Rax41 Rax42 Rax43 Um en

User Manual
Nighthawk AX5
5-Stream WiFi Router
Models
RAX41
RAX42
RAX43
NETGEAR, Inc.
January 2023 350 E. Plumeria Drive
202-12556-05 San Jose, CA 95134, USA
Nighthawk AX5 5-Stream WiFi Router
Support and Community

Visit netgear.com/support to get your questions answered and access the latest
downloads.
You can also check out our NETGEAR Community for helpful advice at
community.netgear.com.
Regulatory and Legal
Si ce produit est vendu au Canada, vous pouvez accéder à ce document en français
canadien à https://www.netgear.com/support/download/.
(If this product is sold in Canada, you can access this document in Canadian French at
https://www.netgear.com/support/download/.)
For regulatory compliance information including the EU Declaration of Conformity, visit
https://www.netgear.com/about/regulatory/.
See the regulatory compliance document before connecting the power supply.
For NETGEAR’s Privacy Policy, visit https://www.netgear.com/about/privacy-policy.
By using this device, you are agreeing to NETGEAR’s Terms and Conditions at
https://www.netgear.com/about/terms-and-conditions. If you do not agree, return the
device to your place of purchase within your return period.
Do not use this device outdoors.
Applicable to 6 GHz devices only: Only use the device indoors. The operation of 6 GHz
devices is prohibited on oil platforms, cars, trains, boats, and aircraft, except that
operation of this device is permitted in large aircraft while flying above 10,000 feet.
Operation of transmitters in the 5.925-7.125 GHz band is prohibited for control of or
communications with unmanned aircraft systems.
Trademarks
Trademarks© NETGEAR, Inc., NETGEAR, and the NETGEAR Logo are trademarks of
NETGEAR, Inc. Any non-NETGEAR trademarks are used for reference purposes only.
Revision History
Publication Part Publish Date Comments

Number
202-12556-05 January 2023 We removed the Change the transmission power control section and the
Set up the router in bridge mode section. These options are not available
for the router.
2
Contents
Chapter 1 Hardware Setup

Unpack your router...............................................................................9
Top panel LEDs and buttons.............................................................10
Rear panel............................................................................................12
Router label.........................................................................................13
Attach and position the antennas.....................................................13
Position your router............................................................................14
Wall-mount your router.....................................................................15
Cable your router...............................................................................16
Chapter 2 Connect to the Network and Access the Router
Connect to the router network.........................................................18
Connect to the router using a wired connection.......................18
Connect to the router WiFi network............................................18
Connect to the WiFi network using WPS....................................18
Types of logins....................................................................................19
Use a web browser to access the router..........................................19
Automatic Internet setup..............................................................19
Log in to the router........................................................................21
Install and manage your router with the Nighthawk app..............21
Change the language........................................................................22
Chapter 3 Specify Your Internet Settings
Use the Internet Setup Wizard..........................................................24
Manually set up the Internet connection.........................................24
Specify an Internet connection without a login..........................24
Specify an Internet connection that uses a login.......................26
Specify IPv6 Internet connections....................................................27
Requirements for entering IPv6 addresses.................................28
Use auto config for an IPv6 Internet connection........................28
Use auto detect for an IPv6 Internet connection........................30
Set up an IPv6 6to4 tunnel Internet connection.........................31
Set up an IPv6 6rd Internet connection.......................................33
Set up an IPv6 pass-through Internet connection......................34
Set up an IPv6 fixed Internet connection....................................35
Set up an IPv6 DHCP Internet connection..................................36
3
Set up an IPv6 PPPoE Internet connection..................................38

Manage the MTU size.........................................................................40
MTU concepts.................................................................................40
Change the MTU size....................................................................41
Chapter 4 Control Access to the Internet
Network access control list................................................................43
Enable the network access control list, set the access rule, and
allow or block connected devices...............................................43
Manage allowed devices currently not on the network............45
Manage blocked devices currently not on the network...........47
Use keywords to block Internet sites...............................................49
Delete keywords from the blocked list............................................50
Block services from the Internet.......................................................50
Prevent blocking on a trusted computer.........................................52
Schedule when to block Internet sites and services......................52
Set up security event email notifications.........................................53
Chapter 5 Manage Network Settings
View or change the WAN settings....................................................56
Set up a default DMZ server..............................................................57
Change the router’s device name....................................................58
Change the LAN TCP/IP settings......................................................58
Specify the IP addresses that the router assigns............................60
Disable the DHCP server feature in the router...............................61
Manage reserved LAN IP addresses................................................62
Reserve an IP address....................................................................62
Edit a reserved IP address............................................................63
Delete a reserved IP address entry..............................................63
Use the WPS Wizard for WiFi connections......................................64
Specify basic WiFi settings................................................................65
Change the WiFi mode......................................................................66
Change the WiFi mode if AX WiFi is enabled............................67
Change the WiFi mode if AX WiFi is disabled...........................68
Change the WiFi password or the WiFi security.............................69
Set up a guest WiFi network.............................................................70
Enable or disable the WiFi radios.....................................................73
Set up a WiFi schedule.......................................................................73
Set up the router as a WiFi access point..........................................74
Set up a bridge for a port group or VLAN tag group....................75
Set up a bridge for a port group..................................................75
Set up a bridge for a VLAN tag group........................................77
Set up an IPTV port........................................................................78
Manage custom static routes............................................................79
4
Set up a static route.......................................................................80

Edit a static route...........................................................................81
Delete a static route.......................................................................82
Enable or disable implicit beamforming.........................................82
Enable or disable MU-MIMO............................................................83
Enable or disable PMF.......................................................................84
Chapter 6 Optimize Performance
Use Dynamic QoS to optimize Internet traffic management........86
Enable Dynamic QoS.....................................................................86
Enable or disable the automatic QoS database update...........87
Manually update the dynamic QoS database............................87
Improve network connections with Universal Plug and Play........88
Wi-Fi Multimedia Quality of Service.................................................89
Enable or disable AX WiFi.................................................................90
Enable or disable Smart Connect.....................................................91
Enable or Disable OFDMA................................................................92
Chapter 7 Manage Your Router
Update the router firmware...............................................................95
Check for new firmware and update the router.........................95
Manually upload firmware to the router.....................................96
Change the admin password............................................................97
Enable admin password reset...........................................................97
Reset the admin password................................................................98
Always use HTTPS to access the router...........................................99
View information about the router and the Internet and WiFi
settings...............................................................................................100
Display the statistics of the Internet port.......................................100
Check the Internet connection status............................................102
View and manage logs of router activity.......................................103
View devices currently on the network..........................................104
Monitor Internet traffic.....................................................................104
Manage the router configuration file.............................................106
Back up the settings....................................................................106
Erase the settings.........................................................................106
Restore the settings.....................................................................107
Connect to your router with Anywhere Access............................108
Turn off the router LEDs..................................................................108
Set the NTP server............................................................................109
Set your time zone............................................................................109
Specify ReadyDLNA media server settings...................................110
Return the router to its factory default settings............................111
Use the Reset button...................................................................111
5
Erase the settings.........................................................................112

Chapter 8 Share USB Storage Devices Attached to the Router
USB device requirements................................................................114
Connect a USB storage device to the router................................114
Access a storage device connected to the router from a
Windows-based computer..............................................................115
Map a USB device to a Windows network drive...........................115
Access a storage device that is connected to the router from a
Mac.....................................................................................................116
Enable FTP access within your network.........................................117
View network folders on a storage device....................................117
Add a network folder on a USB storage device...........................118
Edit a network folder on a USB storage device............................119
Safely remove a USB storage device.............................................120
Chapter 9 Use Dynamic DNS to Access USB Storage Devices
Through the Internet
Set up and manage Dynamic DNS.................................................122
Set up a new Dynamic DNS account.........................................122
Specify a DNS account that you already created.....................123
Change the Dynamic DNS settings...........................................124
Your personal FTP server................................................................124
Set up your personal FTP server................................................125
Set up FTP access through the Internet....................................125
Set up HTTPS access through the Internet....................................126
Access USB storage devices through the Internet.......................127
Chapter 10 Use OpenVPN to Access Your Network
About VPN connections..................................................................130
Enable OpenVPN service in the router..........................................131
Install OpenVPN software on a VPN client....................................132
Install OpenVPN software on a Windows-based computer....132
Install OpenVPN software on a Mac computer........................134
Install OpenVPN software on an iOS device............................135
Install OpenVPN software on an Android device....................136
LAN IP addressing in VPN networks..............................................137
Use VPN to access your Internet service at home........................137
Allow VPN client Internet access in the router.........................137
Block VPN client Internet access in the router.........................138
Use VPN to remotely access a USB storage device attached to the
router.................................................................................................139
6
Chapter 11 Manage Port Forwarding and Port Triggering

Manage port forwarding to a local server.....................................141
Set up port forwarding to a local server...................................141
Add a custom port forwarding service.....................................142
Edit a port forwarding service....................................................143
Delete a port forwarding entry..................................................144
Application example: Make a local web server public...........144
How the router implements the port forwarding rule.............145
Port triggering..................................................................................145
Add a port triggering service.....................................................146
Enable port triggering................................................................147
Application example: Port triggering for Internet relay chat port
triggering......................................................................................147
Chapter 12 Troubleshooting
Quick tips...........................................................................................150
Sequence to restart your network.............................................150
Check the power adapter and Ethernet cable connections...150
Check the WiFi settings..............................................................150
Check the network settings........................................................150
Troubleshoot with the LEDs............................................................151
Standard LED behavior when the router is powered on........151
LEDs never turn off......................................................................151
Power LED is off or blinking.......................................................152
Internet or Ethernet LAN port LEDs are off..............................152
WiFi LED is off..............................................................................152
You cannot log in to the router.......................................................153
You cannot access the Internet.......................................................154
Troubleshoot Internet browsing.....................................................155
Changes are not saved....................................................................156
Troubleshoot WiFi connectivity......................................................156
Troubleshoot your network using the ping utility........................157
Test the LAN path to your router...............................................157
Test the path from a Windows-based computer to a remote
device............................................................................................158
Appendix A Supplemental Information
Factory settings.................................................................................160
Technical specifications...................................................................161
7
1
Hardware Setup
This chapter contains the following sections:

• Unpack your router
• Top panel LEDs and buttons
• Rear panel
• Router label
• Attach and position the antennas
• Position your router
• Wall-mount your router
• Cable your router
For more information about the topics covered in this manual, visit the support website
at netgear.com/support.
8
Unpack your router

Your package contains the router, the power adapter, four antennas, and an Ethernet
cable.
Figure 1. Package contents
Hardware Setup 9 User Manual

Top panel LEDs and buttons

The status LEDs and two buttons are located on the top panel of the router.
Figure 2. Top view
The following table describes the LEDs and buttons.
Table 1. LED descriptions
LED and Button Description
Power LED • Solid white. The router is ready.

• Blinking white. The router is not ready, firmware is upgrading, or the Reset
button was pressed.
• Off. Power is not supplied to the router.
Internet LED • Solid white. The Internet connection is ready.

• Blinking white. The port is sending or receiving traffic.
• Off. No Ethernet cable is connected between the router and the modem.

Table 1. LED descriptions (Continued)
LED and Button Description
Ethernet LEDs for ports 1–4 The LED color indicates the speed: white for Gigabit Ethernet connections and
amber for 100 Mbps or 10 Mbps Ethernet connections.
• Solid white. The router detected a 1 Gbps link with a powered-on device.
• Blinking white. The port is sending or receiving traffic at 1 Gbps.
• Solid amber. The router detected a 100 Mbps or 10 Mbps link with a
powered-on device.
• Blinking amber. The port is sending or receiving traffic at 100 Mbps or 10
Mbps.
• Off. No device is connected to this Ethernet port.
USB 3.0 port LED • Solid white. A USB device is connected and is ready.
• Blinking white. A USB device is plugged in and is trying to connect.
• Off. No USB device is connected, or someone clicked the Safely Remove
Hardware button and it is now safe to remove the attached USB device.
WiFi LED Pressing the WiFi button for two seconds turns WiFi LED and WiFi radios on and
off.
If this LED is lit, the WiFi radios are on. If this LED is off, the WiFi radios are turned
off and you cannot use WiFi to connect to the router.
WPS LED Pressing the WPS button lets your WPS-enabled device join your router's WiFi
network without typing the WiFi password. The WPS LED blinks white during
the WPS process and then lights solid white when the WPS-enabled device
connects to your router's WiFi network.

Rear panel
The following figure shows the rear panel connectors and buttons.
Figure 3. Rear panel
The rear panel contains the following components:

1. Reset button. Pressing the Reset button resets the router.
If the Reset button is pressed for at least 10 seconds and the Power LED blinks, the
router returns to its factory settings.
2. USB 3.0 port. Use the USB 3.0 port to connect USB storage device.
3. Ethernet ports. Four Gigabit Ethernet RJ-45 LAN ports. Use these ports to connect
LAN devices to the router.
4. Internet port. One Gigabit Ethernet RJ-45 WAN port to connect the router to an
Internet modem such as a cable modem or DSL modem.
5. DC power connector. Connect the power adapter that came in the product package
to the DC power connector.
6. Power On/Off button. Press the Power On/Off button to provide power to the
router.

Router label
The router label shows the login information, WiFi network name (SSID), password,
serial number, and MAC address.
The following image shows an example of what your router label might look like:
Figure 4. Router label
Attach and position the antennas

Before you install your router, attach the antennas to the router.
Note: If the antennas for your router do not have labels, they can be attached to any
antenna post on the router. If the antennas do have labels, match the labels on the
antennas with the labels on the router. Labeled antennas must be attached to the correct
antenna post on the router.
After you are done attaching the antennas, position the antennas as shown.
Figure 5. Attach and position the antennas

Position your router

The router lets you access your network anywhere within the operating range of your
WiFi network. However, the operating distance or range of your WiFi connection can
vary significantly depending on the physical placement of your router.
In addition, position your router according to the following guidelines:
• Place your router near the center of the area where your computers and other devices
operate, and within line of sight to your WiFi devices.
• Make sure that the router is within reach of an AC power outlet and near Ethernet
cables for wired computers.
• Place the router in an elevated location, minimizing the number walls and ceilings
between the router and your other devices.
• Place the router away from electrical devices such as these:
- Ceiling fans
- Home security systems
- Microwaves
- Computers
- Base of a cordless phone
- 2.4 GHz or 5 GHz cordless phones
• Place the router away from large metal surfaces, large glass surfaces, insulated walls,
and items such as these:
- Solid metal door
- Aluminum studs
- Fish tanks
- Mirrors
- Brick
- Concrete
The following factors might limit the range of your WiFi:

• The thickness and number of walls the WiFi signal passes through can limit the range.
• Other WiFi access points in and around your home might affect your router’s signal.
WiFi access points are routers, repeaters, WiFi range extenders, and any other
devices that emit a WiFi signal for network access.

Wall-mount your router

You can wall-mount your router using the wall-mounting holes on the bottom of your
router.
Note: We recommend using M3 x 20 mm screws.
The following image shows an example of what the wall-mount holes on your router
might look like:
Figure 6. Bottom of the router
To wall-mount your router:

1. Drill holes in the wall where you want to wall-mount your router.
2. Insert wall anchors in the holes.
3. Insert screws into the wall anchors, leaving 3/16 inch (0.5 cm) of each screw exposed.
4. Align the router’s wall-mounting holes with the screws and mount your router.

Cable your router

Power on your router and connect it to a modem.
Figure 7. Cable your router
To cable your router:

1. Unplug your modem, remove and reinsert the backup battery if it uses one, and
then plug the modem back in.
2. Use the Ethernet cable to connect the modem to the yellow Internet port on the
router.
Note: If your Internet connection does not require a modem, connect your main
Ethernet cable to the yellow Internet port on the router.
3. Connect the power adapter to your router and plug the power adapter into an outlet.
4. Press the Power On/Off button on the rear panel of the router.
The router’s Power LED lights solid white when the router is ready.

2
Connect to the Network and Access
the Router
You can connect to the router’s WiFi networks or use a wired Ethernet connection. This
chapter explains the ways you can connect and how to access the router and log in.
The chapter contains the following sections:
• Connect to the router network
• Types of logins
• Use a web browser to access the router
• Install and manage your router with the Nighthawk app
• Change the language
17
Connect to the router network

You can connect to the router network using a wired, WiFi, or WPS connection.
Note: If you set up your computer to use a static IP address, change the settings so
that it uses Dynamic Host Configuration Protocol (DHCP).
Connect to the router using a wired connection

You can connect your computer to the router using an Ethernet cable and join the
router’s local area network (LAN).
To connect your computer to the router with an Ethernet cable:
1. Make sure that the router is receiving power (its Power LED is lit).
2. Connect an Ethernet cable to an Ethernet port on your computer.
3. Connect the other end of the Ethernet cable to an Ethernet port on the router.
Your computer connects to the local area network (LAN).
Connect to the router WiFi network

You can connect WiFi-enabled devices to the router WiFi network using the router WiFi
network name and password.
To connect to the WiFi network:
2. On your WiFi-enabled device, open your device's WiFi network management settings.
3. Find and select the router WiFi network name (SSID).
The router WiFi network name (SSID) is on the router label.
4. Enter the router network key (password).

The router network key (password) is on the router label.
Your device connects to the WiFi network.
Connect to the WiFi network using WPS

You can connect WPS-enabled devices to the router’s WiFi network with Wi-Fi Protected
Setup (WPS). Your router has a WPS button that you can use to connect WPS-enabled
devices.
Connect to the Network and 18 User Manual

Access the Router
To use WPS to connect to the WiFi network:

2. Check the WPS instructions for your WPS-enabled device.
3. Press the WPS button on the router.
4. Within two minutes, on your WPS-enabled device, press its WPS button or follow
its instructions for how to connect using WPS.
Your WPS-enabled device connects to the WiFi network.
Types of logins
Separate types of logins serve different purposes. It is important that you understand
the differences so that you know which login to use when.
Several types of logins are associated with the router:
• ISP login. The login that your Internet service provider (ISP) gave you logs you in to
your Internet service. Your ISP gave you this login information in a letter or some
other way. If you cannot find this login information, contact your ISP.
• WiFi network key, WiFi passphrase, or WiFi password. Your router is preset with
a unique WiFi network name (SSID) and password for WiFi access. This information
is on the router label.
• NETGEAR account login. The free NETGEAR account that you need to register your
router and manage your subscriptions. If you do not own a NETGEAR account, you
can create one.
• Router login. The router login password that you need to log in to the router with
the admin user name when you use a web browser to access the router.
Use a web browser to access the router

When you connect to the network (either with WiFi or with an Ethernet cable), you can
use a web browser to access the router to view or change its settings. When you access
the router, the software automatically checks to see if your router can connect to your
Internet service.
Automatic Internet setup

You can set up your router automatically, or you can use a web browser to access the
router and set up your router manually. Before you start the setup process, get your ISP

Access the Router
information and make sure that the computers and devices in the network are using
the settings described here.
When your Internet service starts, your Internet service provider (ISP) typically gives you
all the information needed to connect to the Internet. For DSL service, you might need
the following information to set up your router:
• The ISP configuration information for your DSL account

• ISP login name and password
• Fixed or static IP address setting (special deployment by ISP; this setting is rare)
If you cannot locate this information, ask your ISP to provide it. When your Internet
connection is working, you no longer need to launch the ISP login program on your
computer to access the Internet. When you start an Internet application, your router
automatically logs you in.
The NETGEAR installation assistant runs on any device with a web browser. Installation
and basic setup takes about 15 minutes to complete.
To automatically set up your router:
1. Make sure that the router is powered on.
2. Make sure that your computer or mobile device is connected to the router with an
Ethernet cable (wired) or over WiFi with the preset security settings listed on the
label.
Note: If you want to change the router’s WiFi settings, use a wired connection to
avoid being disconnected when the new WiFi settings take effect.
3. Launch a web browser.

