration– Verify that the Ethernet card driver software and TCP/IP software are both installed and configured on your computer.– Verify that the IP address for your router and your computer are correct and that the addresses are on the same subnet.Testing the Path from Your Computer to a Remote DeviceAfter verifying that the LAN path works correctly, test the path from your computer to a remote device. 1. From the Windows toolbar, click the Start button, and then select Run.2. In the Windows Run window, type:ping -n 10 <IP address>where <IP address> is the IP address of a remote device such as your ISP’s DNS server.If the path is functioning correctly, replies like those shown in the previous section are displayed. If you do not receive replies:• Click Start > Run. Then type cmd, and press Enter.• In the command prompt window, enter the command ipconfig. This will show the default gateway, whether the PC is configured as a DHCP client or a static IP.• Verify that the IP address of the router is listed as the default gateway as described in the online document you can access from “Preparing Your Network” in Appendix B.• Check that your cable or DSL modem is connected and functioning.• If your ISP assigned a host name to your computer, enter that host name as the account name in the Basic Settings screen.• Your ISP could be rejecting the Ethernet MAC addresses of all but one of your computers. Many broadband ISPs restrict access by allowing traffic only from the MAC address of your broadband modem, but some ISPs additionally restrict access to the MAC address of a single computer connected to that modem. If this is the case, you must configure your router to “clone” or “spoof” the MAC address from the authorized computer. For more information, see “Using the Setup Wizard” on page 1-5.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Troubleshooting 8-10v1.0, April 2011Problems with Date and TimeUnder Content Filtering in the main menu, select E-mail to display a screen that shows the current date and time of day. The WNR3500Lv2 router uses the Network Time Protocol (NTP) to obtain the current time from one of several network time servers on the Internet. Each entry in the log is stamped with the date and time of day. Problems with the date and time function can include the following:• Date shown is January 1, 2000.Cause: The router has not yet successfully reached a network time server. Check that your Internet access settings are correct. If you have just completed configuring the router, wait at least 5 minutes, and check the date and time again.• Time is off by one hour. Cause: The router does not adjust for daylight savings time. In the E-mail screen, select the Adjust for Daylight Savings Time check box.Wireless ConnectivityThe first steps in solving wireless connection problems are these:1. Using your wireless card’s setup utility program, make sure that your wireless card can find your wireless router.2. Configure and test with the simplest wireless connection possible, and then add security.The topics in this section describe these steps.Using Your Wireless Card Setup ProgramWhen you install a NETGEAR wireless card in your computer, a Smart Wizard utility program is installed that can provide helpful information about your wireless network. You can find this program in your Windows Program menu or as an icon in your system tray. Other wireless card manufacturers might include a similar program. If you have no specific wireless card setup program installed, you can use the basic setup utility in Windows by following these steps:1. Open the Windows Control Panel, and double-click Network Connections.2. In the LAN section, double-click Wireless Network Connection.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Troubleshooting 8-11v1.0, April 2011Use the setup program to scan for available wireless networks. Look for a network name (SSID) of NETGEAR or your custom SSID if you have changed it. If your wireless network does not appear, check these conditions:• Is your router’s wireless radio enabled? See “Manually Configuring Your Wireless Settings” on page 2-4.• Is your router’s SSID broadcast enabled? See “Manually Configuring Your Wireless Settings” on page 2-4.• Is your router set to a wireless standard that is not supported by your wireless card? Check the Mode setting as described in “Manually Configuring Your Wireless Settings” on page 2-4.If your wireless network appears, but the signal strength is weak, check these conditions:• Is your router too far from your computer, or too close? Place your computer near the router, but at least 6 feet away, and see whether the signal strength improves.• Is your wireless signal obstructed by objects between the router and your computer? See “Optimizing Wireless Performance” on page 6-5.If your wireless network appears and has good signal strength, configure your wireless card and router for the simplest possible connection as described in the next section.Setting Up and Testing Basic Wireless ConnectivityFollow these instructions to set up and test basic wireless connectivity. Once you have established basic wireless connectivity, you can enable security settings appropriate to your needs.Note: If you use a wireless computer to change wireless settings, you might be disconnected when you click Apply. Reconfigure your wireless adapter to match the new settings, or access the wireless router from a wired computer to make any further changes.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Troubleshooting 8-12v1.0, April 20111. Select Wireless Settings under Setup in the main menu of the WNR3500Lv2 router.2. For the wireless network name (SSID), use the default name, or choose a suitable descriptive name. In the Name (SSID) field, you can enter a value of up to 32 alphanumeric characters. The default SSID is NETGEAR.3. Select the region in which the wireless interface will operate.4. Set the channel. The default channel is Auto.Figure 8-1Note: The SSID is case-sensitive; NETGEAR is not the same as nETgear. Also, the SSID of any wireless access adapters must match the SSID you specify in the WNR3500Lv2 router. If they do not match, you will not get a wireless connection to the WNR3500Lv2 router.
