#1  
Old June 26th, 2012, 10:35 AM
sethfeinberg sethfeinberg is offline
Junior Member
NETGEAR Newbie
 
Join Date: Jun 2012
Posts: 12
sethfeinberg is on a distinguished road
Default More than 20 Port Forwarding rules?

Is there anyway to bypass/extend the internal limit of only 20 port forwarding rules?
Reply With Quote
  #2  
Old June 26th, 2012, 12:44 PM
jmizoguchi jmizoguchi is offline
Banned
 
Join Date: Feb 2007
Location: Kentucky, USA
Posts: 0
jmizoguchi is an unknown quantity at this point
Default Re: More than 20 Port Forwarding rules?

memory on the router limits the issues.

there is much you can do about that .
Reply With Quote
  #3  
Old June 26th, 2012, 02:20 PM
sethfeinberg sethfeinberg is offline
Junior Member
NETGEAR Newbie
 
Join Date: Jun 2012
Posts: 12
sethfeinberg is on a distinguished road
Default Re: More than 20 Port Forwarding rules?

Did you mean there ISN'T much you can do about that? I'm not trying to be nitpicky, I just need more than 20 rules and was hoping someone had some tips for extending that, whether it be a custom firmware, a simple hack of the stock firmware, or better management of forwarding rules. Thanks for your reply!
Reply With Quote
  #4  
Old June 26th, 2012, 02:41 PM
jmizoguchi jmizoguchi is offline
Banned
 
Join Date: Feb 2007
Location: Kentucky, USA
Posts: 0
jmizoguchi is an unknown quantity at this point
Default Re: More than 20 Port Forwarding rules?

Check ddwrt firmware
Reply With Quote
  #5  
Old June 26th, 2012, 02:47 PM
sethfeinberg sethfeinberg is offline
Junior Member
NETGEAR Newbie
 
Join Date: Jun 2012
Posts: 12
sethfeinberg is on a distinguished road
Default Re: More than 20 Port Forwarding rules?

From my research, seems that most people with the WNDR3700 like the Gargoyle firmware if they choose to upgrade (seems most like the stock firmware most of all, me as well besides this darn 20 rule limit ) Any experience with that?

Thanks again for your responses!
Reply With Quote
  #6  
Old June 26th, 2012, 10:55 PM
Mars Mug's Avatar
Mars Mug Mars Mug is offline
Moderator
NETGEAR Fanatic
 
Join Date: Nov 2006
Location: Stevenage UK
Posts: 12,473
Mars Mug is on a distinguished road
Default Re: More than 20 Port Forwarding rules?

The limit of 20 rules isn’t so unusual, I have come across many routers with similar limits, some a little higher (30), some lower (10), and different brands such as Cisco / D-Link / Buffalo / Draytek. I have not seen a router with anything substantially larger (that works reliably) so if you find one please let me know. Even small business grade routers can have such a low number of rules.

I’m guessing now, but I expect that for each rule the router needs to allocate memory to handle the record of incoming connections, for example a port forward for a torrent application could have hundreds of simultaneous connections which the router needs to route to the correct LAN device in accordance with the forwarding rule. Multiply that by 20 and it could easily use up a substantial amount of RAM.

If 20 isn’t enough, then assuming that the forwards don’t relate to 20 individual LAN devices you could take steps to consolidate the rules. For example if two applications on one PC have configurable ports say VNC using port 5900 and Torrents using port 12345, then you could change the Torrent app to use 5901 and use a single port forward range rule for both. They don’t have to be continuous either, you could use say 5900 and 5905 with an appropriate range, the only drawback with that is that unused ports 5901 to 5904 will be forwarded (but not responded to). Forwarding rules can’t of course overlap.

If you really do need to forward lots of ports to a relatively small number of LAN devices, then maybe a VPN connection could help to reduce the need for many of the forwards, and this would be much more secure.
__________________
I don't work for Netgear.

My name is Andy.

Last edited by Mars Mug; June 26th, 2012 at 11:29 PM.
Reply With Quote
  #7  
Old June 27th, 2012, 06:48 AM
sethfeinberg sethfeinberg is offline
Junior Member
NETGEAR Newbie
 
Join Date: Jun 2012
Posts: 12
sethfeinberg is on a distinguished road
Default Re: More than 20 Port Forwarding rules?

@Mars Mug! Thanks so much for the reply! I actually was coming back to to this thread to update my progress when I read your post.

It seems so stupid now but I really thought that each separate service/web server needed its own dedicated rule. Since so many of my port forwarding rules were pointing to the NAS I just set up a 5000 port wide range that should cover them all and many more to come! Seems so noobish of me but hopefully documenting it here will help someone else avoid the same mistake.

That all being said, I would like to learn more about creating and using a VPN. Can you point me towards some palatable information on it? I know my Synology Nas allows it but I'd their documentation isn't that great and I'd like to understand the underlying theory before I dive in. thanks again!
Reply With Quote
  #8  
Old June 27th, 2012, 08:26 AM
jmizoguchi jmizoguchi is offline
Banned
 
Join Date: Feb 2007
Location: Kentucky, USA
Posts: 0
jmizoguchi is an unknown quantity at this point
Default Re: More than 20 Port Forwarding rules?

come to my site for VPN and other questions.

you also need to look prosafe router and not home end routers for VPN
Reply With Quote
  #9  
Old June 27th, 2012, 11:05 PM
Mars Mug's Avatar
Mars Mug Mars Mug is offline
Moderator
NETGEAR Fanatic
 
Join Date: Nov 2006
Location: Stevenage UK
Posts: 12,473
Mars Mug is on a distinguished road
Default Re: More than 20 Port Forwarding rules?

Quote:
Originally Posted by sethfeinberg View Post
That all being said, I would like to learn more about creating and using a VPN. Can you point me towards some palatable information on it? I know my Synology Nas allows it but I'd their documentation isn't that great and I'd like to understand the underlying theory before I dive in. thanks again!
My preference is to use a router type which is commonly referred to as a VPN endpoint. I use a (now old) Draytek Vigor 2950, but there are much cheaper VPN endpoints available. A VPN endpoint will allow a remote computer to make a secure encrypted connection to your LAN (the router itself) rather than one of your LAN PCs (VPN passthrough) which would require that PC to be powered on. A VPN endpoint will often also have a feature that will allow you to remotely wake up a PC from shutdown (Wake-on-LAN).

So with my VPN arrangement I don’t need any port forward rules at all, I can remotely access any device on my LAN, including several NAS drives, IP cameras, security devices over an encrypted link, just as if that remote PC was on the LAN.

Setting up a VPN connection from the remote PC is very easy, well supported in Windows 7, and works fine with my Android phone also without any complex setting up.

That’s the basics of what I do, and as June has posted, his site is good for a lot of VPN info.

By the way, it is still good practice to open up as few ports as possible using port forwarding, so if you can split up that 5000 port hole you have by using a couple of extra rules that would be good.
__________________
I don't work for Netgear.

My name is Andy.
Reply With Quote
  #10  
Old July 2nd, 2012, 05:01 PM
Tank_Killer's Avatar
Tank_Killer Tank_Killer is offline
Member
NETGEAR User
 
Join Date: Dec 2010
Location: Alberta, Canada
Posts: 200
Tank_Killer is on a distinguished road
Default Re: More than 20 Port Forwarding rules?

Maybe this person is confused as to what you really need a forward for or what it actually does. I have alot of things going on in my network, multiple servers ect talking to the outside world.. Dont even need CLOSE to 20.

http://portforward.com/help/portforwarding.htm
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off



All times are GMT -8. The time now is 01:16 PM.