The page that displays depends on whether you accessed the router before:
• The first time you set up the Internet connection for your router, the browser goes
to http://www.routerlogin.net and the Configuring the Internet Connection
page displays.
• If you already set up the Internet connection, enter http://www.routerlogin.net
in the address field for your browser to start the installation process.
4. Follow the onscreen instructions.

The router connects to the Internet.
5. If the browser does not display the NETGEAR installation assistant, do the following:
• Make sure that the computer is connected to one of the LAN Ethernet ports or
over WiFi to the router.
• Make sure that the router is receiving power and that its Power LED is lit.

Access the Router
• Close and reopen the browser or clear the browser cache.

• Browse to http://www.routerlogin.net.
• If the computer is set to a static or fixed IP address (this setting is uncommon),
change it to obtain an IP address automatically from the router.
6. If the router does not connect to the Internet, do the following:

a. Review your settings. Make sure that you selected the correct options and typed
everything correctly.
b. Contact your ISP to verify that you are using the correct configuration information.
c. Read You cannot access the Internet on page 154. If problems persist, register
your router and contact NETGEAR Technical Support.
Log in to the router

When you first connect to your router and launch a web browser, the browser
automatically displays the router web interface. If you want to view or change settings
for the router later, you can use a browser to log in to the router web interface.
To log in to the router:
1. Launch a web browser from a computer or mobile device that is connected to the
router network.
2. Enter http://www.routerlogin.net.
Note: You can also enter http://www.routerlogin.com or http://192.168.1.1.

The procedures in this manual use http://www.routerlogin.net.
A login window opens.
3. Enter the router admin user name and password.

The user name is admin. The password is the one that you specified the first time
that you logged in. The user name and password are case-sensitive.
The BASIC Home page displays.
Install and manage your router with the

Nighthawk app
With the Nighthawk app, you can easily install and manage your router. The app
automatically updates the router to the latest firmware, allows you to personalize your
WiFi network, and even helps register your router with NETGEAR.

Access the Router
The Nighthawk app is available for iOS and Android mobile devices.
Note: Your router is not connected to the Internet until you finish setting it up with the
app. If you are connected to your router’s WiFi network before the setup, you do not
have Internet access and cannot download the app.
Use your cellular data or connect to your previous router’s WiFi network to download
the app. During the installation, the app instructs you when you need to connect to your
router's WiFi.
To install your router using the Nighthawk app:
1. Visit Nighthawk-app.com to download the Nighthawk app.
Note: To download the app, you need to use your cellular data or connect your
mobile device to your previous router’s WiFi network.
2. Wait for the Nighthawk app to download on your mobile device.

3. Launch the Nighthawk app.
4. Follow the instructions that display in the app to install your router and connect to
the Internet.
Change the language

By default, the language that displays when you log in to the router web interface is set
to Auto.
To change the language:
router network.

4. In the upper right corner, select a language from the menu.

5. When prompted, click the OK button to confirm this change.
The page refreshes with the language that you selected.

Access the Router
3
Specify Your Internet Settings
Usually, the quickest way to set up the router to use your Internet connection is to allow
your router to detect the Internet connection automatically when you first access the
router web interface. You can also customize and manually specify your Internet settings.
• Use the Internet Setup Wizard
• Manually set up the Internet connection
• Specify IPv6 Internet connections
• Manage the MTU size
23
Use the Internet Setup Wizard

You can use the Setup Wizard to detect your Internet settings and automatically set up
your router. The Setup Wizard is not the same as the pages that display the first time
you connect to your router to set it up.
To use the Setup Wizard:
router network.

4. Select ADVANCED > Setup Wizard.

The Setup Wizard page displays.
5. Select the Yes radio button.
If you select the No radio button, you are taken to the Internet Setup page (see
Manually set up the Internet connection on page 24).
6. Click the Next button.

The Setup Wizard searches your Internet connection for servers and protocols to
determine your Internet configuration.
Manually set up the Internet connection

You can view or change the router’s Internet connection settings.
Specify an Internet connection without a login

To specify the Internet connection settings:
1. Launch a web browser from a computer or mobile device that is connected to
therouter network.
Specify Your Internet Settings 24 User Manual


4. Select Internet.
The Internet Setup page displays.
5. In the Does your Internet connection require a login? section, leave the No radio
button selected.
6. If your Internet connection requires an account name or host name, click the Edit
button in the Account Name section and enter the account name.
7. If your Internet connection requires a domain name, type it in the Domain Name (If
Required) field.
For the other sections on this page, the default settings usually work, but you can
change them.
8. Select an Internet IP Address radio button:

• Get Dynamically from ISP. Your ISP uses DHCP to assign your IP address. Your
ISP automatically assigns these addresses.
• Use Static IP Address. Enter the IP address, IP subnet mask, and the gateway IP
address that your ISP assigned. The gateway is the ISP router to which your router
connects.
9. Select a Domain Name Server (DNS) Address radio button:

• Get Automatically from ISP. Your ISP uses DHCP to assign your DNS servers.
Your ISP automatically assigns this address.
• Use These DNS Servers. If you know that your ISP requires specific servers, select
this option. Enter the IP address of your ISP’s primary DNS server. If a secondary
DNS server address is available, enter it also.
10. Select a Router MAC Address radio button:

• Use Default Address. Use the default MAC address.
• Use Computer MAC Address. The router captures and uses the MAC address
of the computer that you are now using. You must use the one computer that the
ISP allows.
• Use This MAC Address. Enter the MAC address that you want to use.
11. Click the Apply button.

Your settings are saved.

12. Click the Test button to test your Internet connection.

If the NETGEAR website does not display within one minute, see You cannot access
the Internet on page 154.
Specify an Internet connection that uses a login

To view or change the basic Internet setup:
router network.

4. Select Internet.
The Internet Setup page displays.
5. In the Does your Internet connection require a login? section, select the Yes radio
button.
6. From the Internet Service Provider menu, select the encapsulation method: PPPoE,
L2TP, or PPTP.
7. In the Login field, enter the login name that your ISP gave you.
This login name is often an email address.
8. In the Password field, type the password that you use to log in to your Internet
service.
9. If your ISP requires a service name, type it in the Service Name (if Required) field.
10. From the Connection Mode menu, select Always On, Dial on Demand, or Manually
Connect.
11. To change the number of minutes until the Internet login times out, in the Idle
Timeout (In minutes) field, type the number of minutes.
This is how long the router keeps the Internet connection active when no one on the
network is using the Internet connection. A value of 0 (zero) means never log out.
12. Select an Internet IP Address radio button:

• Get Dynamically from ISP. Your ISP uses DHCP to assign your IP address. Your
ISP automatically assigns these addresses.
• Use Static IP Address. Enter the IP address, IP subnet mask, and the gateway IP
address that your ISP assigned. The gateway is the ISP router to which your router
connects.
13. Select a Domain Name Server (DNS) Address radio button:

14. Select a Router MAC Address radio button:

• Use Default Address. Use the default MAC address.
• Use Computer MAC Address. The router captures and uses the MAC address
of the computer that you are now using. You must use the one computer that the
ISP allows.
• Use This MAC Address. Enter the MAC address that you want to use.

16. Click the Test button to test your Internet connection.

If the NETGEAR website does not display within one minute, see You cannot access
the Internet on page 154.
Specify IPv6 Internet connections

You can set up an IPv6 Internet connection if the router does not detect it automatically.
To set up an IPv6 Internet connection:
router network.

4. Select ADVANCED > Advanced Setup > IPv6.

The IPv6 page displays.
5. From the Internet Connection Type menu, select the IPv6 connection type:
• If you are not sure, select Auto Detect so that the router detects the IPv6 type
that is in use.
• If your Internet connection does not use PPPoE or DHCP, or is not fixed, but is
IPv6, select Auto Config.
If you are not sure about your type of IPv6 connection, you can also ask your Internet
service provider (ISP).
Requirements for entering IPv6 addresses

IPv6 addresses are denoted by eight groups of hexadecimal quartets that are separated
by colons. You can reduce any four-digit group of zeros within an IPv6 address to a
single zero or omit it. The following errors invalidate an IPv6 address:
• More than eight groups of hexadecimal quartets

• More than four hexadecimal characters in a quartet
• More than two colons in a row
Use auto config for an IPv6 Internet connection

To set up an IPv6 Internet connection through auto configuration:
router network.


5. From the Internet Connection Type menu, select Auto Config.

The page adjusts.

The router automatically detects the information in the following fields:
• Router’s IPv6 Address on WAN. This field shows the IPv6 address that is acquired
for the router’s WAN (or Internet) interface. The number after the slash (/) is the
length of the prefix, which is also indicated by the underline (_) under the IPv6
address. If no address is acquired, the field displays Not Available.
• Router’s IPv6 Address on LAN. This field shows the IPv6 address that is acquired
for the router’s LAN interface. The number after the slash (/) is the length of the
prefix, which is also indicated by the underline (_) under the IPv6 address. If no
address is acquired, the field displays Not Available.
6. (Optional) In the DHCP User Class (If Required) field, enter a host name.
Most people can leave this field blank, but if your ISP gave you a specific host name,
enter it here.
7. (Optional) In the DHCP Domain Name (If Required) field, enter a domain name.
You can type the domain name of your IPv6 ISP. Do not enter the domain name for
the IPv4 ISP here. For example, if your ISP’s mail server is mail.xxx.yyy.zzz, type
xxx.yyy.zzz as the domain name. If your ISP provided a domain name, type it in this
field. For example, Earthlink Cable might require a host name of home, and Comcast
sometimes supplies a domain name.
8. Select an IPv6 Domain Name Server (DNS) Address radio button:

9. Select an IP Address Assignment radio button:

• Use DHCP Server. This method passes more information to LAN devices but
some IPv6 systems might not support the DHCv6 client function.
• Auto Config. This is the default setting.
This setting specifies how the router assigns IPv6 addresses to the devices on your
home network (the LAN).
10. (Optional) Select the Use This Interface ID check box and specify the interface ID
to be used for the IPv6 address of the router’s LAN interface.
If you do not specify an ID here, the router generates one automatically from its MAC
address.

11. Select an IPv6 Filtering radio button:

• Secured. In secured mode, which is the default mode, the router inspects both
TCP and UDP packets.
• Open. In open mode, the router inspects UDP packets only.

Use auto detect for an IPv6 Internet connection

To set up an IPv6 Internet connection through autodetection:
router network.


5. From the Internet Connection Type menu, select Auto Detect.
The page adjusts.
• Connection Type. This field indicates the connection type that is detected.

address.


Set up an IPv6 6to4 tunnel Internet connection

The remote relay router is the router to which your router creates a 6to4 tunnel. Make
sure that the IPv4 Internet connection is working before you apply the 6to4 tunnel
settings for the IPv6 connection.
To set up an IPv6 Internet connection by using a 6to4 tunnel:
router network.


5. From the Internet Connection Type menu, select 6to4 Tunnel.

The page adjusts.

The router automatically detects the information in the Router’s IPv6 Address on
LAN field. This field shows the IPv6 address that is acquired for the router’s LAN
interface. The number after the slash (/) is the length of the prefix, which is also
indicated by the underline (_) under the IPv6 address. If no address is acquired, the
field displays Not Available.
6. Select a Remote 6to4 Relay Router radio button:

• Auto. Your router uses any remote relay router that is available on the Internet.
This is the default setting.
• Static IP Address. Enter the static IPv4 address of the remote relay router. Your
IPv6 ISP usually provides this address.


some IPv6 systems might not support the DHCPv6 client function.
address.



Set up an IPv6 6rd Internet connection

The 6rd protocol makes it possible to deploy IPv6 to sites using a service provider’s
IPv4 network. 6rd uses the service provider’s own IPv6 address prefix. This limits the
operational domain of 6rd to the service provider’s network and is under direct control
of the service provider. The IPv6 service provided is equivalent to native IPv6. The 6rd
mechanism relies on an algorithmic mapping between the IPv6 and IPv4 addresses that
are assigned for use within the service provider’s network. This mapping allows for
automatic determination of IPv4 tunnel endpoints from IPv6 prefixes, allowing stateless
operation of 6rd.
With a 6rd tunnel configuration, the router follows the RFC5969 standard, supporting
two ways to establish a 6rd tunnel IPv6 WAN connection:
• Auto Detect mode. In IPv6 Auto Detect mode, when the router receives option 212
from the DHCPv4 option, autodetect selects the IPv6 as 6rd tunnel setting. The router
uses the 6rd option information to establish the 6rd connection.
• Manual mode. Select 6rd Tunnel. If the router receives option 212, the fields are
automatically completed. Otherwise, you must enter the 6rd settings.
To set up an IPv6 6rd Internet connection:

router network.


5. From the Internet Connection Type menu, select 6rd.
The page adjusts.
The router automatically detects the information in the following sections:
• 6rd (IPv6 Rapid Development) Configuration. The router detects the service
provider’s IPv4 network and attempts to establish an IPv6 6rd tunnel connection.
If the IPv4 network returns 6rd parameters to the router, the page adjusts to display
the correct settings in this section.



that you want to be used for the IPv6 address of the router’s LAN interface.
address.


Set up an IPv6 pass-through Internet connection

In pass-through mode, the router works as a Layer 2 Ethernet switch with two ports (LAN
and WAN Ethernet ports) for IPv6 packets. The router does not process any IPv6 header
packets.
To set up a pass-through IPv6 Internet connection:
router network.



5. From the Internet Connection Type menu, select Pass Through.

The page adjusts, but no additional fields display.

Set up an IPv6 fixed Internet connection

To set up a fixed IPv6 Internet connection:
router network.


5. From the Internet Connection Type menu, select Fixed.
The page adjusts.
6. Configure the fixed IPv6 addresses for the WAN connection:

• IPv6 Address/Prefix Length. The IPv6 address and prefix length of the router
WAN interface.
• Default IPv6 Gateway. The IPv6 address of the default IPv6 gateway for the
router’s WAN interface.
• Primary DNS Server. The primary DNS server that resolves IPv6 domain name
records for the router.

• Secondary DNS Server. The secondary DNS server that resolves IPv6 domain
name records for the router.
Note: If you do not specify the DNS servers, the router uses the DNS servers that
are configured for the IPv4 Internet connection on the Internet Setup page. (See
Manually set up the Internet connection on page 24.)

8. In the IPv6 Address/Prefix Length fields, specify the static IPv6 address and prefix
length of the router’s LAN interface.
address.


Set up an IPv6 DHCP Internet connection

To set up an IPv6 Internet connection with a DHCP server:
router network.



5. From the Internet Connection Type menu, select DHCP.

The page adjusts.
6. (Optional) In the User Class (If Required) field, enter a host name.
Most people can leave this field blank, but if your ISP gave you a specific host name,
enter it here.
7. (Optional) In the Domain Name (If Required) field, enter a domain name.
You can type the domain name of your IPv6 ISP. Do not enter the domain name for
the IPv4 ISP here. For example, if your ISP’s mail server is mail.xxx.yyy.zzz, type
xxx.yyy.zzz as the domain name. If your ISP provided a domain name, type it in this
field. For example, Earthlink Cable might require a host name of home, and Comcast
sometimes supplies a domain name.



address.


Set up an IPv6 PPPoE Internet connection

To set up a PPPoE IPv6 Internet connection:
router network.


5. From the Internet Connection Type menu, select PPPoE.

The page adjusts.

6. In the Login field, enter the login information for the ISP connection.
This is usually the name that you use in your email address. For example, if your main
mail account is JerAB@ISP.com, you would type JerAB in this field. Some ISPs (like
Mindspring, Earthlink, and T-DSL) require that you use your full email address when
you log in. If your ISP requires your full email address, type it in this field.
7. In the Password field, enter the password for the ISP connection.
8. In the Service Name field, enter a service name.
If your ISP did not provide a service name, leave this field blank.
Note: The default setting of the Connection Mode menu is Always On to provide
a steady IPv6 connection. The router never terminates the connection. If the
connection is terminated, for example, when the modem is turned off, the router
attempts to reestablish the connection immediately after the PPPoE connection
becomes available again.


address.



Manage the MTU size

The maximum transmission unit (MTU) is the largest data packet a network device
transmits.
MTU concepts
When one network device communicates across the Internet with another, the data
packets travel through many devices along the way. If a device in the data path uses a
lower maximum transmission unit (MTU) setting than the other devices, the data packets
must be split or “fragmented” to accommodate the device with the smallest MTU.
The best MTU setting for NETGEAR equipment is often the default value. In some
situations, changing the value fixes one problem but causes another. Leave the MTU
unchanged unless one of these situations occurs:
• You experience problems connecting to your Internet service, and the technical
support of either the Internet service provider (ISP) or NETGEAR recommends
changing the MTU setting.
For example, if a secure website does not open, or displays only part of a web page,
you might need to change the MTU.
• You use VPN and experience severe performance problems.
• You used a program to optimize MTU for performance reasons and now you are
experiencing connectivity or performance problems.
CAUTION: An incorrect MTU setting can cause Internet communication problems. For
example, you might not be able to access certain websites, frames within websites,
secure login pages, or FTP or POP servers.
If you suspect an MTU problem, a common solution is to change the MTU to 1400. If
you are willing to experiment, you can gradually reduce the MTU from the maximum
value of 1500 until the problem goes away. The following table describes common MTU
sizes and applications.

Table 2. Common MTU sizes
MTU Application
1500 The largest Ethernet packet size. This setting is typical for connections that do not use
PPPoE or VPN and is the default value for NETGEAR routers, adapters, and switches.
1492 Used in PPPoE environments.
1472 Maximum size to use for pinging. (Larger packets are fragmented.)
1468 Used in some DHCP environments.
1458 Used in PPPoA environments.
1436 Used in PPTP environments or with VPN.
Change the MTU size

To change the MTU size:
router network.

4. Select ADVANCED > Setup > WAN Setup.

The WAN Setup page displays.
5. In the MTU Size field, enter a value from 616 to 1500.

