Guide: Port Forwarding in NetGear Routers (Updated for 2024)

If you own a NetGear router and you’re experiencing network issues with a certain application or game, forwarding the used ports is an easy way to ensure that your PC is able to connect to the underlying server.

Although most applications and games no longer require you to manually forward ports, there are still some situations where you might need to do it to achieve a stable connection with a server outside your home network.

What is Port Forwarding

Nowadays, most people need to forward a specific port to host a web server or game server from a home network.

Port forwarding (aka port mapping), is the process that facilitates communications between remote networks and a local device that is connected to a local network (usually behind a series of switches or behind a router). When you forward a specific port, you will be able to direct traffic from your router directly to it without any type of interference.

Port forwarding is useful because it allows them to communicate with a server outside their local connection without being restricted by their ISP.

If we’re talking about consumer-grade routers from NetGear, there are three types of port forwarding that you can typically perform:

• • Local Port Forwarding – When you connect your local computer to certain legacy game servers or P2P server networks, local port forwarding is required. This is the only way your internet firewall will allow you to access prohibited websites or pages.

• • Remote Port Forwarding – If you need to connect your PC to a remote server or PC that’s outside of your home network, you will essentially be doing a remote port forwarding operation. For remote port forwarding, you must know the server’s external IP address as well as the port numbers. When you connect to a host company server remotely, this is considered remote port forwarding.
  • Dynamic Port Forwarding – When you connect your computer to a dependable server that acts as a single point of the network to receive or deliver data to multiple servers, this is considered a dynamic port forwarding operation. When linked to an unreliable network, dynamic port forwarding can provide additional security.

The 3 Main Ways to Forward a NetGear Router

If you need to open a specific port, there are 3 main ways to do it on most consumer-grade NetGear routers. But as you’ll see below, there’s one option that is very impractical and we recommend that you avoid:

• UPnP (Universal Plug and Play) – This is similar to port forwarding, but it does not require any intervention on your part You only need to enable UPnP in your router settings from your web browser. If you use UPnP, it’s good practice to utilize security firewalls since UPnP can expose you to untrustworthy networks.
• Port Forwarding – If you don’t want a certain request to be routed through the DMZ (Demilitarized Zone) and UPnP is disabled or not available on your NetGear router, you must use port forwarding. To do so, you must instruct your router on what to do with an incoming request. In layman’s terms, after you configure the router as explained above, it will receive a specific request and forward it to a specified device.
• DMZ (Demilitarized Zone) – A DMZ directs all incoming requests to a single device on your local network. In simple terms, if your Wi-Fi network doesn’t know what to do with an incoming request, it will redirect all traffic to a device in the DMZ. Think of it as your router’s waste disposal. In the absence of any port forwarding rules, it is very literally where all of your ports are forwarded to (or for any other port).Note: We’re advising against using the DMZ unless it’s the last resort because it opens all requests and might leave your network exposed to security threats. If your router requires it, enter an IP address that doesn’t exist on your local network (provided it isn’t already assigned to another device).

How to Forward Ports on a NetGear Router

The interface of every NetGear router released in the last 5 years is almost identical, so the instructions for forwarding ports are the same.

However, the instructions will be different depending on the route you choose to take.

For the fast and easy approach, enable Universal Plug and Play (UPnP) and this should allow your router to automatically forward the required ports without any type of manual intervention.

If your router does not support UPnP or you want to be 100% sure that a specific port is forwarded, going the manual route is the way to do it.

Important: Forwarding specific ports via your router’s DMZ should only be done under special circumstances where the first two options are not available. This option will open up all requests and will open up your network to a lot of security threats.

1. Forward Ports on NetGear Routers via UPnP

Generally, it’s a good idea to manually set up port forwarding on your NetGear router instead of enabling UPnP – especially if you only have one or a handful of ports that you need to open.