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Troubleshooting 8-13v1.0, April 2011This field determines which operating frequency is used. It should not be necessary to change the wireless channel unless you notice interference problems with another nearby wireless router or access point. Select a channel that is not being used by any other wireless networks within several hundred feet of your router. For more information about the wireless channel frequencies, click the link to the online document “Wireless Networking Basics” in Appendix B. 5. Set the mode to Up to 300Mbps.6. For Security Options, select None.7. Click Apply to save your changes.8. Select Wireless Settings under Advanced in the main menu of the WNR3500Lv2 router.Note: If you are configuring the router from a wireless computer and you change the router’s SSID, channel, or security settings, you will lose your wireless connection when you click Apply. You must then change the wireless settings of your computer to match the router’s new settings.Figure 8-2
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Troubleshooting 8-14v1.0, April 20119. Make sure that the Enable Wireless Router Radio and Enable SSID Broadcast check boxes are selected.10. Click Setup Access List.11. Make sure that the Turn Access Control On check box is not selected.12. Configure and test your wireless computer for wireless connectivity.Program the wireless adapter of your computer to have the same SSID and channel that you specified in the router, and disable encryption. Check that your computer has a wireless link and can obtain an IP address by DHCP from the router.Once your computer has basic wireless connectivity to the router, you can configure the advanced wireless security functions of the computer and router (for more information about security, see Chapter 2, “Safeguarding Your Network”).Restoring the Default Configuration and PasswordYou can restore the factory default configuration settings to reset the router’s user name to admin, the password to password, and the IP address to www.routerlogin.net. This procedure erases your current configuration, including your wireless security settings, and restores the factory defaults. You can erase the current configuration and restore factory defaults in two ways:• Use the Erase function of the router (see “Erasing the Configuration” on page 4-11).• Use the restore factory settings button on the rear panel of the router. Use this method for cases when the administration password or IP address is not known.To restore the factory default configuration settings when you do not know the administration password or IP address, you must use the restore settings button on the rear panel of the router.1. Press and hold the restore settings button for 5 seconds.2. Release the restore settings button, and wait for the router to reboot.For more information about the factory default settings, see Appendix A, “Default Configuration and Technical Specifications.If the wireless router fails to restart, or the Power light continues to blink or turns solid amber, the unit might be defective. If the error persists, you might have a hardware problem and should contact Technical Support at http://www.netgear.com/support.
Default Configuration and Technical Specifications A-1v1.0, April 2011Appendix ADefault Configuration and TechnicalSpecificationsThis appendix provides factory default settings and technical specifications for the N300 Wireless Gigabit Router WNR3500Lv2.Table A-1. WNR3500L Router Default Configuration SettingsFeature Default SettingRouter LoginRouter login URL http://www.routerlogin.net or http://www.routerlogin.comLogin name (case-sensitive) printed onproduct labeladminPassword (case-sensitive) printed onproduct labelpasswordInternet ConnectionWAN MAC address Default hardware address (on label)MTU size 1500Local NetworkRouter LAN IP address printed on product label (also known as Gateway IP address)192.168.1.1Router subnet 255.255.255.0DHCP server EnabledDHCP range 192.168.1.2 to 192.168.1.254Time zone GMT – 8 (North America only; the time zone varies by country and region)Time zone adjusted for Daylight Saving Time DisabledDisable Router’s PIN: No
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Default Configuration and Technical Specifications A-2v1.0, April 2011WirelessWireless communication EnabledSSID Name NETGEARSecurity DisabledWireless Access List (MAC Filtering) All wireless stations allowedBroadcast SSID EnabledCountry/Region United States (North America only; otherwise varies by country and region)RF Channel Auto *Operating Mode Up to 145 MbpsData Rate Auto *Output Power FullFirewallInbound (communications coming in from the Internet) Disabled (bars all unsolicited requests)Outbound (communications going out to the Internet) Enabled (all)*. Maximum Wireless signal rate derived from IEEE Standard 802.11 specifications. Actual throughput will vary. Network conditions and environmental factors, including volume of network traffic, building materials and construction, and network overhead lower actual data throughput rate.Table A-1. WNR3500L Router Default Configuration Settings (continued)