4
Control Access to the Internet
The router comes with a built-in firewall that helps protect your home network from
unwanted intrusions from the Internet.
• Network access control list
• Use keywords to block Internet sites
• Delete keywords from the blocked list
• Block services from the Internet
• Prevent blocking on a trusted computer
• Schedule when to block Internet sites and services
• Set up security event email notifications
42
Network access control list

You can use the network access control list (ACL) on the router to block or allow access
to your network and the Internet. The ACL identifies a WiFi or wired device by its MAC
address. The router detects the MAC addresses of the devices on the network and either
allows or denies access.
The router detects and stores the MAC addresses of devices that connect to the network,
so it lists the MAC addresses both of devices that are currently connected and any that
were previously connected.
If you set up a network ACL that allows all new devices to connect, the following applies:
• You can either select or manually enter devices that you want to block from
connecting to the network.
• All other devices are allowed access to the network.
If you set up a network ACL that blocks all new devices from connecting, the following
applies:
• You can either select or manually enter devices that you want to allow access to the
network.
• Devices that are currently connected to the network or that were allowed to connect
in the past are automatically placed on the network ACL as allowed devices.
• All other devices are denied access to the network.
Note: Each network device has a MAC address that serves as a unique identifier. The
MAC address is a 12-character physical address, containing the hexadecimal characters
0–9, a–f, or A–F (uppercase or lowercase) only, and separated by colons (for example,
00:09:AB:CD:EF:01). Typically, the MAC address is on the label of a device. If you cannot
see the label, you can display the MAC address using the network configuration utilities
on your computer or mobile device.
Enable the network access control list, set the access rule,
and allow or block connected devices
When you enable network access control, you must select whether new devices are
automatically allowed to access the network or are blocked from accessing the network.
By default, devices that are already connected to the network are added to the ACL as
Control Access to the Internet 43 User Manual

allowed, but you can choose to block one or more of these devices from accessing the
network.
To enable and manage the network access control list for the entire network and
allow or block connected devices:
router network.

4. Select ADVANCED > Security > Access Control.

The Access Control page displays.
5. Select the Turn on Access Control check box.

You must select this check box before you can select an access rule and use the
Allow and Block buttons. When the Turn on Access Control check box is cleared, all
devices are allowed to connect, even if a device is on the list of blocked devices.

Your settings are saved. Network access control is enabled.
7. Select an access rule to apply to new devices:

• Allow all new devices to connect: With this setting, if you connect a new device
to the network, it can access the network. You do not need to enter its MAC
address on this page. This option works for most home networks. You can also
block one or more devices from accessing the network. For more information,
see the following step.
• Block all new devices from connecting: With this setting, if you want to allow
a new device to connect, you must enter its MAC address on this page. (In this
situation, a new device is a device that was not previously connected to the
network.) For more information about allowing one or more devices, see the
following step.
If you block all new devices from connecting, the device that you are currently
using to connect to the router web interface, any other devices that are currently
connected to the network, and all devices that were allowed to connect to the
network in the past are still allowed access. That means that these devices are
automatically added to the network ACL as allowed devices. If you want to block
any of these devices, see the following step.

Note: Selecting an access rule does not affect previously blocked or allowed devices.
It applies only to new devices trying to access the network after you apply this setting.
8. To change access for devices that are connected or were connected to the network,
do the following:
• Currently connected devices:
In the table that contains the ACL, the Status column shows either Allowed or
Blocked for a device. To change the status, select the check box for the device,
and click either the Allow button or the Block button.
Note: If you blocked all new devices from connecting, make sure that the
computer or mobile device that you are currently using to access the router web
interface shows as Allowed in the Status column.
• Devices that were connected in the past:

- To manage allowed devices that are currently not connected to the network,
see Manage allowed devices currently not on the network on page 45.
- To manage blocked devices that are currently not connected to the network,
see Manage blocked devices currently not on the network on page 47.

Manage allowed devices currently not on the network

If you set up an access control list (ACL) that blocks all new devices from accessing the
network, you can add new devices that must be allowed access to the network, remove
old devices, or change whether devices that were allowed must now be blocked when
they try to connect to the network.
For example, you could add a second computer or mobile device for access to the
router web management interface in case the device that you are currently using needs
to be removed from the network for repairs.
To manage allowed devices currently not on the network:
router network.



5. Click the View list of allowed devices not currently connected to the network
link.
A table displays the detected device name, MAC address, and connection type of
the devices that are not connected but allowed to access the network.
In the following steps, we refer to the list of allowed devices not currently connected
to the network as the list of allowed devices.
6. To add a device to the list of allowed devices, do the following:

a. Click the Add button.
The Add Allowed Device page displays.
b. Enter the MAC address and device name for the device that you want to allow.
c. On the Add Allowed Device page, click the Apply button.
The device is added to the list of allowed devices.
7. To remove a device from the list of allowed devices, do the following:

a. Select the check box for the device.
b. Click the Remove from the list button.
The device is removed from the list of allowed devices.
8. To change the device status by blocking access for a device on the list of allowed
devices, do the following:
b. Click the Edit button.
The Edit Device Name page displays.
c. From the Access Control menu, selected Block.

d. On the Edit Device Name page, click the Apply button.
The device is moved to the list of blocked devices not currently connected to the
network.

9. To change the device name for a device on the list of allowed devices, do the
following:
c. In the Device Name field, enter a name.

The device name is changed on the list of allowed devices.

Manage blocked devices currently not on the network

If you set up an access control list (ACL) that allows all new devices to access the network,
you can add new devices that must be blocked from accessing the network, remove
old devices, or change whether devices that were blocked must now be allowed when
they try to connect to the network.
To manage blocked devices currently not on the network:
router network.


5. Click the View list of blocked devices not currently connected to the network
link.
A table displays the detected device name, MAC address, and connection type of
the devices that are not connected and are blocked from accessing the network.

In the following steps, we refer to the list of blocked devices not currently connected
to the network as the list of blocked devices.
6. To add a device to the list of blocked devices, do the following:

a. Click the Add button.
The Add Blocked Device page displays.
b. Enter the MAC address and device name for the device that you want to block.
c. On the Add Blocked Device page, click the Apply button.
The device is added to the list of blocked devices.
7. To remove a device from the list of blocked devices, do the following:

b. Click the Remove from the list button.
The device is removed from the list of blocked devices.
8. To change the device status by allowing access for a device on the list of blocked
devices, do the following:
c. From the Access Control menu, selected Allow.

The device is moved to the list of allowed devices not currently connected to the
network.
9. To change the device name for a device on the list of blocked devices, do the
following:
c. In the Device Name field, enter a name.

The device name is changed on the list of blocked devices.


Use keywords to block Internet sites

You can use keywords to block certain Internet sites from your network. You can use
blocking all the time or based on a schedule.
Note: Keyword blocking only works for website URLs that begin with http:// only. It
does not work for URLs that begin with https://.
To block Internet sites:

router network.

4. Select ADVANCED > Security > Block Sites.

The Block Sites page displays.
5. Select a keyword blocking option:
• Per Schedule. Turn on keyword blocking according to a schedule that you set.
For more information, see Schedule when to block Internet sites and services on
page 52.
• Always. Turn on keyword blocking all the time, independent of the Schedule
page.
6. In the Type keyword or domain name here field, enter a keyword or domain that
you want to block.
For example:
• Specify XXX to block http://www.badstuff.com/xxx.html.
• Specify the domain suffix (for example, .com) if you want to block only sites with
a domain suffix such as .com. In such a situation, sites with domain suffixes such
as .edu and .gov are still allowed.
• Enter a period (.) to block all Internet browsing access.

7. Click the Add Keyword button.

The keyword is added to the keyword list. The keyword list supports up to 32 entries.
Keyword blocking takes effect.
Delete keywords from the blocked list

To delete keywords from the list:
router network.


5. Do one of the following:

• To delete a single word, select it and click the Delete Keyword button.
The keyword is removed from the list.
• To delete all keywords on the list, click the Clear List button.
All keywords are removed from the list.

Block services from the Internet

You can block Internet services on your network based on the type of service. You can
block the services all the time or based on a schedule.
Note: Service blocking only works for website URLs that begin with http:// only. It does
not work for URLs that begin with https://.

To block services:
router network.

4. Select ADVANCED > Security > Block Services.

The Block Services page displays.
5. Specify when to block the services:
• To block the services all the time, select the Always radio button.
• To block the services based on a schedule, select the Per Schedule radio button.
For information about how to specify the schedule, see Schedule when to block
Internet sites and services on page 52.
6. Click the Add button.

The Block Services Setup page displays.
7. To add a service that is in the Service Type menu, select the application or service.
The settings for this service automatically display in the fields.
8. To add a service or application that is not in the menu, select User Defined, and do
the following:
a. If you know that the application uses either TCP or UDP, select the appropriate
protocol. Otherwise, select TCP/UDP (both).
b. Enter the starting port and ending port numbers.
If the service uses a single port number, enter that number in both fields. To find
out which port numbers the service or application uses, you can contact the
publisher of the application, ask user groups or newsgroups, or search on the
Internet.
9. Select a filtering option:

• Only This IP Address. Block services for a single computer.
• IP Address Range. Block services for a range of computers with consecutive IP
addresses on your network.

• All lP Addresses. Block services for all computers on your network.

Prevent blocking on a trusted computer

You can exempt one trusted computer from blocking. The computer that you exempt
must be assigned a fixed IP address. You can use the reserved IP address feature to
specify the IP address. See Manage reserved LAN IP addresses on page 62.
To specify a trusted computer:
router network.


5. Scroll down and select the Allow trusted IP address to visit blocked sites check
box.
6. In the Trusted IP Address field, enter the IP address of the trusted computer.
Schedule when to block Internet sites and

services
When you schedule blocking, the same schedule is used to block sites and to block
services.

To schedule blocking:
router network.

4. Select ADVANCED > Security > Schedule.

The Schedule page displays.
5. Specify when to block keywords and services:
• Days to Block. Select the check box for each day that you want to block the
keywords, or select the Every Day check box, which automatically selects the
check boxes for all days.
• Time of Day to Block. Select a start and end time in 24-hour format, or select
the All Day check box for 24-hour blocking.

Set up security event email notifications

The router can email you its logs of router activity. The log records router activity and
security events such as attempts to access blocked sites or services.
To set up email notifications:
router network.


4. Select ADVANCED > Security > E-mail.

The E-mail page displays.
5. Select the Turn E-mail Notification On check box.

6. In the Send to This E-mail Address field, type the email address to which logs and
alerts are to be sent.
This email address is also used for the From address. If this field is blank, log and
alert messages are not sent.
7. In the Sender field, enter the email sender's name.

8. In the Your Outgoing Mail Server field, enter the name of your ISP outgoing (SMTP)
mail server (such as mail.myISP.com).
You might be able to find this information in the configuration window of your email
program. If you leave this field blank, log and alert messages are not sent.
9. In the Outgoing Mail Server Port Number field, enter a port number in the field.
If you do not know the port number, leave the default port number.
10. If your outgoing email server requires authentication, select the My Mail Server
requires authentication check box, and do the following:
a. In the User Name field, type the user name for the outgoing email server.
b. In the Password field, type the password for the outgoing email server.
11. To send alerts when someone attempts to visit a blocked site, select the Send Alerts
Immediately check box.
Email alerts are sent immediately when someone attempts to visit a blocked site.
12. To send logs based on a schedule, specify these settings:

a. From Send logs according to this schedule menu, select the schedule type.
b. From the Day menu, select the day.
c. From the Time menu, select the time, and select the am or pm radio button.

Logs are sent automatically according to the schedule that you set. If the log fills
before the specified time, it is sent. After the log is sent, it is cleared from the router
memory. If the router cannot email the log and the log buffer fills, the router
overwrites the log.

5
Manage Network Settings
You can customize the router’s network settings. We recommend that you install the
router and connect it to the Internet before you change its network settings.
• View or change the WAN settings
• Set up a default DMZ server
• Change the router’s device name
• Change the LAN TCP/IP settings
• Specify the IP addresses that the router assigns
• Disable the DHCP server feature in the router
• Manage reserved LAN IP addresses
• Use the WPS Wizard for WiFi connections
• Specify basic WiFi settings
• Change the WiFi mode
• Change the WiFi password or the WiFi security
• Set up a guest WiFi network
• Enable or disable the WiFi radios
• Set up a WiFi schedule
• Set up the router as a WiFi access point
• Set up a bridge for a port group or VLAN tag group
• Manage custom static routes
• Enable or disable implicit beamforming
• Enable or disable MU-MIMO
• Enable or disable PMF
55
View or change the WAN settings

You can view or configure wide area network (WAN) settings for the Internet port. You
can set up a DMZ (demilitarized zone) server, change the maximum transmit unit (MTU)
size, and enable the router to respond to a ping to its WAN (Internet) port.
To view or change the WAN settings:
router network.


View or change the following settings:
• Disable Port Scan and DoS Protection. DoS protection protects your LAN against
denial of service attacks such as Syn flood, Smurf Attack, Ping of Death, and many
others. Select this check box only in special circumstances.
• Default DMZ Server. This feature is sometimes helpful when you are playing
online games or videoconferencing, but it makes the firewall security less effective.
• Respond to Ping on Internet Port. This feature allows your router to be
discovered. Use this feature only as a diagnostic tool or for a specific reason.
• Disable IGMP Proxying. IGMP proxying allows a computer on the local area
network (LAN) to receive the multicast traffic it is interested in from the Internet.
If you do not need this feature, you can select this check box to disable it.
• MTU Size (in bytes). The normal MTU (maximum transmit unit) value for most
Ethernet networks is 1500 bytes, or 1492 bytes for PPPoE connections. Change
the MTU only if you are sure that it is necessary for your ISP connection.
• NAT Filtering. Network Address Translation (NAT) determines how the router
processes inbound traffic. Secured NAT protects computers on the LAN from
attacks from the Internet but might prevent some Internet games, point-to-point
applications, or multimedia applications from working. Open NAT provides a
much less secured firewall but allows almost all Internet applications to work.
Manage Network Settings 56 User Manual

• Disable SIP ALG. Some voice and video communication applications do not
work well with the SIP ALG. Disabling the SIP ALG might help your voice and
video applications to create and accept a call through the router.

Set up a default DMZ server

The default DMZ server feature is helpful when you are using some online games and
videoconferencing applications that are incompatible with Network Address Translation
(NAT). The router is programmed to recognize some of these applications and to work
correctly with them, but other applications might not function well. In some cases, one
local computer can run the application correctly if the IP address for that computer is
entered as the default DMZ server.
WARNING: DMZ servers pose a security risk. A computer designated as the default
DMZ server loses much of the protection of the firewall and is exposed to exploits from
the Internet. If compromised, the DMZ server computer can be used to attack other
computers on your network.
The router usually detects and discards incoming traffic from the Internet that is not a
response to one of your local computers or a service that you configured on the Port
Forwarding/Port Triggering page. Instead of discarding this traffic, you can specify that
the router forwards the traffic to one computer on your network. This computer is called
the default DMZ server.
To set up a default DMZ server:
router network.



5. Select the Default DMZ Server check box.

6. Type the IP address.
Change the router’s device name

The router’s device name is preconfigured with the router's model number. You can
edit the device name from the LAN Setup page.
To change the router’s device name:
router network.

4. Select ADVANCED > Setup > LAN Setup.

The LAN Setup page displays.
5. Click the Edit button next to the device name, then edit the device name.
Change the LAN TCP/IP settings

The router is preconfigured to use private IP addresses on the LAN side and to act as
a DHCP server. The router’s default LAN IP configuration is as follows:
• LAN IP address. 192.168.1.1

• Subnet mask. 255.255.255.0

These addresses are part of the designated private address range for use in private
networks and are suitable for most applications. If your network requires a different IP
addressing scheme, you can change these settings.
You might want to change these settings if you need a specific IP subnet that one or
more devices on the network use, or if you use competing subnets with the same IP
scheme.
To change the LAN TCP/IP settings:
router network.


5. In the IP Address field, type the IP address.
6. In the IP Subnet Mask field, type the subnet mask of the router.
The IP address and subnet mask identify which addresses are local to a specific
device and which must be reached through a gateway or router.
7. Change the RIP settings.

Router Information Protocol (RIP) allows a router to exchange routing information
with other routers.
a. Select the RIP direction:
• Both. The router broadcasts its routing table periodically and incorporates
information that it receives.
• Out Only. The router broadcasts its routing table periodically.
• In Only. The router incorporates the RIP information that it receives.
b. Select the RIP version:

• Disabled. This is the default setting.
• RIP-1. This format is universally supported. It is adequate for most networks,
unless you are using an unusual network setup.

• RIP-2. This format carries more information. Both RIP-2B and RIP-2M send the
routing data in RIP-2 format. RIP-2B uses subnet broadcasting. RIP-2M uses
multicasting.

If you changed the LAN IP address of the router, you are disconnected when this
change takes effect.
9. To reconnect, close your browser, relaunch it, and log in to the router.
Specify the IP addresses that the router

assigns
By default, the router acts as a Dynamic Host Configuration Protocol (DHCP) server. The
router assigns IP, DNS server, and default gateway addresses to all computers connected
to the LAN. The assigned default gateway address is the LAN address of the router.
These addresses must be part of the same IP address subnet as the router’s LAN IP
address. Using the default addressing scheme, define a range between 192.168.1.2
and 192.168.1.254, although you can save part of the range for devices with fixed
addresses.
To specify the pool of IP addresses that the router assigns:
router network.


5. Make sure that the Use Router as DHCP Server check box is selected.

6. Specify the range of IP addresses that the router assigns:

a. In the Starting IP Address field, type the lowest number in the range.
This IP address must be in the same subnet as the router.
b. In the Ending IP Address field, type the number at the end of the range of IP
addresses.
This IP address must be in the same subnet as the router.

The router delivers the following address information to any LAN device that requests
a DHCP address:
• An IP address from the range that you define

• Subnet mask
• Gateway IP address (the router’s LAN IP address)
• DNS server IP address (the router’s LAN IP address)
Disable the DHCP server feature in the router

By default, the router acts as a DHCP server. The router assigns IP, DNS server, and
default gateway addresses to all computers connected to the LAN. The assigned default
gateway address is the LAN address of the router.
You can use another device on your network as the DHCP server or specify the network
settings of all your computers.
To disable the DHCP server feature in the router:
router network.


5. Clear the Use Router as DHCP Server check box.

7. (Optional) If this service is disabled and no other DHCP server is on your network,
set your computer IP addresses manually so that the computers can access the router.
Manage reserved LAN IP addresses

When you specify a reserved IP address for a computer on the LAN, that computer
always receives the same IP address each time it accesses the router’s DHCP server.
Assign reserved IP addresses to computers or servers that require permanent IP settings.
Reserve an IP address
To reserve an IP address:
router network.


5. In the Address Reservation section, click the Add button.

The Address Reservation page displays.
6. In the IP Address field, type the IP address to assign to the computer or server.
Choose an IP address from the router’s LAN subnet, such as 192.168.1.x.
7. Type the MAC address of the computer or server.
Tip: If the computer is already on your network, you can copy its MAC address from
the Attached Devices page and paste it here.


The reserved address is entered into the table.
The reserved address is not assigned until the next time the computer contacts the
router’s DHCP server. Reboot the computer, or access its IP configuration and force a
DHCP release and renew.
Edit a reserved IP address

To edit a reserved address entry:
router network.


5. Select the radio button next to the reserved address that you want to edit.
6. Click the Edit button.
The Address Reservation page displays.
7. Change the settings.

Delete a reserved IP address entry

To delete a reserved address entry:
router network.