But if you’re doing a lot of gaming or you’re performing tasks that require your PC to access servers that are outside of your network, enabling UPnP is a hassle-free way of ensuring that the data exchange happens seamlessly.

Note: UPnP (Universal Plug and Play) is an industry-standard that allows devices on the same local network to discover and connect to each other using conventional networking protocols (such as TCP/IP, HTTP, and DHCP).

Among other things, UPnP can also adjust router settings to open ports into a firewall, allowing devices outside of a network to connect. This solution simplifies networking devices by automatically forwarding router ports to new devices, eliminating the need for manual forwarding.

But there’s a catch – A worm or malware software can take advantage of the UPnP protocol to breach your LAN’s security. We recommend that you manually configure port forwarding instead of enabling UPnP on your NetGear router if the task allows it and if you are not obliged to utilize dynamic port forwarding.

Most NetGear routers will have UPnP enabled by default for consumer grade, so chances are this option is already enabled if you’re using this router on your home network.

Here’s a quick guide on enabling and configuring UPnP on a NetGear router:

Note: The guide below applies to the following NetGear router models: R6700, R6700v2, R6900, R6900P, R7000, R7000P, R7500, R7500v2, R7800, R7850, R7900, R8000, RS400. If you’re using an older model, there’s a big chance UPnP is not supported.

1. Make sure your PC is connected to your home network via your NetGear router.
2. Open any browser, type the following address inside the navigation bar and press Enter:

   http://www.routerlogin.net

   Note: If you are not connected through a NetGear router, you will be redirected to the home page of NetGear.

3. At the login screen, insert your username and password. Keep in mind that both boxes are case-sensitive.

   

   Note: Unless you changed the default login credentials, here are the default values:

   User Name: admin
   Password: password

4. Once you see the home page of your NetGear router, click on the Advanced tab.

   

5. Next, navigate to Advanced Setup and click on UPnP.
6. From the dedicated UPnP page, ensure that the Turn UPnP box is enabled.

   

   Note: This box should be selected by default. Once you enable this box, your NetGear router will be allowed to automatically control router resources including the forwarding of ports when needed.

7. Now that you’ve ensured that UPnP is enabled, let’s get to the configuring part. You have the option to customize the advertisement period and the advertisement time. You’ll find a detailed explanation below as well as the ideal values:
   1. Advertisement period in minutes – The advertising period determines how frequently the router distributes UPnP information. This value might range between 1 and 1440 minutes. The timer is set to 30 minutes by default. At the risk of increased network traffic, shorter periods ensure that control points receive the current device status. Longer durations may affect device freshness but considerably reduce network traffic. We recommend keeping this value between 30 and 60 minutes.
   2. Advertisement time to live in hops – The advertisement’s time to live is measured in hops (steps) for each UPnP packet transmitted. A hop is the number of steps a packet takes between routers. The number of hops might range between 1 and 255. The advertisement time to live is set at 4 hops by default, which should be sufficient for most residential networks. If you observe that some devices are not being updated or reached correctly, this value may need to be increased. We recommend increasing this value incrementally with 1 for every additional connected device.
8. Once the UPnP feature is configured, click on the Apply button to save the changes.

   

   PRO TIP: You can take a look at the UPnP Portmap Table to get an overview of your UPnP-powered connection. You will see the IP address of each UPnP-enabled device that is accessing your router and you’ll be able to see which internal or external ports are in use. You can also distinguish between active and inactive ports.

2. Forward Ports on NetGear Routers Manually

If UPnP is not supported or you prefer the most secure approach, forwarding the required ports manually is the preferred way to go.

Note: This method is ideal if you need to forward incoming traffic with specific protocols. The most common use case where you should definitely forward ports manually is when you want to create a local web server, a game server, or an FTP server visible on the internet and allow remote connections to it.

The great thing about manually forwarding your ports in your NetGear router is that you get to set your own rules and allow or disallow certain types of connection.

