Like every other website on the planet, SmallNetBuilder uses cookies. Our cookies track login status, but we only allow admins to log in anyway, so those don't apply to you. Any other cookies you pick up during your visit come from advertisers, which we don't control.
If you continue to use the site, you agree to tolerate our use of cookies. Thank you!

Router Charts

Click for Router Charts

Router Ranker

Click for Router Ranker

NAS Charts

Click for NAS Charts

NAS Ranker

Click for NAS Ranker

More Tools

Click for More Tools

LAN & WAN Reviews

LAN Features

NETGEAR has several nice features for managing your LAN devices in its ProSafe line. First, there is the DHCP server, a standard feature on most routers. As part of the DHCP server, NETGEAR uses DNS proxy to assign a DNS IP address to devices that receive their IP addresses from the NETGEAR, an important feature for a Dual WAN router.

Each ISP has its own DNS servers and may not allow access to them from foreign networks. If a router's DHCP server were to issue DNS IP addresses from one of its WAN connections and then fail over to the other WAN connection, LAN devices may not be able to resolve web addresses. The NETGEAR will issue its own LAN IP address as the DNS IP address to DHCP clients and then forward DNS requests to the DNS IP specific to the WAN connection. 

Second, the FVX has what it calls the network database. The FVX builds a database of devices as they connect to the router and are assigned an IP by the DHCP server. Once the device is detected by the FVX, you can assign it to a Group, give it a name, and configure it as a Static IP or Reserved DHCP IP, as you can see in Figure 5.

The advantage of assigning devices to Groups is the ability to apply a single security policy to multiple devices. Up to eight different Groups can be created, and the FVX will support up to 253 devices. In the FVS124G, NETGEAR provided the option to name or number up to eight Groups. With the FVX538, the Groups are simply numbered 1–8.

LAN database
Click to enlarge image

Figure 5: The network database

I like the network database, as it becomes a central place to find all the devices on your LAN, without having to look up IP addresses or names. A feature the FVX doesn't have that I've seen on some other devices is access to the web utilities of all my network devices. The ability to launch the web configuration utility for a LAN device directly from a router's network database page would be useful. For example, to access the web utility of my switch, which I named "GigSwitch" in Figure 5, it would be handy to click and launch a browser to that IP.

Third, the ProSafe router software has a feature called LAN Multi-homing. This feature enables a network administrator to separate their LAN into multiple subnets, a nice way to organize your devices. It isn't perfect, as it doesn't provide a barrier between broadcasts as a VLAN does, and the DHCP server provides IP addresses in only one subnetwork. But this feature can be useful to logically group a couple servers or other devices.

In Figure 6 below, I assigned 10.0.0.1/24 as a secondary LAN IP. Devices connected to any FVX LAN port with static IP addresses in the 10.0.0.0/24 network can access the Internet if assigned a gateway IP of 10.0.0.1, as well as access devices in the other subnetworks on the FVX.

LAN multi-homing
Click to enlarge image

Figure 6: The LAN Multi-homing configuration page

DMZ

In between the LAN and the WAN is the "demilitarized zone", or DMZ. DMZ functionality on a router allows for maintaining a separate network that can still use your WAN connection, but is intentionally not protected by your firewall. The FVX538 is the only member of NETGEAR's ProSafe lineup that provides a physical DMZ port, which is the eighth LAN port.

There is a separate indicator light on the front of the FVX that indicates the eighth LAN port is in DMZ mode. An additional DHCP server can be activated to assign IP addresses to devices in the DMZ LAN as desired. In Figure 7 below, I've enabled the DMZ option, as well as the DHCP server, creating a separate network outside the FVX's firewall but still able to utilize my network's WAN connectivity.

DMZ setup
Click to enlarge image

Figure 7: The DMZ Setup page

More LAN & WAN

Wi-Fi System Tools
Check out our Wi-Fi System Charts, Ranker and Finder!

Support Us!

If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!

Over In The Forums

I am setting up a AC68U for a client to be used as a WiFi extender. As I have 2 of the same routers I am very familiar with it set up and operation. E...
How can one delete routers and/or start over without uninstalling app?
Hi everyone.So we renovated the house a little while back but at that time the other half couldn't decide fully on layout so the cat 6 cable didn't ge...
Hi!My old wan-start worked fine. After updating to firmware .15 I renamed it to wan-event and adapted it to consider the new parameters. But it doesn'...
RT-AC68R with Merlin 384.13Recently installed latest shipping versions of Diversion and Skynet via AMTM (Awesome Tools!!!) and now I can no longer ssh...

Don't Miss These

  • 1
  • 2
  • 3