5. Select the radio button next to the reserved address that you want to delete.
6. Click the Delete button.
The address is removed.
Use the WPS Wizard for WiFi connections

The WPS Wizard helps you connect WPS-enabled devices to your WiFi network without
typing the WiFi password.
You can use the WPS Wizard or you can use the physical WPS button on your router to
connect WPS-enabled devices. To use the physical WPS button on your router, see
Connect to the WiFi network using WPS on page 18 for more information.
To use the WPS Wizard to connect to the WiFi network:
router network.

4. Select ADVANCED > WPS Wizard.

The Add WPS Client page displays.
5. Click the Next button.

The page displays instructions about how to connect using WPS.
6. Click the WPS button that displays on the page.
Note: To use the physical WPS push button on the router, see Connect to the WiFi
network using WPS on page 18 and follow the instructions in that section.

7. Within two minutes, on your WPS-enabled device, press its WPS button or follow
its instructions for how to connect using WPS.
A success page displays if your WPS-enabled device successfully connects to the
WiFi network.
Specify basic WiFi settings

The router comes with preset security. This means that the WiFi network name (SSID),
network key (password), and security option (encryption protocol) are preset in the
factory. You can find the preset SSID and password on the router label.
Note: The preset SSID and password are uniquely generated for every device to protect
and maximize your WiFi security.
If you change your preset security settings, make a note of the new settings and store
it in a safe place where you can easily find it.
If your computer is connected with WiFi when you change the SSID or other WiFi security
settings, you are disconnected when you click the Apply button. To avoid this problem,
use a computer with a wired connection to access the router.
To specify basic WiFi settings:
router network.

4. Select Wireless.
The Wireless Settings page displays.
You can specify the settings for the 2.4 GHz band and 5 GHz band.
5. From the Region menu, select your region.

In some locations, you cannot change this setting.
6. To control the SSID broadcast, select or clear the Enable SSID Broadcast check
box.

When this check box is selected, the router broadcasts its network name (SSID) so
that it displays when you scan for local WiFi networks on your computer or mobile
device.
7. To change the network name (SSID), type a new name in the Name (SSID) field.
The name can be up to 32 characters long and it is case-sensitive. The default SSID
is randomly generated and is on the router label. If you change the name, make sure
to write down the new name and keep it in a safe place.
8. To change the WiFi channel, select a number from the Channel menu.
In some regions, not all channels are available. Do not change the channel unless
you experience interference (shown by lost connections or slow data transfers). If
this happens, experiment with different channels to see which is the best.
When you use multiple access points, it is better if adjacent access points use different
channels to reduce interference. The recommended channel spacing between
adjacent access points is four channels (for example, use Channels 1 and 5, or 6 and
10).

If you connected wirelessly to the network and you changed the SSID, you are
disconnected from the network.
10. Make sure that you can connect wirelessly to the network with its new settings.
If you cannot connect wirelessly, check the following:
• Is your computer or mobile device connected to another WiFi network in your
area? Some WiFi devices automatically connect to the first open network without
WiFi security that they discover.
• Is your computer or mobile device trying to connect to your network with its old
settings (before you changed the settings)? If so, update the WiFi network selection
in your computer or mobile device to match the current settings for your network.
Change the WiFi mode

The WiFi mode options for the 2.4 GHz and 5 GHz WiFi networks depend on whether
AX WiFi is enabled. For more information about AX WiFi , see Enable or disable AX
WiFi on page 90.

Change the WiFi mode if AX WiFi is enabled

To change the WiFi mode settings if AX WiFi is enabled:
router network.

you logged in. The user name and password are case-sensitive.
4. Select Wireless.
5. In the Wireless Network (2.4 GHz b/g/n/ax) section, select a WiFi mode from the
Mode menu.
• Up to 54 Mbps. This mode allows 802.11ax, 802.11n, 802.11g, and 802.11b
devices to join the network but limits 802.11ax and 802.11n devices to functioning
at up to 54 Mbps.
• Up to 289 Mbps. This mode allows for reduced interference with neighboring
WiFi networks. This mode allows 802.11ax, 802.11n, 802.11g, and 802.11b
at up to 289 Mbps.
devices to join the network and allows 802.11ax and 802.11n devices to function
at up to 600 Mbps. This mode is the default mode.
6. In the Wireless Network (5 GHz a/n/ac/ax) section, select a WiFi mode from the Mode
menu.
• Up to 450 Mbps. This mode allows 802.11ax, 802.11ac, 802.11n, and 802.11a
devices to join the selected WiFi network in the 5 GHz band of the network but
limits 802.11ax, 802.11ac, and 802.11n devices to functioning at up to 450 Mbps.
WiFi networks. This mode allows 802.11ax, 802.11ac, 802.11n, and 802.11a
limits 802.11ax and 802.11ac devices to functioning at up to 900 Mbps.

limits 802.11ax devices to functioning at up to 1800 Mbps. This mode is the

default mode.
devices to join the selected WiFi network in the 5 GHz band of the network and
allows 802.11ax devices to function at up to 3600 Mbps.

Change the WiFi mode if AX WiFi is disabled

To change the WiFi mode settings if AX WiFi is disabled:
router network.

you logged in. The user name and password are case-sensitive.
4. Select Wireless.
5. In the Wireless Network (2.4 GHz b/g/n/ax) section, select a WiFi mode from the
Mode menu.
at up to 54 Mbps.
WiFi networks. This mode allows 802.11ax, 802.11n, 802.11g, and 802.11b
at up to 173 Mbps.
devices to join the network and allows 802.11ax and 802.11n devices to function
at up to 400 Mbps. This mode is the default mode.

6. In the Wireless Network (5 GHz a/n/ac/ax) section, select a WiFi mode from the Mode
menu.
limits 802.11ax, 802.11ac, and 802.11n devices to functioning at up to 360 Mbps.
WiFi networks. This mode allows 802.11ax, 802.11ac, 802.11n, and 802.11a
limits 802.11ax and 802.11ac devices to functioning at up to 750 Mbps.
limits 802.11ax devices to functioning at up to 1625 Mbps. This mode is the
default mode.
devices to join the selected WiFi network in the 5 GHz band of the network and
allows 802.11ax devices to function at up to 3250 Mbps.

Change the WiFi password or the WiFi

security
The WiFi password is different from the admin password that you use to log in to the
router.
Your router comes with preset WPA3, WPA2, or WPA security. We recommend that you
use the preset security, but you can change the settings. Do not disable the preset
security.
To change the WiFi password or the WiFi security:
router network.


4. Select Wireless.
5. To change the 2.4 GHz or 5 GHz WiFi password, enter a new password in the
Password (Network Key) field.
You must enter a phrase of 8 to 63 characters. The Password (Network Key) field
displays if the WPA2-PSK [AES], WPA-PSK [TKIP] + WPA2-PSK [AES], or
WPA3-Personal security radio button is selected.
6. To change the WiFi security for the 2.4 GHz or 5 GHz WiFi network, select a Security
Options radio button.
• None. An open WiFi network that does not provide any security. Any WiFi device
can join the WiFi network. We recommend that you do not use an open WiFi
network.
• WPA2-PSK [AES]. This option is the default setting. This type of security enables
WiFi devices that support WPA2 to join the router’s WiFi network. If you did not
change the WiFi password, the default password displays. The default password
is printed on the router label.WPA2 provides a secure connection but some older
WiFi devices do not detect WPA2 and support only WPA. If your network includes
such older devices, select WPA-PSK [TKIP] + WPA2-PSK [AES] security.
• WPA-PSK [TKIP] + WPA2-PSK [AES]. This type of security enables WiFi devices
that support either WPA or WPA2 to join the router’s WiFi network. However,
WPA-PSK [TKIP] is less secure than WPA2-PSK [AES] and limits the speed of WiFi
devices to 54 Mbps.
• WPA3-Personal. This type of security enables WiFi devices that support WPA3
to join the WiFi network. WPA3 is the latest security standard, uses SAE encryption,
and is more secure than WPA2. If all devices on your network support WPA3, we
recommend that you use this type of security.

Set up a guest WiFi network

A guest network allows visitors to use the Internet without using your WiFi security
password or with a different WiFi password. By default, the guest WiFi network is
disabled. You can enable and configure the guest WiFi network for each WiFi band.

The router simultaneously supports the 2.4 GHz band for 802.11n, 802.11g, and 802.11b
devices and the 5 GHz band for 802.11ac, 802.11n, and 802.11a devices.
The WiFi mode of the guest WiFi network depends on the WiFi mode of the main WiFi
network. For example, if you configure the WiFi mode for the main WiFi network as Up
to 54 Mbps in the 2.4 GHz band, the guest WiFi network also functions in the Up to 54
Mbps mode in the 2.4 GHz band. The channel also depends on the channel selection
of the main WiFi network.
The router provides two default guest networks with the following names (SSIDs):
• 2.4 GHz guest WiFi network SSID. NETGEAR_Guest
• 5 GHz guest WiFi network SSID. NETGEAR-5G_Guest
By default, these networks are configured as open networks without security but are
disabled. You can enable one or both networks. You can also change the SSIDs for
these networks.
To set up a guest network:
router network.

4. Select Guest Network.

The Guest Network Settings page displays.
5. Configure the following settings to set up a 2.4 GHz or 5 GHz guest WiFi network:
• Enable Guest Network. By default, the guest WiFi network is disabled. To enable
the guest WiFi network for the
2.4 GHz or 5 GHz WiFi band, select the Enable Guest Network check box.
• Enable SSID Broadcast. By default, the router broadcasts the SSID of the WiFi
band so that WiFi stations can detect the WiFi name (SSID) in their scanned
network lists. To turn off the SSID broadcast for the 2.4 GHz or 5 GHz guest WiFi
network, clear the Enable SSID Broadcast check box.
• Allow guests to see each other and access my local network. By default, WiFi
clients that are connected to the 2.4 GHz or 5 GHz guest WiFi network cannot
access WiFi devices or Ethernet devices that are connected to the main WiFi

network. To allow access to the main WiFi network, select the Allow guests to
see each other and access my local network check box.
• Guest Wireless Network Name (SSID). The SSID is the 2.4 GHz or 5 GHz guest
WiFi network name. The default 2.4 GHz SSID is NETGEAR_Guest. The default 5
GHz SSID NETGEAR-5G_Guest.
To change the SSID, enter a 32-character (maximum), case-sensitive name in this
field.
6. Select a WiFi security option for the 2.4 GHz or 5 GHz guest WiFi network:
• None. An open WiFi network that does not provide any security. Any WiFi device
can join the 2.4 GHz or 5 GHz guest WiFi network. This is the default setting for
the guest WiFi network.
• WPA2-PSK [AES]. WPA2 provides a secure and fast connection but some older
WiFi devices do not detect WPA2 and support only WPA. Select WPA2-PSK [AES]
security to allow 802.11n devices to connect to the 2.4 GHz or 5 GHz guest WiFi
network at the fastest speed. If your network includes older devices that do not
support WPA2, select WPA-PSK [TKIP] + WPA2-PSK [AES] security. To use WPA2
security, in the Password (Network Key) field, enter a phrase of 8 to 63
characters. To join the 2.4 GHz or 5 GHz guest WiFi network, a user must enter
this password.
• WPA-PSK [TKIP] + WPA2-PSK [AES]. This type of security enables WiFi devices
that support either WPA or WPA2 to join the 2.4 GHz band of the guest WiFi
network. However, WPA-PSK [TKIP] is less secure than WPA2-PSK [AES] and limits
the speed of WiFi devices to 54 Mbps. To use WPA + WPA2 security, in the
Password (Network Key) field, enter a phrase of 8 to 63 characters. To join the
2.4 GHz or 5 GHz guest WiFi network, a user must enter this password.

8. Make sure that you can reconnect over WiFi to the network with its new security
settings.
If you cannot connect over WiFi, check the following:
• If your computer or mobile device is already connected to another WiFi network
in your area, disconnect it from that WiFi network and connect it to the WiFi
network that the router provides.
Some WiFi devices automatically connect to the first open network without WiFi
security that they discover.
• Does your computer or mobile device display as an attached device?
If it does, it is connected to the network.
• Are you using the correct network name (SSID) and password?

Enable or disable the WiFi radios

If you used the WiFi On/Off button to turn off the WiFi radios, you can’t log in to the
router to turn them back on. You must press the WiFi On/Off button again for two
seconds to turn the WiFi radios back on.
To enable or disable the WiFi radios:
router network.

4. Select ADVANCED > Advanced Setup > Wireless Settings.

5. Do one of the following for your router’s WiFi networks:

• Turn off the WiFi radio. Clear the Enable Wireless Router Radio check box.
• Turn on the WiFi radio. Select the Enable Wireless Router Radio check box.

Set up a WiFi schedule

You can turn off the WiFi signal from your router at times when you do not need a WiFi
connection. For example, you might turn it off for the weekend if you leave town.
To set up the WiFi schedule:
router network.



5. Click the Add a new period button.

The page adjusts.
6. Use the menus, radio buttons, and check boxes to set up a period during which you
want to turn off the WiFi signal.
8. Select the Turn off wireless signal by schedule check box to activate the schedule.
Set up the router as a WiFi access point

You can set up the router to run as an access point (AP) on the same local network as
another router.
To set up the router as an AP:
1. Use an Ethernet cable to connect the Internet port of this router to an Ethernet port
on the other router.
router network.

5. Select ADVANCED > Advanced Setup > Router / AP Mode.

The Router / AP Mode page displays.
6. Select AP Mode.
The page adjusts.
7. Select an IP address setting:

• Get dynamically from existing router. The other router on the network assigns
an IP address to this router while it is in AP mode.
• Use fixed IP settings on this device (not recommended). Use this setting if you
want to manually assign a specific IP address to this router while it is in AP mode.
Using this option effectively requires advanced network experience.
Note: To avoid interference with other routers or gateways in your network, we

recommend that you use different WiFi settings on each router. You can also turn
off the WiFi radio on the other router or gateway and use this router only for WiFi
client access.

The IP address of the router changes, and you are disconnected.
9. To reconnect, close and restart your browser and type http://www.routerlogin.net.
Set up a bridge for a port group or VLAN tag

group
Some devices, such as an IPTV, cannot function behind the router’s network address
translation (NAT) service or firewall. Based on what your Internet service provider (ISP)
requires, for the device to connect to the ISP’s network directly, you can enable the
bridge between the device and the router’s Internet port or add new VLAN tag groups
to the bridge.
Note: If your ISP provides instructions for how to set up a bridge for IPTV and Internet
service, follow those instruction.
Set up a bridge for a port group

If the devices that are connected to the router’s Ethernet LAN port or WiFi network
include an IPTV device, your ISP might require you to set up a bridge for a port group
for the router’s Internet interface.

A bridge with a port group prevents packets that are sent between the IPTV device and
the router’s Internet port from being processed through the router’s network address
translation (NAT) service.
To configure a port group and enable the bridge:
router network.

4. Select ADVANCED > Advanced Setup > VLAN/Bridge Settings.

The VLAN/Bridge Settings page displays.
5. Select the Enable VLAN/Bridge Setup check box.

The page expands.
6. Select the By bridge group radio button.

The page expands.
7. Select a Wired Ports check box or a Wireless check box:

• Wired Ports. If your device is connected to an Ethernet port on the router, select
the Wired Ports check box that corresponds to the Ethernet port on the router to
which the device is connected.
• Wireless. If your device is connected to your router’s WiFi network, select the
Wireless check box that corresponds to the router’s WiFi network to which the
device is connected.
Note: You must select at least one Wired Ports or Wireless check box. You can select
more than one check box.


Set up a bridge for a VLAN tag group

If the devices that are connected to the router’s Ethernet LAN ports or WiFi network
include an IPTV device, your ISP might require you to set up a bridge for a VLAN tag
group for the router’s Internet interface.
If you are subscribed to IPTV service, the router might require VLAN tags to distinguish
between the Internet traffic and the IPTV traffic. A bridge with a VLAN tag group prevents
packets that are sent between the IPTV device and the router’s Internet port from being
processed through the router’s network address translation (NAT) service.
You can add VLAN tag groups to a bridge and assign VLAN IDs and priority values to
each VLAN tag group.
To add a VLAN tag group and enable the bridge:
router network.



The page expands.
6. Select the Enable VLAN Tag radio button.

The page expands.

The Add VLAN Rule page displays.
8. Specify the following settings for the VLAN tag group:

• Name. Enter a name for the VLAN tag group.
The name can be up to 10 characters.
• VLAN ID. Enter a value from 1 to 4094.
• Priority. Enter a value from 0 to 7.

9. Select the check box for a wired Ethernet port or wireless network.
If your device is connected to an Ethernet port on the router, select the wired Ethernet
port check box that corresponds to the Ethernet port on the router to which the
device is connected. If your device is connected to your router’s WiFi network, select
the WiFi check box that corresponds to the router’s WiFi network to which the device
is connected.
You must select at least one Ethernet port or wireless network. You can select more
than one port.

The VLAN tag group is added.

Set up an IPTV port

You can set up the router to create an Internet Protocol television (IPTV) port that can
lease an IP address from your IPTV service provider. Use this feature only if you subscribe
to an IPTV service and your IPTV service requires an intranet address.
Some IPTV ports cannot work behind NAT because the IPTV port requires an IP address
within the Internet service provider's network (intranet address). You can set up a bridge
connection from the WAN to one of the LAN ports. When IPTV is connected through
WiFi, the home router also must support the bridging of the WAN port to the WiFi
network name (SSID). The designated LAN port or WiFi name becomes an IPTV port
with direct access to the WAN without going through NAT.
To configure an IPTV port:
network.
3. Enter the router user name and password.



The page expands.
6. Select the By bridge group radio button.

The page expands.
7. Select a Wired Ports check box or a Wireless check box:

• Wired Ports. If your device is connected to an Ethernet port on the router, select
the Wired Ports check box that corresponds to the Ethernet port on the router to
which the device is connected.
• Wireless. If your device is connected to your router’s WiFi network, select the
Wireless check box that corresponds to the router’s WiFi network to which the
Note: You must select at least one Wired Ports or Wireless check box. You can select
more than one check box.

Manage custom static routes

For almost all Internet traffic, routes are automatically and dynamically selected. You
can also set up a fixed, static route. Typically, you only need to add static routes when
you have more than one router or multiple IP subnets on your network.
As an example of when a static route is needed, consider the following case:
• Your main Internet access is through a cable modem to your ISP. The cable modem
is connected to your router.
• Your network also includes an ADSL router that you use to access a remote office
site. This ADSL router is connected to a DSL modem, which is used on-demand only.
• Your LAN subnet is 192.168.1.0, and the ADSL router’s address on your LAN is
192.168.1.100.
• The public IP address range at the remote office site is 134.177.0.0.
When you set up your router, two implicit static routes were created:
1. A default route was created between your router and the cable modem that connects
to your ISP.
2. A second static route was created between your router and your LAN for all
192.168.1.0 addresses.