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Default Configuration and Technical Specifications A-3v1.0, April 2011Technical SpecificationsTable A-2. WNR3500v2 Router General SpecificationsFeature GeneralNetwork Protocol and Standards CompatibilityData and Routing Protocols TCP/IP, RIP-1, RIP-2, DHCP, PPPoE, PPTP, Bigpond, Dynamic DNS, and UPnPPower AdapterNorth America 120V, 60 Hz, inputAustralia 240V, 50 Hz, inputEurope, UK 230V, 50 Hz, inputAll regions (output) 12V DC @ 1.0A, outputPhysical Dimensions 6.89" x 5.12" x 1.38"175 x 130 x 35 mmWeight 0.72 lbs.0.33 kgEnvironmental Operating temperature 0 to 40 C (32º to 104º F)Operating humidity 90% maximum relative humidity, noncondensingElectromagnetic EmissionsDesigned to conform to the following standardsFCC Part 15 Class BEN 55022/24 (CISPR 22/24) Class BEN 60950 (CE LVD) Interface SpecificationsLAN 10BASE-T or 100BASE-Tx, RJ-45 or 1000BASE-TWAN 10BASE-T or 100BASE-Tx, RJ-45 or 1000BASE-T
Related Documents B-1v1.0, April 2011Appendix BRelated DocumentsThis appendix provides links to reference documents you can use to gain a more complete understanding of the technologies used in your NETGEAR product.In addition, you can find initial setup instructions for your wireless router in the NETGEAR Wireless Router Setup Manual.Document Li nk TCP/IP Networking Basics http://documentation.netgear.com/reference/enu/tcpip/index.htmWireless Networking Basics http://documentation.netgear.com/reference/enu/wireless/index.htmPreparing Your Network http://documentation.netgear.com/reference/enu/wsdhcp/index.htmVirtual Private Networking Basicshttp://documentation.netgear.com/reference/enu/vpn/index.htmGlossary http://documentation.netgear.com/reference/enu/glossary/index.htm
Index-1v1.0, April 2011IndexAaccessblocking 3-4remote 4-11restricting by MAC address 3-3viewing logs 3-9access controlturning off 8-14access points 5-21accessing remote computer 5-11ActiveX 8-6addingcustom service 5-17priority rules 6-9reserved IP addresses 5-4static routes 5-10See also configuringadvertisement period 6-13applications, QoS for 6-9attached devices 4-9authentication, required by mail server 3-10autogenerated IP addresses 8-6automatic logout 1-4automatic software upgrade 4-3Bbacking up configuration file 4-10backing up, transfer time 6-3bandwidth, optimizing 6-3base station, setting up 5-23Basic Settings screen 1-7basic wireless connectivity 8-11blockingaccess 3-4inbound traffic 5-11bold text xibroadband Internet 6-1broadcast status 4-6Ccables, checking 8-2card, wireless, setting up 8-11channel, wireless port 4-6communication mode 4-6compatibility, protocol and standards A-3configurationmanual 1-6configuration filebacking up 4-10erasing 4-11managing 4-9configuringDMZ server 5-8Dynamic DNS 5-6LAN IP settings 5-2NAT 5-8port forwarding 5-16port triggering 5-18repeater unit 5-24user-defined services 3-7See also addingconnection status settings 4-7connection types 6-1CTS/RTS Threshold 2-16custom service (port forwarding) 5-17customer support ii
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Index-2v1.0, April 2011Ddata packets, fragmented 6-6date and time, troubleshooting 8-10daylight savings time 8-10default DMZ server 5-8default factory settingslisted A-1restoring 8-14default gateway 4-7default LAN IP configuration 5-1deleting configuration 4-11DHCP server 5-4DHCP setting 4-6disablingfirewall 5-7wireless client association 5-22DMZ server 5-8DNS serverprimary 1-9secondary 1-9DNS servers 5-12Documentation Web page 1-4documents, reference B-1Domain Name Server (DNS) addressescurrent 4-6troubleshooting 8-7Dynamic DNS 5-5DynDNS.org 5-5Eelectromagnetic emissions A-3e-mailing logs 3-10environmental specifications A-3erasing configuration 4-11Ethernet cables, checking 8-2Ethernet light, troubleshooting and 8-3, 8-5Ethernet MAC address 4-9Ffactory default settingslisted A-1restoring 8-14firewallsdefault settings A-2disabling 5-7Firmware Upgrade Assistant 1-3, 4-1firmware version 4-5firmware, upgrading 4-1fixed font text xiFragmentation Threshold 2-16fragmented data packets 6-6Ggames, QoS for 6-9general specifications A-3Gigabit Ethernet 6-2Hhardware version 4-5host name 1-8, 4-9Iinbound traffic, allowing or blocking 5-11interface specifications A-3interference, reducing 6-5Internet connectiondefault settings A-1troubleshooting 8-6Internet light, troubleshooting and 8-3, 8-5Internet port, status 4-5Internet Relay Chat (IRC) 5-13Internet services, blocking access 3-6interval, poll 4-8IP addressesautogenerated 8-6current 4-5