Here’s a quick guide on how to forward specific ports on your NetGear router:

1. Make sure your PC is connected to your home network via your NetGear router.
2. Open any browser, type the following address inside the navigation bar and press Enter:

   http://www.routerlogin.net

   Note: If you are not connected through a NetGear router, you will be redirected to the home page of NetGear.

3. At the login screen, insert your username and password. Keep in mind that both boxes are case-sensitive.

   

   Note: Unless you changed the default login credentials, here are the default values:

   User Name: admin
   Password: password

4. Once you see the home page of your NetGear router, click on the Advanced tab.

   

5. From the Advanced menu, click on Advanced Setup, then access the Port Forwarding / Port Triggering sub-section.

   

6. Next, select the radio button associated with Port Forwarding.
7. Click on theAdd Custom service button.

   

8. From the next menu, type the name of the port you’re about to forward in the Service Name field.
   Note: Make sure you get the naming convention right for theService Namefield as things will get confusing if you need to add more and more ports to the forwarded list.
9. Next, select the protocol used by the port you are about to add.

   

   Note: If you’re not sure if the port is using TCP or UDP, select the TCP/UDP option.

10. Move to the External Starting Point field and enter the beginning port number considering the following scenarios:
    1. If you’re forwarding for single port applications – Enter the same port in both the External Starting Point and Ending Starting Point.
    2. If you’re forwarding a range of ports – Enter the ending port number of the range you’re adding in the External Ending Portfield.
11. Next, you’ll need to specify the internal ports using one of the following methods:
    1. Check theUse the same port range for internal portbox.
    2. Manually type the port numbers in the Internal Starting point and Internal Ending Port fields.

       

12. Once the internal ports are established, type in the IP address in theInternal IP addressfield and click on the appropriate radio button.
13. Finally, hit Apply to enforce the port forwarding rule.Note: If you establish several port forwarding rules, the order in which they show on the screen is important. Each inbound packet is compared to the top rule first, then the second-from-top rule, and so on until a rule that matches the packet characteristics is identified. This means that if the top rule transmits all packets to server A while a later rule forwards some packets to server B, all packets will be forwarded to server A while none will be forwarded to server B.

3. Forward Ports on NetGear Routers via DMZ

The only viable scenario where you should consider using a DMZ (demilitarized zone) to forward ports is if you use online games or video conferencing apps that are incompatible with Network Address Translation (NAT).

In rare circumstances, a single local computer can run the application correctly if its IP address is set as the default DMZ server. But this is generally only applicable with homebrew or legacy applications that are no longer maintained.

IMPORTANT: There are a lot of security risks associated with using a DMZ server. A computer selected as the default DMZ server loses much of the firewall’s protection and is vulnerable to the vast majority of network exploits that exist on the Internet. If the DMZ server machine is compromised, it can be used to target other computers on your network.

In scenarios where a DMZ server is not set, your NetGear router willidentify and discard incoming Internet traffic that is not a response to one of your local computers or a service that you configured on the Port Forwarding/Port Triggering page.

But when you set up a default DMZ, that traffic will be re-routed to one computer on your network.

If you want to set up a DMZ server and you understand the risks, follow the instructions below:

1. Make sure your PC is connected to your home network via your NetGear router.
2. Open any browser, type the following address inside the navigation bar and press Enter:

   http://www.routerlogin.net

   Note: If you are not connected through a NetGear router, you will be redirected to the home page of NetGear.

3. At the login screen, insert your username and password. Keep in mind that both boxes are case-sensitive.

   

   Note: Unless you changed the default login credentials, here are the default values:

   User Name: admin
   Password: password

4. Once you see the home page of your NetGear router, click on the Advanced tab.

   

5. Next, click on Setup, then click on WAN Setup to bring up the dedicated Wan Setup page.
6. From the next menu, enable the box associated with theDefault DMZ Serverand type in the IP address of the device that will serve as the DMZ server.

   

7. Click on Apply to save the changes.