With this configuration, if you try to access a device on the 134.177.0.0 network at the
remote office site, your router forwards your request to your ISP. In turn, the ISP forwards
your request to the remote office site, where the firewall will deny the request.
In this situation, you must define a static route, telling your router to access 134.177.0.0
addresses through your ADSL router at its LAN address of 192.168.1.100.
Here is an example static route setting for this configuration:
• Destination IP address and subnet mask settings: The route applies to all addresses
at the remote site, so set the destination IP address to 134.177.0.0 and the subnet
mask to 255.255.255.0.
• Gateway IP address: Traffic for addresses in the 134.177.0.0 network must be
forwarded to the ADSL router, so set the gateway IP address to 192.168.1.100 (the
ADSL router’s address on your LAN).
• Private route: Make the static route private as a security precaution in case Routing
Information Protocol (RIP) is activated. A private route is not reported in RIP messages.
Set up a static route

To set up a static route:
router network.

4. Select ADVANCED > Advanced Setup > Static Routes.

The Static Routes page displays.

The page adjusts.
6. In the Route Name field, type a name for this static route (for identification purposes
only).
7. To limit access to the LAN only, select the Private check box.
If the Private check box is selected, the static route is not reported in RIP.
8. To prevent the route from becoming active, clear the Active check box.

In some situations, you might want to set up a static route but keep it disabled until
a later time. By default, the Active check box is selected and a route becomes active
after you click the Apply button.
9. Enter the following settings:

• Destination IP Address. Enter the IP address for the final destination of the route.
• IP Subnet Mask. Enter the IP subnet mask for the final destination of the route.
If the destination is a single host, enter 255.255.255.255.
• Gateway IP Address. Enter the IP address of the gateway.
The IP address of the gateway must be on the same LAN segment as the router.
• Metric. Enter a number from 2 through 15.
This value represents the number of routers between your network and the
destination. Usually, a setting of 2 or 3 works.

Your settings are saved. The static route is added to the table on the Static Routes
page.
Edit a static route

To edit a static route:
router network.


5. In the table, select the radio button for the route.

The Static Routes page adjusts.
7. Edit the route information.


Delete a static route

To delete a static route:
router network.


5. In the table, select the radio button for the route.

6. Click the Delete button.
The route is removed from the table.
Enable or disable implicit beamforming

Beamforming shapes a directional WiFi signal aimed at a WiFi client based on the client’s
location, as opposed to radiating the signal out in all directions. This feature improves
WiFi range and performance. Clients do not need to support beamforming to benefit
from implicit beamforming.
To enable or disable implicit beamforming:
router network.



5. Select or clear the Enable Implicit BEAMFORMING check box.
Selecting this check box enables implicit beamforming. Clearing this check box
disables implicit beamforming.

If you connected over WiFi to the network, you are disconnected from the network
and must reconnect.
Enable or disable MU-MIMO

Multiuser multiple input, multiple output (MU-MIMO) improves performance when many
WiFi clients that are MU-MIMO-capable transfer data at the same time. For MU-MIMO
to function, WiFi clients must support MU-MIMO, and they must be connected to a
5 GHz WiFi band. This feature is enabled by default, but you can disable it.
To enable or disable MU-MIMO:
router network.


5. Select or clear the Enable MU-MIMO check box.
Selecting this check box enables MU-MIMO. Clearing this check box disables
MU-MIMO.


If you connected over WiFi to the network, you are disconnected from the network
and must reconnect.
Enable or disable PMF

Protected Management Frames (PMF) is a security feature that protects unicast and
multicast management frames from being intercepted and changed for malicious
purposes.
To enable or disable PMF:
router network.


5. Enable or disable the PMF feature:

• Enable PMF. To enable PMF, clear the Disable PMF check box. If you enable
PMF, devices that do not support PMF cannot connect to the WiFi network.
• Disable PMF. To disable PMF, select the Disable PMF check box. PMF is disabled
for the WiFi network.


6
Optimize Performance
You can set up the router to optimize performance for applications such as Internet
gaming, high-definition video streaming, and VoIP communication. By default, the router
uses Wi-Fi Multimedia Quality of Service (WMM QoS).
• Use Dynamic QoS to optimize Internet traffic management
• Improve network connections with Universal Plug and Play
• Wi-Fi Multimedia Quality of Service
• Enable or disable AX WiFi
• Enable or disable Smart Connect
• Enable or Disable OFDMA
85
Use Dynamic QoS to optimize Internet traffic

management
Dynamic Quality of Service (QoS) helps improve your router’s Internet traffic management
capabilities through better application and device identification, bandwidth allocation,
and traffic prioritization techniques. Dynamic QoS resolves traffic congestion when the
Internet bandwidth is limited and different demands compete for bandwidth.
Enable Dynamic QoS

Because not everyone uses Dynamic QoS, it is disabled by default.
To enable Dynamic QoS:
router network.

4. Select QoS.
The QoS page displays.
5. Select the Enable QoS check box.
6. Specify your Internet bandwidth:
• Let Speedtest detect my Internet bandwidth. We recommend that you use
Speedtest to detect your Internet bandwidth.
To use Speedtest, do the following:
a. For more accurate Speedtest results, make sure that no other devices are
accessing the Internet.
b. Select the Let Speedtest detect my Internet bandwidth radio button.
c. Click the Take a Speedtest button.
Speedtest determines your Internet bandwidth.
Optimize Performance 86 User Manual

• I want to define my Internet Bandwidth. If you know what your download and
upload speed are, select this radio button and enter your download and upload
speeds in the fields.

Enable or disable the automatic QoS database update

The router uses a QoS database of the most popular applications and services to
implement Dynamic QoS. By default, the router automatically updates this database.
You can turn off this feature and manually update the database.
To enable or disable the automatic Dynamic QoS database update:
router network.

4. Select QoS.
The QoS page displays. If you already enabled Dynamic QoS, the Enable QoS check
box is selected.
5. Select or clear the Automatically update performance optimization database

check box.
Manually update the dynamic QoS database

The router uses a QoS database of the most popular applications and services to
implement Dynamic QoS. By default, the router automatically updates this database
when you enable Dynamic QoS, but if you turned off the automatic update feature, you
can manually update the database.

To manually update the Dynamic QoS database:

router network.

4. Select QoS.
The QoS page displays. If you already enabled Dynamic QoS, the Enable QoS check
box is selected.
5. Click the Update Now button.

The router checks for the newest version of the database and downloads it.

Improve network connections with Universal

Plug and Play
Universal Plug and Play (UPnP) helps devices such as Internet appliances and computers
access the network and connect to other devices as needed. UPnP devices can
automatically discover the services from other registered UPnP devices on the network.
If you use applications such as multiplayer gaming, peer-to-peer connections, or real-time
communications such as instant messaging or remote assistance (a feature in Windows
XP), enable UPnP.
To enable Universal Plug and Play:
router network.

4. Select ADVANCED > Advanced Setup > UPnP.

The UPnP page displays.
5. Select the Turn UPnP On check box.

By default, this check box is selected. UPnP for automatic device configuration can
be enabled or disabled. If the Turn UPnP On check box is cleared, the router does
not allow any device to automatically control router resources, such as port
forwarding.
6. Type the advertisement period in minutes.

The advertisement period specifies how often the router broadcasts its UPnP
information. This value can range from 1 to 1440 minutes. The default period is 30
minutes. Shorter durations ensure that control points receive current device status
at the expense of more network traffic. Longer durations can compromise the
freshness of the device status but can significantly reduce network traffic.
7. Type the advertisement time to live in hops.

The time to live for the advertisement is measured in hops (steps) for each UPnP
packet sent. Hops are the steps a packet takes between routers. The number of hops
can range from 1 to 255. The default value for the advertisement time to live is 4
hops, which should be fine for most home networks. If you notice that some devices
are not being updated or reached correctly, it might be necessary to increase this
value.

The UPnP Portmap Table displays the IP address of each UPnP device that is accessing
the router and which ports (internal and external) that device opened. The UPnP
Portmap Table also displays what type of port is open and whether that port is still
active for each IP address.
9. To refresh the information in the UPnP Portmap Table, click the Refresh button.
Wi-Fi Multimedia Quality of Service

Wi-Fi Multimedia Quality of Service (WMM QoS) prioritizes WiFi voice and video traffic
over the WiFi link. WMM QoS is automatically enabled for the router.
WMM QoS prioritizes WiFi data packets from different applications based on four access
categories: voice, video, best effort, and background. For an application to receive the

benefits of WMM QoS, WMM must be enabled for both it and the client running that
application. Legacy applications that do not support WMM and applications that do
not require QoS are assigned to the best effort category, which receives a lower priority
than voice and video.
Note: We recommend that you do not disable the WMM settings. If you disable the
WMM settings for 2.4 GHz or 5 GHz, the maximum link rate your router can reach is 54
Mbps.
To disable the WMM settings:

router network.

4. Select ADVANCED > Setup > QoS Setup.

The QoS page displays.
5. Click the WMM tab.

6. Clear the Enable WMM (Wi-Fi multimedia) settings (2.4 GHz b/g/n) check box.
7. Clear the Enable WMM (Wi-Fi multimedia) settings (5 GHz a/n/ac) check box.
Enable or disable AX WiFi

AX WiFi improves your network’s capacity, Internet upload and download speeds, and
WiFi range by allowing WiFi traffic from different devices to be concurrently managed.
To do this, AX WiFi uses Orthogonal Frequency-Division Multiple-Access (OFDMA),
4x4 multi-user MIMO, and intelligent scheduling.
AX WiFi is enabled by default.

To enable or disable AX WiFi:

router network.

4. Select Wireless.
The Wireless Setup page displays.
5. Select or clear the Enable AX check box.

Selecting this check box turns on AX WiFi and clearing this check box turns off AX
WiFi.

Enable or disable Smart Connect

Smart Connect selects the fastest WiFi band for your device. For Smart Connect to work,
the 2.4 GHz and 5 GHz bands must use the same WiFi network name (SSID) and network
key (password). That means that when you connect to the router with WiFi, you see only
one SSID that connects to both bands.
Note: If you enable Smart Connect and the SSID and passwords for the 2.4 GHz and
5 GHz bands do not match, the WiFi settings for 2.4 GHz band overwrites the WiFi
settings for 5 GHz band.
To enable or disable Smart Connect:

router network.

4. Select Wireless.
5. Select or clear the Enable Smart Connect check box.

Selecting this check box turns on Smart Connect and clearing this check box turns
off Smart Connect.

Enable or Disable OFDMA

If AX WiFi is enabled (which it is by default), you can enable Orthogonal
Frequency-Division Multiple-Access (OFDMA) for each radio band independently. By
default, OFDMA is disabled in both radio bands, even when AX WiFi is enabled.
OFDMA allows data transmission signals to be split into smaller signals. Your router
sends these small signals directly to individual devices in your network. Because multiple
devices can be served in the same transmission window, your router doesn’t have to
wait for medium access for every packet. This method of communication increases
network speed and efficiency.
Note the following about OFDMA:
• Enable OFDMA if your network includes many Internet of things (IoT) devices.
• After you enable OFDMA, if you notice that some of your devices do not function
as expected, disable OFDMA to see if the devices function fine.
• If your network includes many older devices, you might want to keep OFDMA
disabled.
To enable or disable OFDMA:

router network.

4. Select Wireless.
5. Select or clear the Enable OFDMA in 2.4GHz check box.
Selecting this check box turns on OFDMA in the 2.4 GHz radio band and clearing
this check box turns off OFDMA in the 2.4 GHz radio band.
6. Select or clear the Enable OFDMA in 5GHz check box.

Selecting this check box turns on OFDMA in the 5 GHz radio band and clearing this
check box turns off OFDMA in the 5 GHz radio band.


7
Manage Your Router
This chapter describes the router settings for administering and maintaining your router
and home network.
• Update the router firmware
• Change the admin password
• Enable admin password reset
• Reset the admin password
• Always use HTTPS to access the router
• View information about the router and the Internet and WiFi settings
• Display the statistics of the Internet port
• Check the Internet connection status
• View and manage logs of router activity
• View devices currently on the network
• Monitor Internet traffic
• Manage the router configuration file
• Connect to your router with Anywhere Access
• Turn off the router LEDs
• Set the NTP server
• Set your time zone
• Specify ReadyDLNA media server settings
• Return the router to its factory default settings
94
Update the router firmware

You can log in to the router and check if new firmware is available, or you can manually
load a specific firmware version to your router.
Check for new firmware and update the router

The router firmware (routing software) is stored in flash memory. You might see a
message at the top of the router pages when new firmware is available. You can respond
to that message to update the firmware or you can check to see if new firmware is
available and update your product.
Note: We recommend that you connect a computer to the router using an Ethernet
connection to update the firmware.
To check for new firmware and update your router:

1. Launch a web browser from a computer that is connected to the router network.

4. Select ADVANCED > Administration > Router Update.

The Router Update page displays.
5. Click the Check button.

The router finds new firmware information if any is available and displays a message
asking if you want to download and install it.
6. Click the Yes button.

The router locates and downloads the firmware and begins the update.
WARNING: To avoid the risk of corrupting the firmware, do not interrupt the update.
For example, do not close the browser, click a link, or load a new page. Do not turn
off the router.
Manage Your Router 95 User Manual

When the upload is complete, your router restarts. The update process typically
takes about one minute. Read the new firmware release notes to find out if you must
reconfigure the router after updating.
Manually upload firmware to the router

If you want to upload a specific firmware version, or your router fails to update its firmware
automatically, follow these instructions.
Note: We recommend that you connect a computer to the router using an Ethernet
connection to upload the firmware.
To manually upload a firmware file to your router:

1. Download the firmware for your router from the NETGEAR Download Center, save
it to your desktop, and unzip the file if needed.
Note: The correct firmware file uses an .img or .chk extension.
2. Launch a web browser from a computer that is connected to the router network.

5. Select ADVANCED > Administration > Router Update.

The Router Update page displays.
6. Click the Browse button.

7. Find and select the firmware file on your computer.
8. Click the Upload button.
The router begins the upload.
WARNING: To avoid the risk of corrupting the firmware, do not interrupt the update.
off the router. Wait until the router finishes restarting. If your router does not reboot,
check the Router Status page to confirm whether the new firmware version uploaded.

Change the admin password

The admin password is the one you specified the first time you logged in. You can
change this password.
Note: The ideal password contains no dictionary words from any language and contains
uppercase and lowercase letters, numbers, and symbols. It can be up to 30 characters.
To change the password for the admin user name:

router network.

4. Select ADVANCED > Administration > Set Password.

The Set Password page displays.
5. Type the old password in the Old Password field.
6. Type the new password in the Set Password and Repeat New Password fields.
Enable admin password reset

The router admin password is used to log in to your router web interface. We recommend
that you enable password reset so that you can reset the password if you forget it. This
reset process is supported in Chrome, Safari, Firefox, Edge, and Internet Explorer.
To enable password reset:
router network.


4. Select ADVANCED > Administration > Set Password.

The Set Password page displays.
5. Select the Enable Password Reset check box.

6. Select two security questions and provide answers to them.
Reset the admin password

If you set up the password reset feature, you can reset your router admin password if
you forgot it.
To reset your admin password:
1. Launch a web browser from a computer or mobile device that is connected to your
Orbi network.
2. Enter orbilogin.com.
3. Click the Cancel button.

If password reset is enabled, you are prompted to enter the router's serial number.
You can find the router's serial number on the router label.
4. Enter the router's serial number in the field.

5. Click the Continue button.
You are requested to enter a new admin password and to set new security questions.
6. Enter your new admin password, set new security questions, and click the Next
button.
7. Click the Login button.


8. With your new admin password, log in to the router.
Always use HTTPS to access the router

You can configure the router to require HTTPS connections between your web browser
and the router web interface, for example, “https://www.routerlogin.net”. When you
enable the HTTPS requirement, connection requests to the router web interface that
specify HTTP are automatically converted to HTTPS.
Note: After you enable the HTTPS requirement, when you enter
http://www.routerlogin.net, your browser might display a security warning because
of the self-signed certificate on the router. This is expected behavior. You can proceed,
or add an exception for the security warning. For more information, visit
https://kb.netgear.com/000062980/what-to-do-incase-of-security-message.
To require HTTPS connections:

router network.

4. Select ADVANCED > Advanced Setup > Web Services Management.

The Web Services Management page displays.
5. Select the Always Use HTTPS to Access Router check box.


View information about the router and the

Internet and WiFi settings
You can view router information, the Internet port status, and WiFi settings.
To view information about the router and the Internet, modem, and WiFi settings:
router network.

4. Click the ADVANCED tab.

The ADVANCED Home page displays.
The information on this page uses the following color coding:
• A green icon indicates that the Internet connection is fine and no problems exist.
For a WiFi network, the network is enabled and secured.
• A red icon indicates that configuration problems exist for the Internet connection
or the connection is down. For a WiFi network, the network is disabled or down.
• An amber icon indicates that the Internet port is configured but cannot get an
Internet connection (for example, because the cable is disconnected), that a WiFi
network is enabled but unprotected, or that another situation that requires your
attention occurred.
Display the statistics of the Internet port

To display the statistics of the Internet port:
router network.



5. In the Internet Port pane, click the Show Statistics button.

The Show Statistics window opens and displays following information:
• System Up Time. The time elapsed since the router was last restarted.
• Port. The statistics for the WAN (Internet) port, LAN (Ethernet) ports, and WLANs.
For each port, the window displays the following information:
- Status. The link status of the port.
- TxPkts. The number of packets transmitted on this port since the router was
last started.
- RxPkts. The number of packets received on this port since the router was last
started.
- Collisions. The number of collisions on this port since the router was last
started.
- Tx B/s. The current transmission (outbound) bandwidth used on the WAN
and LAN ports.
- Rx B/s. The current reception (inbound) bandwidth used on the WAN and
LAN ports.
- Up Time. The time elapsed since this port acquired the link.
- Poll Interval. The interval at which the statistics are updated on this page.
6. To change the polling frequency, enter a time in seconds in the Poll Interval field
and click the Set Interval button.
To stop the polling entirely, click the Stop button.

Check the Internet connection status

To check the Internet connection status:
router network.


5. In the Internet Port pane, click the Connection Status button.

The Connection Status window opens. The information that displays depends on
the type of Internet connection.
For example, if your Internet connection does not require a login and the router
receives an IP address automatically, the window displays the following information:
• IP Address. The IP address that is assigned to the router.

• Subnet Mask. The subnet mask that is assigned to the router.
• Default Gateway. The IP address for the default gateway that the router
communicates with.
• DHCP Server. The IP address for the Dynamic Host Configuration Protocol server
that provides the TCP/IP configuration for all the computers that are connected
to the router.
• DNS Server. The IP address of the Domain Name Service server that provides
translation of network names to IP addresses.
• Lease Obtained. The date and time when the lease was obtained.
• Lease Expires. The date and time that the lease expires.
6. To release (stop) the Internet connection, click the Release button.

7. To renew (restart) the Internet connection, click the Renew button.
8. To exit the screen, click the Close Window button.

View and manage logs of router activity

The logs are a detailed record of the websites you accessed or attempted to access
and many other router actions. Up to 256 entries are stored in the log.
To view and manage logs:
router network.