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Index-3v1.0, April 2011registering domain name and 5-5reserved 5-4IP subnet mask 4-6italic text xiJJava and JavaScript 8-6Kkeywords, blocking by 3-4knowledge base 1-4LLAN IP setup 5-1LAN path, troubleshooting 8-8LAN portQoS for 6-10settings 4-6language, screen display 1-5LEDs. See lights, troubleshooting andlocal network, default settings A-1local servers, port forwarding to 5-16logging in 1-2login settings A-1logout, automatic 1-4logssending 3-10viewing 3-9MMAC addresslocation of 3-4restricting access by 3-3spoofing 1-9MAC addressesattached devices 4-9current 4-5QoS for 6-11mail server, outgoing 3-10managing router remotely 4-11manually upgrading software 4-3metric value 5-11mode, communication 4-6MTU size 6-6multicasting 5-3NNAT (Network Address Translation) 5-8, 5-12NetBIOS host name 4-9networkcorrect settings, checking 8-2restarting 8-2Network Time Protocol (NTP) 8-10networks, optimizing bandwidth 6-3Oobstructions, connecting through 6-2online games, QoS for 6-9optimizing performance 6-5outgoing mail server 3-10Ppath, testing 8-9performance, optimizing 6-5physical specifications A-3ping 8-8placement, router 6-5poll interval 4-8port filtering 3-6port forwardingconfiguring 5-16example 5-14port numbers 3-6port status 4-8port triggeringconfiguring 5-18example 5-13
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Index-4v1.0, April 2011portmap table 6-14power adapter specifications A-3Power light, troubleshooting and 8-3Powerline HD products 6-2PPPoE (PPP over Ethernet) 1-8, 8-7Preamble mode 2-16primary DNS server 1-9prioritizing traffic 6-7protocols, compatibility A-3QQoS (Quality of Service) 6-7Rradio, wireless 2-16, 4-6, 8-14range, router 6-5ReadyShare Access 7-6, 7-10reducing interference 6-5reference documents B-1registering product iiremote devices, testing path 8-9remote management 4-11repeater units 5-24requirements, speed 6-2reserved IP adresses 5-4Resource CD 1-1restarting network 8-2restoringconfiguration 4-10default factory settings 8-14Restrict Wireless Access by MAC Address 2-8RIP (Router Information Protocol) 5-3route name 5-10routermanual configuration 1-6router main menu 1-2router status, viewing 4-5Ssample network, figure 6-4scheduling blocking 3-8screen display language 1-5selecting 1-5service numbers 3-7services, blocking 3-6settings, default. See default factory settingsSetup Manual 1-1Setup Wizard 1-6SMTP server 3-10specificationsgeneral A-3technical A-1speed requirements 6-2SPI (Stateful Packet Inspection) firewall 5-7SSID 4-6, 8-12SSID broadcast 2-16, 8-14standards, compatibility A-3static routes 5-9statistics, usage 4-8status, viewing 4-4streaming video and audio 6-2subnet mask 4-6system up time 4-8TTCP/IP network, troubleshooting 8-8technical specifications A-1testing wireless connections 8-11time of day, troubleshooting 8-10time to live, advertisement 6-14time-outport triggering 5-20trademarks iitraffic, prioritizing 6-7transfer time (backing up) 6-3troubleshooting 8-1
N300 Wireless Gigabit Router WNR3500Lv2 User Manual Index-5v1.0, April 2011trusted user 3-5typographical conventions xiUUniversal Plug and Play (UPnP) 6-13up time, system 4-8upgrading router software 4-1URLsrouter main menu 1-2typography for xiusage statistics 4-8USBadvanced configuration 7-7basic storage settings 7-4drive requirements 7-1file sharing 7-2network folder, creating 7-9ReadyShare Access 7-6, 7-10specifying approved devices 7-11unmounting a USB drive 7-10USB driveMicrosoft network connection 7-12remote computer connection 7-12user-defined services 3-7Vviewingattached devices 4-9logs 3-9status 4-4WWAN IP address, troubleshooting 8-6WAN setup 5-7WDS 5-22WDS (see Wireless Repeating) 5-21Web Configuration Interface, troubleshooting 8-5WEP, configuring 2-6wildcards, DNS and 5-6wirelessmanually configuring settings 2-4range and interference 2-2wireless card, setting up 8-11wireless connection type 6-1wireless connection, troubleshooting 8-10Wireless Distribution System (WDS) 5-21Wireless light, troubleshooting and 8-5wireless network name 4-6, 8-12wireless port settings 4-6wireless radio 2-16, 4-6, 8-14Wireless Repeating 5-21wireless repeating 5-21, 5-22base station 5-23repeater unit 5-24wireless repeating function 5-21, 5-22wireless security 2-13wireless settingschecking for correct 8-2default, listed A-2testing 8-11WMM (Wi-Fi Multimedia) 6-8WPA, configuring 2-8

Navigation menu