4. Select ADVANCED > Administration > Logs.

The Logs page displays and shows information such as the following:
• Action. The action that occurred, such as whether Internet access was blocked
or allowed.
• Source IP. The IP address of the initiating device for the log entry.
• Target address. The name or IP address of the website or news group visited or
to which access was attempted.
• Date and time. The date and time the log entry was recorded.
Other information might be displayed.
5. To customize the logs, scroll down and clear or select the check boxes in the Include
in Log section.
6. To refresh the log screen, click the Refresh button.
7. To clear the log entries, click the Clear Log button.
8. To email the log immediately, click the Send Log button.
You must set up email notifications in order to receive the logs. The router emails
the logs to the address that you specified when you set up email notifications. For
more information, see Set up security event email notifications on page 53.


View devices currently on the network

You can view all computers and devices that are currently connected to your network.
To view devices on the network:
router network.

4. Select Attached Devices.

The following information is displayed:
• Connection Type. Wired or the WiFi band for the connection.
• Device Name. If the device name is known, it is shown here.
• IP Address. The IP address that the router assigned to this device when it joined
the network. This address can change if a device is disconnected and rejoins the
network.
• MAC Address. The unique MAC address for each device does not change. The
MAC address is typically shown on the product label of the device.
5. To update this page, click the Refresh button.
Monitor Internet traffic

Traffic metering allows you to monitor the volume of Internet traffic that passes through
the router Internet port. You can set limits for traffic volume.
To monitor Internet traffic:
router network.

4. Select ADVANCED > Advanced Setup > Traffic Meter.

The Traffic Meter page displays.
5. Select the Enable Traffic Meter check box.
6. To control the volume of Internet traffic, use either the traffic volume control feature
or the connection time control feature:
• Select the Traffic volume control by radio button and then select one of the
following options:
• No Limit. No restriction is applied when the traffic limit is reached.
• Download only. The restriction is applied to incoming traffic only.
• Both Directions. The restriction is applied to both incoming and outgoing
traffic.
• Select the Connection time control radio button and enter the allowed hours in
the Monthly limit field.
7. If your ISP charges for extra data volume when you make a new connection, enter
the extra data volume in MB in the Round up data volume for each connection by
field.
8. In the Traffic Counter section, set the traffic counter to begin at a specific time and
date.
To start the traffic counter immediately, click the Restart Counter Now button.
9. In the Traffic Control section, specify whether the router should issue a warning
message before the monthly limit of Mbytes or hours is reached.
By default, the value is 0 and no warning message is issued. You can select one of
the following to occur when the limit is attained:
• The Internet LED blinks.
• The Internet connection is disconnected and disabled.

The Internet Traffic Statistics section helps you to monitor the data traffic.
11. To update the Traffic Statistics section, click the Refresh button.
12. To display more information about the data traffic on your router and to change the
poll interval, click the Traffic Status button.

Manage the router configuration file

The configuration settings of the router are stored within the router in a configuration
file. You can back up (save) this file to your computer, restore it, or reset it to the factory
default settings.
Back up the settings

To back up the router’s configuration settings:
router network.

4. Select ADVANCED > Administration > Backup Settings.

The Backup Settings page displays.
5. Click the Back Up button.
6. Follow the direction of your browser to save the file.
A copy of the current settings is saved in the location that you specified.
Erase the settings

CAUTION: This process erases all settings that you configured in the router.
To erase the settings:

router network.



5. Click the Erase button.

The configuration is reset to factory default settings. When the reset is complete,
the router restarts. This process takes about two minutes.
WARNING: To avoid the risk of corrupting the firmware, do not interrupt the reset.
off the router. Wait until the router finishes restarting.
Restore the settings

To restore configuration settings that you backed up:
router network.


5. Click the Browse button to find and select the .cfg file.
6. Click the Restore button.
The file is uploaded to the router and the router restarts.
WARNING: Do not interrupt the restoration process.

Connect to your router with Anywhere

Access
The Anywhere Access feature on the Nighthawk app allows you to connect to your
router when you're away from home and change its settings. Before you can use the
Anywhere Access feature on the Nighthawk app, you must update your router’s firmware
and download the latest Nighthawk app for your mobile device.
For more information about how to update your router’s firmware, see Check for new
firmware and update the router on page 95.
To download the latest Nighthawk app for your mobile device, visit
https://www.netgear.com/home/apps-services/nighthawk-app/.
Turn off the router LEDs

The LEDs on the front panel of the router indicate activities and behavior. You can turn
off all LEDs except the Power LED.
To turn off the LEDs:
router network.

4. Select ADVANCED > Advanced Setup > LED Control Settings.

The LED Control Settings page displays.
5. To turn off all LEDs except the Power LED, select the Turn off all LEDs except Power
LED radio button.

Set the NTP server

By default, the router uses the NETGEAR NTP server to sync the network time. You can
change the NTP server to your preferred NTP server.
To set the NTP server:
router network.

4. Select ADVANCED > Administration > NTP Settings.

The NTP Settings page displays.
5. Select an NTP server radio button:
• Use the default NETGEAR NTP server: Use the preset NETGEAR NTP server.
• Set your preferred NTP server: Use your preferred server.
6. If you selected the Set your preferred NTP server radio button, enter the NTP server
domain name or IP address in the Server Address field.
Set your time zone

To set your time zone:
router network.

4. Select ADVANCED > Administration > NTP Settings.

The NTP Settings page displays.
5. Select your time zone from the menu.
6. If you live in a region that observes daylight saving time, select the Automatically
adjust for daylight savings time check box.
Specify ReadyDLNA media server settings

By default, the router acts as a ReadyDLNA media server, which lets you view movies
and photos on DLNA/UPnP AV-compliant media players, such as Xbox360, Playstation,
and NETGEAR media players.
To specify media server settings:
router network.

4. Select ADVANCED > USB Functions > ReadySHARE Storage > Media Server.
The Media Server (Settings) page displays.
5. Specify the settings:

• Enable DLNA Media Server. Select this check box to enable this device to act
as a media server.
• Rescan media files. The router automatically scans for media files whenever new
files are added to your ReadySHARE USB storage device. Only a shared folder

with All – no password in Read Access can be scanned for media files. To scan
for new media files immediately, click the Rescan media files button.
• Media Server Device Name. Click the Edit button to change the router's media
server name.
Note: If you change the media server name, you can also change the
ReadySHARE storage folder access path to the new name or keep the access
path as \\readyshare .

Return the router to its factory default

settings
Under some circumstances (for example, if you lost track of the changes that you made
to the router settings or you move the router to a different network), you might want to
erase the configuration and reset the router to factory default settings.
To reset the router to factory default settings, you can use either the Reset button on
the back of the router or the Erase function.
After you reset the router to factory default settings, the user name is admin, the
password is password, the LAN IP address is 192.168.1.1 (which is the same as
www.routerlogin.net), and the DHCP server is enabled.
Note: If the router is in access point mode and you do not know the IP address that is
assigned to it, first try to use an IP scanner application to detect the IP address. (IP
scanner applications are available online free of charge.) If you can detect the IP address,
you don’t need to reset the router to factory default settings.
Use the Reset button

To reset the router to factory default settings:

1. On the back of the router, locate the Reset button.
2. Using a straightened paper clip, press and hold the Reset button for at least five
seconds.

3. Release the Reset button.

The Power LED starts blinking. When the reset is complete, the router restarts. This
process takes about two minutes.
For example, if you are connected to the router web interface, do not close the
browser, click a link, or load a new page. Do not turn off the router. Wait until the
router finishes restarting.
Erase the settings

To erase the settings:

router network.


5. Click the Erase button.

The configuration is reset to factory default settings. When the reset is complete,
the router restarts. This process takes about two minutes.
off the router. Wait until the router finishes restarting.

8
Share USB Storage Devices
Attached to the Router
This chapter describes how to access and manage storage devices attached to your
router. ReadySHARE lets you access and share USB storage devices connected to the
router. (If your storage device uses special drivers, it is not compatible.)
Note: You can use a USB port on the router to connect a USB storage device like a
flash drive or hard drive. Do not connect a computer, USB modem, CD drive, or DVD
drive to a USB port on the router.

• USB device requirements
• Connect a USB storage device to the router
• Access a storage device connected to the router from a Windows-based computer
• Map a USB device to a Windows network drive
• Access a storage device that is connected to the router from a Mac
• Enable FTP access within your network
• View network folders on a storage device
• Add a network folder on a USB storage device
• Edit a network folder on a USB storage device
• Safely remove a USB storage device
For more information about ReadySHARE features, visit netgear.com/readyshare.
113
USB device requirements

The router works with most USB-compliant external flash and hard drives. For the most
up-to-date list of USB devices that the router supports, visit
kb.netgear.com/app/answers/detail/a_id/18985/~/readyshare-usb-drives-compatibility-list.
Some USB external hard drives and flash drives require you to load the drivers onto the
computer before the computer can access the USB storage device. Such USB storage
devices do not work with the router.
The router supports the following file system types for full read/write access:
• FAT16
• FAT32
• NTFS
• NTFS with compression format enabled
• Ext2
• Ext3
• Ext4
• HFS
• HFS+
Connect a USB storage device to the router

ReadySHARE lets you access and share USB storage devices that are connected to a
USB port on the router. (If your USB storage device uses special drivers, it is not
compatible.)
To connect a USB device:
1. Insert your USB storage device into a USB port on the router.
2. If your USB storage device uses a power supply, connect it.
You must use the power supply when you connect the USB storage device to the
router.
When you connect the USB storage device to the router USB port, it might take up
to two minutes before it is ready for sharing. By default, the USB storage device is
available to all computers on your local area network (LAN).
Share USB Storage Devices 114 User Manual

Access a storage device connected to the

router from a Windows-based computer
To access the USB storage device from a Windows-based computer:
1. Connect a USB storage device to a USB port on your router.
router.
When you connect the USB storage device to the router’s port, it might take up to
two minutes before it is ready for sharing. By default, the USB storage device is
3. Select Start > Run.

4. Enter \\readyshare in the dialog box.
5. Click the OK button.
A window automatically opens and displays the files and folders on the USB storage
device.
Map a USB device to a Windows network

drive
To map the USB storage device to a Windows network drive:
router.
3. Select Start > Run.

4. Enter \\readyshare in the dialog box.
A window automatically opens and displays the USB storage device.

6. Right-click the USB device and select Map network drive.

The Map Network Drive window opens.
7. Select the drive letter to map to the new network folder.

8. Click the Finish button.
The USB storage device is mapped to the drive letter that you specified.
9. To connect to the USB storage device as a different user, select the Connect using
different credentials check box, click the Finish button, and do the following:
a. Type the user name and password.
b. Click the OK button.
Access a storage device that is connected

to the router from a Mac
From a computer or device on the network, you can access a storage device that is
connected to the router.
To access the device from a Mac:
router.
3. On a Mac that is connected to the network, select Go > Connect to Server.

The Connect to Server window opens.
4. In the Server Address field, enter smb://readyshare.

5. When prompted, select the Guest radio button.
If you set up access control on the router and you allowed your Mac to access the
network, select the Registered User radio button and enter admin for the name
and router admin password for the password. For more information about access
control, see Network access control list on page 43.
6. Click the Connect button.

A window automatically opens and displays the files and folders on the USB storage
device.
Enable FTP access within your network

File Transfer Protocol (FTP) lets you download (receive) and upload (send) large files
faster.
To enable FTP access within your network:
router network.

4. Select ADVANCED > USB Functions > ReadySHARE Storage.

The USB Storage (Advanced Settings) page displays.
5. Select the FTP check box.

View network folders on a storage device

You can view network folders on a storage device that is connected to the router.
To view network folders:
router network.



5. Scroll down to the Available Networks Folder section to view the following settings:
• Share Name. If only one USB device is connected, the default share name is
USB_Storage.
You can click the name or you can type it in the address field of your web browser.
If Not Shared is shown, the default share was deleted and no other share for the
root folder exists.
• Read Access and Write Access. The permissions and access controls on the
network folder. All–no password (the default) allows all users to access the network
folder. The password for admin is the same one that you use to log in to the
router.
• Folder Name. The full path of the network folder.
• Volume Name. The volume name from the storage device.
• Total Space and Free Space. The current utilization of the storage device.
Add a network folder on a USB storage

device
You can add network folders on a USB storage device connected to a router USB port.
To add a network folder:
router network.



5. In the Available Network Folders section, select the USB storage device.
If a single device is attached to the USB port, the radio button is selected
automatically.
6. Click the Create Network Folder button.

The Add Folder window opens.
If this window does not open, your web browser might be blocking pop-ups. If it is,
change the browser settings to allow pop-ups.
7. From the USB Device menu, select the USB drive.
Note: We recommend that you do not attach more than one drive to one USB port
(for example, through a USB hub).
8. Click the Browse button and in the Folder field, select the folder.
9. In the Share Name field, type the name of the share.
10. From the Read Access menu and the Write Access menu, select the settings that
you want.
All–no password (the default) allows all users to access the network folder. The other
option is that only the admin user is allowed access to the network folder. The
password for admin is the same one that you use to log in to the router.

The folder is added on the USB storage device.
12. Click the Close Window button.

The window closes.
Edit a network folder on a USB storage

device
You can edit network folders on a USB storage devices connected to a router USB port.
To edit a network folder:
router network.



5. In the Available Network Folders section, select the USB storage device.
The Edit Network Folder window opens.
7. Change the settings in the fields as needed.

Safely remove a USB storage device

Before you physically disconnect a USB storage device from the router USB port, log
in to the router and take the USB storage device offline.
To remove a USB storage device safely:
router network.


5. In the Available Network Folders sections, select the USB storage device.
6. Click the Safely Remove USB Device button.
This takes the device offline.
7. Physically disconnect the USB storage device.

9
Use Dynamic DNS to Access USB
Storage Devices Through the
Internet
With Dynamic DNS, you can use the Internet to access a USB device that's connected
to a USB port on the router when you’re not home.
• Set up and manage Dynamic DNS
• Your personal FTP server
• Set up HTTPS access through the Internet
• Access USB storage devices through the Internet
121
Set up and manage Dynamic DNS

Internet service providers (ISPs) assign numbers called IP addresses to identify each
Internet account. Most ISPs use dynamically assigned IP addresses. This means that the
IP address can change at any time. You can use the IP address to access your network
remotely, but most people don’t know what their IP addresses are or when this number
changes.
To make it easier to connect, you can get a free account with a Dynamic DNS service
that lets you use a domain name to access your home network. To use this account, you
must set up the router to use Dynamic DNS. Then the router notifies the Dynamic DNS
service provider whenever its IP address changes. When you access your Dynamic DNS
account, the service finds the current IP address of your home network and automatically
connects you.
If your ISP assigns a private WAN IP address (such as 192.168.x.x or 10.x.x.x), the Dynamic
DNS service does not work because private addresses are not routed on the Internet.
Set up a new Dynamic DNS account

To set up Dynamic DNS and register for a free NETGEAR account:
router network.

4. Select ADVANCED > Advanced Setup > Dynamic DNS.

The Dynamic DNS page displays.
5. Select the Use a Dynamic DNS Service check box.
6. From the Service Provider menu, select NETGEAR.
You can select another service provider.
7. Select the No radio button.

8. In the Host Name field, type the name that you want to use for your URL.
Use Dynamic DNS to Access USB 122 User Manual

Internet
The host name is sometimes called the domain name. Your free URL includes the
host name that you specify and ends with mynetgear.com. For example, specify
MyName.mynetgear.com.
9. In the Email field, type the email address for your account.
10. In the Password (6-32 characters) field, type the password for your account.
11. Click the Register button.
12. Follow the onscreen instructions to register for your NETGEAR Dynamic DNS service.
Specify a DNS account that you already created

If you already created a Dynamic DNS account with NETGEAR, No-IP, or DynDNS, you
can set up the router to use your account.
To set up Dynamic DNS if you already created an account:
router network.


5. Select the Use a Dynamic DNS Service check box.
6. From the Service Provider menu, select your provider.
7. Select the Yes radio button.
The page adjusts and displays the Show Status, Cancel, and Apply buttons.
8. In the Host Name field, type the host name (sometimes called the domain name)
for your account.
9. Depending on the type of service, specify either the user name or the email address:
• No-IP account or DynDNS account. In the User Name field, type the user name
for your account.
• NETGEAR account. In the Email field, type the email address for your account.

Internet
10. In the Password (6-32 characters) field, type the password for your DDNS account.
12. To verify that your Dynamic DNS service is enabled in the router, click the Show
Status button.
A message displays the Dynamic DNS status.
Change the Dynamic DNS settings

You can change the settings for your Dynamic DNS account.
To change your settings:
router network.


5. Change your DDNS account settings as necessary.

Your personal FTP server

With your customized free URL, you can use FTP to access your network when you aren’t
home through Dynamic DNS. To set up your FTP server, you must register for a NETGEAR
Dynamic DNS (DDNS) service account and specify the account settings. See Set up a
new Dynamic DNS account on page 122.
Note: The router supports only basic DDNS, and the login and password might not be
secure. You can use DDNS with a VPN tunnel for a secure connection.

Internet
Set up your personal FTP server

To set up your personal account and use FTP:
1. Get your NETGEAR Dynamic DNS domain name.
For more information, see Set up a new Dynamic DNS account on page 122.
2. Make sure that your Internet connection is working.

Your router must use a direct Internet connection. It cannot connect to a different
router to access the Internet.
3. Connect a storage device to the router.

router.
When you connect the USB storage device to the router USB port, it might take up
to two minutes before it is ready for sharing. By default, the USB storage device is
5. Set up FTP access in the router.

See Set up FTP access through the Internet on page 125.
6. On a remote computer with Internet access, you can use FTP to access your router
using ftp://yourname.mynetgear.com.
Set up FTP access through the Internet

To set up FTP access through the Internet:
router network.


5. Select the FTP (via Internet) check box.

Internet
The default port is number 21. Password protection is enabled by default. We

recommend that you keep password protection enabled.

The link that lets you access the device over the Internet is
ftp://public-ip-address/shares. In this link, public-ip-address represents one of the
following:
• The IP address that is assigned to the router’s Internet port. You can view this IP
address on the ADVANCED Home page.
• If you set up a DDNS account, the router’s DNS name, for example,
yourname.mynetgear.com.
7. To limit read and write access of a device to the admin user, select a device in the
Available Network Folder's section.
If only one device is connected, it is automatically selected.
The Edit page displays.
9. From the Read Access menu, select admin.

10. From the Write Access menu, select admin.
Set up HTTPS access through the Internet

To set up HTTPS access through the Internet:
router network.


Internet
5. Select the HTTPS (via Internet) check box.

The default port is number 443. Password protection is enabled by default. We
recommend that you keep password protection enabled.

https://public-ip-address/shares. In this link, public-ip-address represents one of the
following:
7. To limit read and write access of a device to the admin user, select a device in the
Available Network Folder's section.
If only one device is connected, it is automatically selected.
The Edit page displays.
9. From the Read Access menu, select admin.

10. From the Write Access menu, select admin.
Access USB storage devices through the

Internet
You can access USB storage devices through the Internet when you’re not home.
To access devices from a remote computer:
1. Launch a web browser on a computer that is not on your home network.
2. Connect to your home router:

Internet
https://public-ip-address/shares. In this link, public-ip-address represents one of the
following:
For information about using Dynamic DNS, see Set up and manage Dynamic
DNS on page 122.
3. If password protection is enabled (which it is by default), type your admin password.

You can now access your storage devices.

Internet
10
Use OpenVPN to Access Your
Network
You can use OpenVPN software to remotely access your router with virtual private
networking (VPN). This chapter explains how to install and use OpenVPN software to
set up a VPN tunnel.
• About VPN connections
• Enable OpenVPN service in the router
• Install OpenVPN software on a VPN client
• LAN IP addressing in VPN networks
• Use VPN to access your Internet service at home
• Use VPN to remotely access a USB storage device attached to the router
129
About VPN connections

A virtual private network (VPN) lets you use the Internet to securely access your network
when you aren’t home.
This type of VPN access is called a client-to-gateway tunnel. The computer is the client,
and the router is the gateway. To use the VPN feature, you must do the following:
• Log in to the router to enable and configure OpenVPN (see Enable OpenVPN service
in the router on page 131).
• Install OpenVPN client software and configuration files on your device from which
you want to use VPN (see Install OpenVPN software on a VPN client on page 132).
• Run the OpenVPN client software on your device when you want to use a VPN
connection.
Enabling OpenVPN on your router allows VPN connections between the router and a
client, for example your laptop when you are away from home. The router provides the
VPN service and the laptop is the VPN client. Traffic between the router and the laptop
is encrypted.
Note: The router itself does not function as a VPN client to an external VPN service
provider, so it does not encrypt traffic passing between your home network and the
Internet.
VPN can use either Dynamic DNS (DDNS) or a static IP address to connect with your
router:
• To use a DDNS service, register for a DDNS account with a host name. You use the
host name to access your network. The router supports these DDNS accounts:
NETGEAR, No-IP, and Dyn. For more information, see Set up and manage Dynamic
DNS on page 122.
• If your Internet service provider (ISP) assigned a static WAN IP address that never
changes, the VPN can use that IP address to connect to your home network.
Use OpenVPN to Access Your 130 User Manual

Network
Enable OpenVPN service in the router

You must enable the OpenVPN service settings in the router before you can use a VPN
connection.
To enable OpenVPN service:
router network.

4. Select ADVANCED > Advanced Setup > VPN Service.

The VPN page displays.
Note: The OpenVPN configuration software packages that you can download on
the page are for the VPN client devices (see Install OpenVPN software on a VPN
client on page 132).
5. Select the Enable VPN Service check box.

We recommend that you use the default TUN mode and TAP mode settings. (These
settings determine how VPN information is transferred.) If you know that you need
other settings, you can change the TUN mode and TAP mode settings, but you must
do so before you download and install the OpenVPN configuration software packages
on client devices (see Install OpenVPN software on a VPN client on page 132).
6. To change the TUN mode settings, do the following:

• To change the TUN mode service type, select the UDP or TCP radio button.
The default protocol for TUN mode is UDP.
• To change the TUN mode service port, type the port number that you want to
use in the field.
The default port number for TUN mode is 12973. The TUN port number is used
in the .ovpn file of the OpenVPN configuration software package for Mac and
non-Windows clients.

Network
7. To change the TAP mode settings, do the following:

• To change the TAP mode service type, select the UDP or TCP radio button.
The default protocol for TAP mode is UDP.
• To change the TAP mode service port, type the port number that you want to
use in the field.
The default port number for TAP mode is 12974. The TAP port number is used
in the .ovpn file of the OpenVPN configuration software package for Windows
clients.

Your changes are saved. VPN is enabled in the router, but you must install and set
up OpenVPN software on your device before you can use a VPN connection.
Install OpenVPN software on a VPN client

You must install OpenVPN software on each Windows-based computer, Mac computer,
iOS device, and Android device that you plan to use for VPN connections to your router.
Each computer or device is called a VPN client.
The software consists of the application software and the configuration files:
• Download and install the application software from the link that is provided in each
client-specific section.
• Download and install the configuration files from the router as described in each
client-specific section. The configuration files provide the correct router configuration
information for the client utility. You must download the configuration files after you
enable and configure OpenVPN service in the router (see Enable OpenVPN service
in the router on page 131).
Note: If you later change the OpenVPN configuration in the router (for example,
you change the TUN or TAP port number), you must download and install the .ovpn
configuration file again on each client, depending on its operating system. If you
change the TUN port number in the router, the .ovpn configuration file for Mac and
non-Windows clients changes. If you change the TAP port number in the router, the
.ovpn configuration file for Windows clients changes.
Install OpenVPN software on a Windows-based computer

You must install both the OpenVPN client utility and OpenVPN configuration files on
each Windows-based computer where you want to use a VPN connection to your router.

Network
To download and install the OpenVPN client utility and OpenVPN configuration
files on a Windows-based computer:
1. To download the OpenVPN client utility on your Windows-based computer, visit
openvpn.net/community-downloads/.
2. Select the Windows package with the installer files.
In most situations, you can download the Windows 32-bit or Windows 64-bit installer
files, depending on your Windows operating system.
3. Download and install the OpenVPN client utility on your computer.

You need to have administrative privileges.
4. Launch a web browser from the computer, which must be connected to the router
network.


The VPN Service page displays.
8. Make sure that the Enable VPN Service check box is selected.
For more information about the VPN configuration for the router, see Enable
OpenVPN service in the router on page 131.
9. Click the For Windows button to download the router’s OpenVPN configuration
files to your Windows-based computer.
10. Unzip the OpenVPN configuration files and copy them to the folder in which you
installed the OpenVPN client utility.
11. Modify the VPN interface name to NETGEAR-VPN:
a. If your computer is running Windows 10, select Control Panel > Network and
Sharing Center > Change adapter settings.
If your computer is running another Windows version, find the page that lets you
change the adapter settings.
b. In the local area connection list, find the local area connection with the device
name TAP-Windows Adapter.

Network
c. Select the local area connection and change its name (not its device name) to
NETGEAR-VPN.
If you do not change the VPN interface name, the VPN tunnel connection will fail.
You can now open a VPN tunnel to the router.

For more information about installing and using OpenVPN on your Windows-based
computer, visit https://openvpn.net/community-resources/how-to/#quick.
Install OpenVPN software on a Mac computer

You must install both the Tunnelblick OpenVPN client utility and OpenVPN configuration
files on each Mac computer where you want to use a VPN connection to your router.
To download and install the Tunnelblick OpenVPN client utility and OpenVPN
configuration files on a Mac computer:
1. To download the Tunnelblick OpenVPN client utility on your Mac computer, visit
https://tunnelblick.net/downloads.html.
2. Download and install the Tunnelblick OpenVPN client utility on your Mac computer.
You need to have administrative privileges.
3. Launch a web browser from the Mac computer, which must be connected to the
router network.


8. Click the For non-Windows button to download the router’s OpenVPN configuration
files to your Mac computer.
9. Unzip the OpenVPN configuration files and copy them to the folder in which you
installed the Tunnelblick OpenVPN client utility.

Network

For more information about installing and using OpenVPN on your Mac computer, visit
https://openvpn.net/vpn-server-resources/installation-guide-for-openvpn-connect-client-on-macos/.
Install OpenVPN software on an iOS device

You must install both the OpenVPN Connect app and OpenVPN configuration files on
each iOS device where you want to use a VPN connection to your router.
To download and install the OpenVPN Connect app and OpenVPN configuration
files on an iOS device:
1. On your iOS device, download and install the OpenVPN Connect app from the Apple
app store.
2. Launch a web browser from a computer or your iOS device that is connected to the
router network.


7. Click the For Smart Phone button to download the router’s OpenVPN configuration
files to your computer or iOS device.
If you download the configuration files to your computer, unzip the files, and send
them your iOS device.
8. On your iOS device, do the following:

a. Open the .ovpn file.
b. If the OpenVPN Connect app does not start automatically, a list of apps might
display: Select the OpenVPN Connect app.
c. Install the .ovpn file.

Network

For more information about installing and using OpenVPN on your iOS device, visit
https://www.vpngate.net/en/howto_openvpn.aspx#ios.
Install OpenVPN software on an Android device

You must install both the OpenVPN Connect app and OpenVPN configuration files on
each Android device where you want to use a VPN connection to your router.
To download and install the OpenVPN Connect app and OpenVPN configuration
files on an Android device:
1. On your Android device, download and install the OpenVPN Connect app from the
Google Play Store.
2. Launch a web browser from a computer or your Android device that is connected
to the router network.


7. Click the For Smart Phone button to download the router’s OpenVPN configuration
files to your computer or Android device.
If you download the configuration files to your computer, unzip the files, and send
them your Android device.
8. On your Android device, open the .ovpn file and import it into the OpenVPN Connect
app.

For more information about using OpenVPN on your Android device, visit
https://www.vpngate.net/en/howto_openvpn.aspx#android.

Network
LAN IP addressing in VPN networks

For the VPN connection to work, your computer or device (the VPN client) must be
connected to a network that uses a different LAN IP address scheme than your router.
The default LAN IP address scheme for the router is 192.168.1.x. (The most common IP
schemes are 192.168.x.x, 172.x.x.x, and 10.x.x.x.) If you experience a conflict, change
the IP scheme either for your home network or for the network where your VPN client
If both networks use the same LAN IP scheme, when the VPN tunnel is established, you
cannot access your home router or your home network with the OpenVPN software.
For information about changing the LAN settings on the router, see Change the LAN
TCP/IP settings on page 58.
Use VPN to access your Internet service at

home
When you’re away from home and you access the Internet, you usually use a local Internet
service provider. For example, at a coffee shop you might be given a code that lets you
use the coffee shop’s Internet service account to surf the web.
Your router lets you use a VPN connection to access your own Internet service when
you’re away from home. You might want to do this if you travel to a geographic location
that doesn’t support all the Internet services that you use at home. For example, your
Netflix account might work at home but not in a different country.
Allow VPN client Internet access in the router

By default, the router is set up to allow VPN connections only to your home network,
but you can change the settings to allow Internet access. Accessing the Internet remotely
through a VPN might be slower than accessing the Internet directly.
To allow VPN clients to use your home Internet service:
router network.

Network

6. Scroll down to the Clients will use this VPN connection to access section, and select
the All sites on the Internet & Home Network radio button.
When you access the Internet with the VPN connection, instead of using a local
Internet service, you use the Internet service from your home network.

Block VPN client Internet access in the router

By default, the router is set up to allow VPN connections only to your home network,
not to the Internet service for your home network. If you changed this setting to allow
Internet access, you can change it back.
To allow VPN clients to access only your home network and block them from using
the Internet service for your home network:
router network.



Network
6. Scroll down to the Clients will use this VPN connection to access section, and select
the Home Network only radio button.
This is the default setting. The VPN connection is only to your home network, not to
the Internet service for your home network.

Use VPN to remotely access a USB storage

device attached to the router
If you attach a USB storage device to a USB port on your router, after you make a VPN
connection from a remote VPN client device to your home router, you can access the
USB storage device. Because the router supports ReadySHARE, the USB storage device
might display as a ReadySHARE network device on your home router’s local LAN.
Note: On the remote VPN client, your home router might display as the remote router.

Network
11
Manage Port Forwarding and Port
Triggering
You can use port forwarding and port triggering to set up rules for Internet traffic. You
need networking knowledge to set up these features.
• Manage port forwarding to a local server
• Port triggering
140
Manage port forwarding to a local server

If your home network includes a server, you can allow certain types of incoming traffic
to reach the server. For example, you might want to make a local web server, FTP server,
or game server visible and available to the Internet.
The router can forward incoming traffic with specific protocols to computers on your
local network.You can specify the servers for applications and you can also specify a
default DMZ server to which the router forwards all other incoming protocols.
Set up port forwarding to a local server

To forward specific incoming protocols:
1. Decide which type of service, application, or game you want to provide.
2. Find the local IP address of the computer on your network that will provide the
service.
The server computer must always use the same IP address.
3. Assign the server computer a reserved IP address.

See Manage reserved LAN IP addresses on page 62.
router network.

7. Select ADVANCED > Advanced Setup > Port Forwarding/Port Triggering.

The Port Forwarding / Port Triggering page displays.
8. Leave the Port Forwarding radio button selected as the service type.
9. From the Service Name menu, select the service name.
If the service that you want to add is not in the menu, create a custom service. See
Add a custom port forwarding service on page 142.
10. In the Server IP Address field, enter the IP address of the computer that will provide
the service.
Manage Port Forwarding and 141 User Manual

Port Triggering

The service displays in the menu.
Add a custom port forwarding service

The router lists default services and applications that you can use in port forwarding
rules. If the service or application is not predefined, you can add a port forwarding rule
with a custom service or application.
To add a custom service:
1. Find out which port number or range of numbers the application uses.
You can usually find this information by contacting the publisher of the application
or user groups or news groups.
router network.


7. Click the Add Custom Service button.
The Ports - Custom Service page displays.
8. In the Service Name field, enter a descriptive name.
9. From the Protocol menu, select the protocol.
If you are unsure, select TCP/UDP.
10. In the External port range field enter the port range.
11. Specify the internal ports by one of these methods:
• Leave the Use the same port range for Internal port check box selected.
• Type the port numbers in the Internal Starting Port field and the Internal Ending
Port field.

Port Triggering
You can enter a port range and fixed ports in one rule, for example, external (30–50,
78, 100–102), internal (40–60, 99, 200–202). With this rule, external ports 30–50 are
forwarded to internal ports 40–60.
12. In the Internal IP address field, type the IP address or select the radio button for an
attached device listed in the table.
The service is now in the list on the Port Forwarding/Port Triggering page.
Edit a port forwarding service

To edit a port forwarding entry:
router network.


6. In the table, select the radio button next to the service name.
7. Click the Edit Service button.
The Ports - Custom Services page displays.
8. Change the settings as needed.


Port Triggering
Delete a port forwarding entry

To delete a port forwarding entry:
router network.


5. Leave the Port Forwarding radio button selected.

6. In the table, select the radio button next to the service name.
7. Click the Delete Service button.
The service is deleted.
Application example: Make a local web server public

If you host a web server on your local network, you can use port forwarding to allow
web requests from anyone on the Internet to reach your web server.
To make a local web server public:
1. Assign your web server either a fixed IP address or a dynamic IP address using DHCP
address reservation.
In this example, your router always gives your web server an IP address of
192.168.1.33.
2. On the Port Forwarding/Port Triggering page, configure the router to forward the
HTTP service to the local address of your web server at 192.168.1.33.
HTTP (port 80) is the standard protocol for web servers.
3. (Optional) Register a host name with a Dynamic DNS service and specify that name
on the Dynamic DNS page of the router.
Dynamic DNS makes it much easier to access a server from the Internet because you
can type the name in the Internet browser. Otherwise, you must know the IP address
that the ISP assigned, which typically changes.

Port Triggering
How the router implements the port forwarding rule

The following sequence shows the effects of a port forwarding rule:
1. When you type the URL www.example.com in your browser, the browser sends a
web page request message with the following destination information:
• Destination address. The IP address of www.example.com, which is the address
of your router.
• Destination port number. 80, which is the standard port number for a web server
process.
2. Your router receives the message and finds your port forwarding rule for incoming
port 80 traffic.
3. The router changes the destination in the message to IP address 192.168.1.33 and
sends the message to that computer.
4. Your web server at IP address 192.168.1.33 receives the request and sends a reply
message to your router.
5. Your router performs Network Address Translation (NAT) on the source IP address
and sends the reply through the Internet to the computer or WiFi device that sent
the web page request.
Port triggering
Port triggering is a dynamic extension of port forwarding that is useful in these cases:
• An application must use port forwarding to more than one local computer (but not
simultaneously).
• An application must open incoming ports that are different from the outgoing port.
With port triggering, the router monitors traffic to the Internet from an outbound “trigger”
port that you specify. For outbound traffic from that port, the router saves the IP address
of the computer that sent the traffic. The router temporarily opens the incoming port
or ports that you specify in your rule and forwards that incoming traffic to that destination.
Port forwarding creates a static mapping of a port number or range of ports to a single
local computer. Port triggering can dynamically open ports to any computer when
needed and close the ports when they are no longer needed.
Note: If you use applications such as multiplayer gaming, peer-to-peer connections,

real-time communications such as instant messaging, or remote assistance, enable
Universal Plug and Play (UPnP).

Port Triggering
Add a port triggering service

To add a port triggering service:
router network.


5. Select the Port Triggering radio button.

The page adjusts.
6. Click the Add Service button.
The Port Triggering - Services page displays.
7. In the Service Name field, type a descriptive service name.

8. From the Service User menu, select a user option:
• Any: This is the default setting and allows any computer on the Internet to use
this service.
• Single address: Restricts the service to a particular computer. Enter the IP address
in the fields, which become available with this selection from the menu.
9. From the Service Type menu, select the protocol (TCP or UDP) that is associated
with the service or application.
10. In the Triggering Port field, enter the number of the outbound traffic port that must
open the inbound ports.
11. From the Connection Type menu, select the protocol (TCP or UDP) that is associated
with the inbound connection.
If you are unsure, select TCP/UDP.
12. In the Starting Port and Ending Port fields, enter the enter the numbers of the
inbound traffic ports.

Port Triggering
The service is now in the Portmap Table. You must enable port triggering before
the router uses port triggering. See Enable port triggering on page 147.
Enable port triggering

To enable port triggering:
router network.


The Port Forwarding/Port Triggering page displays.
5. Select the Port Triggering radio button.

The page adjusts.
6. Clear the Disable Port Triggering check box.

If this check box is selected, the router does not use port triggering even if you
specified port triggering settings.
7. In the Port Triggering Timeout field, enter a value up to 9999 minutes.

This value controls how long the inbound ports stay open when the router detects
no activity. This value is required because the router cannot detect when the
application terminates.

Application example: Port triggering for Internet relay chat

Some application servers, such as FTP and IRC servers, send replies to multiple port
numbers. Using port triggering, you can tell the router to open more incoming ports
when a particular outgoing port starts a session.
An example is Internet Relay Chat (IRC). Your computer connects to an IRC server at
destination port 6667. The IRC server not only responds to your originating source port

Port Triggering
but also sends an “identify” message to your computer on port 113. Using port triggering,
you can tell the router, “When you initiate a session with destination port 6667, you must
also allow incoming traffic on port 113 to reach the originating computer.” The following
sequence shows the effects of this port triggering rule:
1. You open an IRC client program to start a chat session on your computer.
2. Your IRC client composes a request message to an IRC server using a destination
port number of 6667, the standard port number for an IRC server process. Your
computer then sends this request message to your router.
3. Your router creates an entry in its internal session table describing this communication
session between your computer and the IRC server. Your router stores the original
information, performs Network Address Translation (NAT) on the source address
and port, and sends this request message through the Internet to the IRC server.
4. Noting your port triggering rule and observing the destination port number of 6667,
your router creates another session entry to send any incoming port 113 traffic to
your computer.
5. The IRC server sends a return message to your router using the NAT-assigned source
port (for example, port 33333) as the destination port and sends an “identify” message
to your router with destination port 113.
6. When your router receives the incoming message to destination port 33333, it checks
its session table to see if a session is active for port number 33333. Finding an active
session, the router restores the original address information replaced by NAT and
sends this reply message to your computer.
7. When your router receives the incoming message to destination port 113, it checks
its session table and finds an active session for port 113 associated with your
computer. The router replaces the message’s destination IP address with your
computer’s IP address and forwards the message to your computer.
8. When you finish your chat session, your router eventually senses a period of inactivity
in the communications. The router then removes the session information from its
session table and incoming traffic is no longer accepted on port numbers 33333 or
113.

Port Triggering
12
Troubleshooting
This chapter provides information to help you diagnose and solve problems you might
experience with your router. If you do not find the solution here, check the NETGEAR
support site at netgear.com/support for product and contact information.
• Quick tips
• Troubleshoot with the LEDs
• You cannot log in to the router
• You cannot access the Internet
• Troubleshoot Internet browsing
• Changes are not saved
• Troubleshoot WiFi connectivity
• Troubleshoot your network using the ping utility
149
Quick tips
This section describes tips for troubleshooting some common problems.
Sequence to restart your network

If you must restart your network, follow this sequence:
1. Turn off and unplug the modem.
2. Turn off the router.
3. Plug in the modem and turn it on. Wait two minutes.
4. Turn on the router and wait two minutes.
Check the power adapter and Ethernet cable connections

If the router does not start, make sure that the power adapter cable is securely plugged
in.
If the Internet connection or LAN connections do not function, make sure that the
Ethernet cables are securely plugged in. The Internet LED on the router is lit if the
Ethernet cable connecting the router and the modem is plugged in securely and the
modem and router are turned on. If one or more powered-on computers are connected
to the router by an Ethernet cable, the corresponding numbered router LAN port LEDs
light.
Check the WiFi settings

Make sure that the WiFi settings on the WiFi-enabled computer or mobile device and
the router match exactly. The WiFi network name (SSID) and WiFi security settings of
the router and the computer or mobile device must match exactly. WiFi passwords are
case sensitive.
If you set up an access control list, you must add the MAC address of each computer
and mobile device to the router’s access control list.
Check the network settings

If your computer or mobile device cannot connect to the router, make sure that the
network settings of the computer or mobile device are correct. Computers and mobile
devices must use network IP addresses on the same network as the router. By default,
almost all computers and mobile devices are set up to obtain an IP address automatically
using DHCP.
Troubleshooting 150 User Manual

Some Internet service providers require you to use the MAC address of the computer
initially registered on the account, but this is an unusual situation. You can view the MAC
address on the Attached Devices page of the router web interface.
Troubleshoot with the LEDs

By default, the router uses standard LED settings.
Standard LED behavior when the router is powered on

After you turn on power to the router, verify that the following sequence of events occurs:
1. When power is first applied, verify that the Power LED is lit.
2. After about two minutes, verify the following:
• The Power LED is lit.
• The Internet LED is lit.
• The WiFi LED is lit (unless you turned off the WiFi radio).
You can use the LEDs on the front panel of the router for troubleshooting.
LEDs never turn off

When the router is turned on, the LEDs light for about 10 seconds and then turn off. If
all the LEDs stay on, this indicates a fault within the router.
If all LEDs are still lit one minute after power-up, do the following:
• Cycle the power to see if the router recovers.

• Press and hold the Reset button to return the router to its factory settings.
If the error persists, a hardware problem might be the cause. Contact Technical Support

Power LED is off or blinking

This could occur for a number of reasons. Check the following:
• Make sure that the power adapter is securely connected to your router and securely
connected to a working power outlet.
• Make sure that you are using the power adapter that NETGEAR supplied for this
product.
• If the Power LED blinks slowly and continuously, the router firmware is corrupted.
This can happen if a firmware update is interrupted, or if the router detects a problem
with the firmware. If the error persists, it is likely that a hardware problem exists. For
recovery instructions, or help with a hardware problem, contact Technical Support
Internet or Ethernet LAN port LEDs are off

If the Internet LED or Ethernet LAN port LEDs do not light when an Ethernet connection
is made, check the following:
• Make sure that the Ethernet cable connections are secure at the router and at the
modem or computer.
• Make sure that power is turned on to the connected modem or computer.
• Be sure that you are using the correct cable.
When you connect the router’s Internet port to a modem, use the cable that was supplied
with the modem. This cable can be a standard straight-through Ethernet cable or an
Ethernet crossover cable.
WiFi LED is off

If the WiFi LED stays off, check to see if someone pressed the WiFi On/Off button on
the router. This button turns the WiFi radios in the router on and off. If someone disabled
the WiFi radios by using the router web interface, the WiFi LED also stays off. The WiFi
LED is lit when the WiFi radios are turned on.

You cannot log in to the router

If you are unable to log in to the router from a computer or mobile device on your local
network, check the following:
• If you are using an Ethernet-connected computer, check the cable connection

between the computer and the router.
• If you are using a WiFi-enabled computer or mobile device, check the WiFi connection
between the computer or mobile device and the router.
• Make sure that you are using the correct login information. The user name is admin.
The password is the one that you specified the first time that you logged in. (The
default password is password.) The user name and password are case-sensitive.
Make sure that Caps Lock is off when you enter this information.
• Try quitting the browser and launching it again.
• Make sure that Java, JavaScript, or ActiveX is enabled in your browser. If you are
using Internet Explorer, click the Refresh button to be sure that the Java applet is
loaded.
• Make sure that the IP address of your computer or mobile device is in the same
subnet as the router. If you are using the recommended addressing scheme, the IP
address of your computer or mobile device is in the range of 192.168.1.2 to
192.168.1.254.
• If the IP address of your computer or mobile device is shown as 169.254.x.x, the
computer or mobile device could not reach the router’s DHCP server and the
Windows or Mac operating system generated and assigned an IP address. Such an
autogenerated IP address is in the range of 169.254.x.x. If your IP address is in this
range, check the connection from the computer or mobile device to the router, and
reboot your computer or mobile device.
• If your router’s IP address was changed and you do not know the current IP address,
clear the router’s configuration to factory defaults. This sets the router’s IP address
to 192.168.1.1.
Note: If the router is in access point mode and you do not know the IP address that
is assigned to it, first try to use an IP scanner application to detect the IP address. (IP
scanner applications are available online free of charge.) If you can detect the IP
address, you don’t need to reset the router to factory default settings.
• If you are attempting to set up your NETGEAR router as a replacement for an ADSL
gateway in your network, the router cannot perform many gateway services. For
example, the router cannot convert ADSL or cable data into Ethernet networking
information. NETGEAR does not support such a configuration.

You cannot access the Internet

If you can access your router but not the Internet, check to see if the router can obtain
a WAN IP address from your Internet service provider (ISP). Unless your ISP provides a
fixed IP address, your router requests an IP address from the ISP. You can determine
whether the request was successful using the router web interface.
To check the WAN IP address:
router network.
2. Select an external site such as https://www.netgear.com/.


6. Check to see that an IP address is shown for the Internet port. If 0.0.0.0 is shown,
your router did not obtain an IP address from your ISP.
If your router cannot obtain an IP address from the ISP, you might need to force your
modem to recognize your new router by restarting your network. For more information,
see Sequence to restart your network on page 150.
If your router is still unable to obtain an IP address from the ISP, the problem might be
one of the following:
• Your Internet service provider (ISP) might require a login program. Ask your ISP
whether they require PPP over Ethernet (PPPoE) or some other type of login.
• If your ISP requires a login, the login name and password might be set incorrectly.
• Your ISP might check for your computer’s host name. Assign the computer host
name of your ISP account as the account name on the Internet Setup page.
• If your ISP allows only one Ethernet MAC address to connect to Internet and checks
for your computer’s MAC address, do one of the following:
- Inform your ISP that you bought a new network device and ask them to use the
router’s MAC address.

- Configure your router to clone your computer’s MAC address.
If your router obtained an IP address, but your computer does not load any web pages
from the Internet, it might be for one or more of the following reasons:
• Your computer might not recognize any DNS server addresses.

Typically, your ISP provides the addresses of one or two DNS servers for your use.
If you entered a DNS address during the router’s configuration, reboot your computer,
and verify the DNS address. You can configure your computer manually with DNS
addresses, as explained in your operating system documentation.
• The router might not be configured as the TCP/IP gateway on your computer.
If your computer obtains its information from the router by DHCP, reboot the
computer and verify the gateway address.
• You might be running login software that is no longer needed.
If your ISP provided a program to log you in to the Internet, you no longer need to
run that software after installing your router.
Troubleshoot Internet browsing

If your router can obtain an IP address but your computer is unable to load any web
pages from the Internet, it might be for the following reasons:
• The traffic meter is enabled, and the limit was reached.

By configuring the traffic meter not to block Internet access when the traffic limit is
reached, you can resume Internet access. If your Internet service provider (ISP) sets
a usage limit, they might charge you for the overage.
• Your computer might not recognize any DNS server addresses. A DNS server is a
host on the Internet that translates Internet names (such as www addresses) to numeric
IP addresses.
Typically, your ISP provides the addresses of one or two DNS servers for your use.
If you entered a DNS address during the router’s configuration, restart your computer.
Alternatively, you can configure your computer manually with a DNS address, as
explained in the documentation for your computer.
• The router might not be configured as the default gateway on your computer.
Restart the computer and verify that the router address (www.routerlogin.net) is
listed by your computer as the default gateway address.

Changes are not saved

If the router does not save the changes that you make in the router web interface, do
the following:
• When entering configuration settings, always click the Apply button before moving
to another page or tab, or your changes are lost.
• Click the Refresh or Reload button in the web browser. It is possible that the changes
occurred, but the old settings might be in the web browser’s cache.
Troubleshoot WiFi connectivity

If you are experiencing trouble connecting over WiFi to the router, try to isolate the
problem:
• Does the WiFi device or computer that you are using find your WiFi network?
If not, check the WiFi LED on the router. If it is off, you can press the WiFi On/Off
button on the router to turn the router WiFi radios back on.
If you disabled the router’s SSID broadcast, then your WiFi network is hidden and
does not display in your WiFi client’s scanning list. (By default, SSID broadcast is
enabled.)
• Does your WiFi device support the security that you are using for your WiFi network
(WPA, WPA2, or WPA3)?
• If you want to view the WiFi settings for the router, use an Ethernet cable to connect
a computer to a LAN port on the router. Then log in to the router, and select
BASIC > Wireless.
Note: Be sure to click the Apply button if you change settings.
If your WiFi device finds your network but the signal strength is weak, check these
conditions:
• Is your router too far from your computer or too close? Place your computer near
the router but at least 6 feet (1.8 meters) away and see whether the signal strength
improves.
• Are objects between the router and your computer blocking the WiFi signal?

Troubleshoot your network using the ping

utility
Most network devices and routers contain a ping utility that sends an echo request
packet to the designated device. The device then responds with an echo reply. You can
easily troubleshoot a network using the ping utility in your computer or workstation.
Test the LAN path to your router

You can ping the router from your computer to verify that the LAN path to your router
is set up correctly.
To ping the router from a Windows-based computer:
1. From the Windows toolbar, click the Start button and select Run.
2. In the field provided, type ping followed by the IP address of the router, as in this
example:
ping www.routerlogin.net

You see a message like this one:
Pinging <IP address > with 32 bytes of data
If the path is working, you see this message:
Reply from < IP address >: bytes=32 time=NN ms TTL=xxx
If the path is not working, you see this message:
Request timed out
If the path is not functioning correctly, one of the following problems might be occurring:
• Wrong physical connections

For a wired connection, make sure that the numbered LAN port LED is lit for the port
to which you are connected.
Check to see that the appropriate LEDs are lit for your network devices. If your router
and computer are connected to a separate Ethernet switch, make sure that the link
LEDs are lit for the switch ports that are connected to your computer and router.
• Wrong network configuration
Verify that the Ethernet card driver software and TCP/IP software are both installed
and configured on your computer.
Verify that the IP address for your router and your computer are correct and that the
addresses are on the same subnet.

Test the path from a Windows-based computer to a remote

device
To test the path from a Windows-based computer to a remote device:
1. From the Windows toolbar, click the Start button and select Run.
2. In the Windows Run window, type
ping -n 10 <IP address>
where <IP address> is the IP address of a remote device such as your ISP DNS server.
If the path is functioning correctly, messages display that are similar to those shown
in Test the LAN path to your router on page 157.
3. If you do not receive replies, check the following:

• Check to see that IP address of your router is listed as the default gateway for
your computer. If DHCP assigns the IP configuration of your computers, this
information is not visible in your computer Network Control Panel. Verify that the
IP address of the router is listed as the default gateway.
• Check to see that the network address of your computer (the portion of the IP
address specified by the subnet mask) is different from the network address of
the remote device.
• Check to see that your cable or DSL modem is connected and functioning.
• If your ISP assigned a host name to your computer, enter that host name as the
account name on the Internet Setup page.
• Your ISP might be rejecting the Ethernet MAC addresses of all but one of your
computers.
Many broadband ISPs restrict access by allowing traffic only from the MAC address
of your broadband modem. Some ISPs additionally restrict access to the MAC address
of a single computer connected to that modem. If your ISP does this, configure your
router to “clone” or “spoof” the MAC address from the authorized computer.

A
Supplemental Information
This chapter includes technical information about your router.

The chapter covers the following topics:
• Factory settings
• Technical specifications
159
Factory settings
You can return the router to its factory settings. Use the end of a paper clip or a similar
object to press and hold the Reset button on the back of the router for at least seven
seconds. The router resets and returns to the factory configuration settings shown in
the following table.
Table 3. Factory default settings
Feature Default setting
Router login User login URL www.routerlogin.com or www.routerlogin.net
User name (case-sensitive) admin
Login password (case-sensitive) password
Internet WAN MAC address Use default hardware address

connection
WAN MTU size 1500
Local network LAN IP 192.168.1.1

(LAN)
Subnet mask 255.255.255.0
DHCP server Enabled
DHCP range 192.168.1.2 to 192.168.1.254
Time zone Pacific time
DHCP starting IP address 192.168.1.2
DHCP ending IP address 192.168.1.254
Time adjusted for daylight saving Disabled

time
SNMP Disabled
Wireless SSID name See router label
Security WPA2-PSK (AES)
Broadcast SSID Enabled
Transmission speed Auto1
Country/region United States in the US; otherwise, varies by region
Supplemental Information 160 User Manual

Table 3. Factory default settings (Continued)
Feature Default setting
RF channel Auto for 2.4 GHz, CH 44 for WW SKU, and CH 153 for
North America SKU
Operating mode Up to 600 Mbps at 2.4 GHz

Up to 3600 Gbps at 5 GHz
1
Maximum wireless signal rate derived from IEEE Standard 802.11 specifications. Actual throughput can vary. Network
conditions and environmental factors, including volume of network traffic, building materials and construction, and
network overhead, lower actual data throughput rate.
Technical specifications
Table 4. Router specifications
Feature Description
Data and routing protocols TCP/IP, RIP-1, RIP-2, DHCP, PPPoE, PPTP, Bigpond, Dynamic DNS, UPnP, SMBv1,
SMBv2, and SMBv3
Power adapter North America: 100-120V, 50/60 Hz input

UK, Australia: 220V, 50/60 Hz, input
Europe: 220V, 50/60 Hz input
All regions (output): 12V/2.5A DC output
Dimensions 11.65 x 8.11 x 2.25 in (295.8 x 206 x 57.2 mm)
Weight 1.25 lbs (566 g)
Operating temperature 0° to 40°C (32º to 104ºF)
Operating humidity 90% maximum relative humidity, noncondensing
Electromagnetic emissions FCC Part 15 Class B

EN 55022 (CISPR 22), Class B C-Tick N10947
LAN RJ-45 compatible with 10BASE-T, 100BASE-T, and 1000BASE-T
WAN RJ-45 compatible with 10BASE-T, 100BASE-T, and 1000BASE-T
WiFi Maximum WiFi signal rate complies with the IEEE® 802.11 standard.2
• 2.4GHz AX: 2x2 (Tx/Rx) 1024/256-QAM 20/40MHz, up to 600 Mbps
• 5GHz AX: 3x3 (Tx/Rx) 1024-QAM 20/40/80/160MHz, up to 3603 Mbps
• Backwards compatible with 802.11a/b/g/n/ac WiFi

Table 4. Router specifications (Continued)
Feature Description
Radio data rates Auto Rate Sensing
Data encoding standards IEEE 802.11ax 2.4GHz 1024 QAM support

IEEE 802.11ax 5.0GHz 80 MHz 1024 QAM support
Maximum computers per Limited by the amount of WiFi network traffic generated by each node (typically
wireless network 50–70 nodes).
802.11 security WPA2-PSK and WPA/WPA2
2
Maximum wireless signal rate derived from IEEE 802.11 specifications. Actual data throughput and wireless coverage
will vary and may be lowered by network and environmental conditions, including network traffic volume and building
construction. NETGEAR makes no representations or warranties about this product’s compatibility with AX standards.

Rax41 Rax42 Rax43 Um en

Uploaded by

Copyright:

Available Formats

Rax41 Rax42 Rax43 Um en

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Rax41 Rax42 Rax43 Um en

Uploaded by

Copyright:

Available Formats

User Manual

Support and Community

Publication Part Publish Date Comments

Chapter 1 Hardware Setup

Set up an IPv6 PPPoE Internet connection..................................38

Set up a static route.......................................................................80

Erase the settings.........................................................................112

Chapter 11 Manage Port Forwarding and Port Triggering

This chapter contains the following sections:

Unpack your router

Figure 1. Package contents

Hardware Setup 9 User Manual

Top panel LEDs and buttons

Figure 2. Top view

The following table describes the LEDs and buttons.

Table 1. LED descriptions

LED and Button Description

Power LED • Solid white. The router is ready.

Internet LED • Solid white. The Internet connection is ready.

Hardware Setup 10 User Manual

Table 1. LED descriptions (Continued)

LED and Button Description

Hardware Setup 11 User Manual

Figure 3. Rear panel

The rear panel contains the following components:

Hardware Setup 12 User Manual

Figure 4. Router label

Attach and position the antennas

Figure 5. Attach and position the antennas

Hardware Setup 13 User Manual

Position your router

The following factors might limit the range of your WiFi:

Hardware Setup 14 User Manual

Wall-mount your router

Note: We recommend using M3 x 20 mm screws.

Figure 6. Bottom of the router

To wall-mount your router:

Hardware Setup 15 User Manual

Cable your router

Figure 7. Cable your router

To cable your router:

Hardware Setup 16 User Manual

Connect to the router network

Connect to the router using a wired connection

Connect to the router WiFi network

4. Enter the router network key (password).

Connect to the WiFi network using WPS

Connect to the Network and 18 User Manual

To use WPS to connect to the WiFi network:

Use a web browser to access the router

Automatic Internet setup

Connect to the Network and 19 User Manual

• The ISP configuration information for your DSL account

3. Launch a web browser.

4. Follow the onscreen instructions.

Connect to the Network and 20 User Manual

• Close and reopen the browser or clear the browser cache.

6. If the router does not connect to the Internet, do the following:

Log in to the router