D6400

> D6400

   Firmware version?

> According to my logs, I have various unknown IP addresses trying to
> access port 80 on my router. [...]

   Connection attempts on the default web-server (HTTP) port would not
amaze me.

> [...] Attached to this port is a low level heating controller without
> any facility to change port attachment within its setup [...]

   What, exactly, does "Attached to this port" mean to you?  Did you
configure port forwarding on the D6400 to allow access to your
(unspecified) "low level heating controller"?  Why?  Do you really want
to access it from the outside world using a web browser?

> [...] so locking the inbound IP addresses seems the best solution.

   I disagree.  "Best" in what sense?  Why not choose some non-default
value for the external port?  It's not a true block, but I'd expect it
to evade most undesired connection attempts.

   Assuming that we're talking about port forwarding, you could leave
the internal port at 80, if that would be easier on your (unspecified)
gizmo.  All you'd need to do would be to specify the non-default port
number in the outside-world URL, like, say:

      http://<your_puplic_IP_address>:6789

   Also, I doubt that a D6400 has any option to block incoming
connections by IP address (or anything else).  Visit
http://netgear.com/support , put in your model number, and look for
Documentation.  Get the User Manual.  Read.  Prove me wrong.  But I'd
bet that you can specify non-equal external and internal ports in a
port-forwarding rule.

Hi, thank you for your prompt reply.

Firmware: V1.0.0.82_1.0.82

Attached to this port means to me that I can access this low level heating controller using port forwarding as you sumised. I am not a techie so this is the only way that I know to access the heating controller when I am away from home.

I don't know how to set something up on the D6400 to "choose some non-default value for the external port?"

I don't know how to "specify the non-default port number in the outside-world URL"

I think yu are correct, in your assumption I have been through the user manual for the D6400 and I am unable to find anything about blocking specific inbound IP adreesses hence the reason for my post.

How does "specifying non-equal external and internal ports in a port-forwarding rule" help me in this case as I have no idea what it means.

Thanks again for your help but, although I understand something about telecoms from the Strowger / crossbar days, this modern IP stuff is beyond my knowledge.

"I don't know how to "specify the non-default port number in the outside-world URL""

Whats meant here is that there are "Ports" which are pre-designated for certain things. Like port 21, 22, etc. and port 80 which is the http port. That means in essence that when you go to an http address that you are seeing information thru port 80 and you don't need to designate port 80 in your request.

What port forwarding does is it takes one port value and connects it to another port value inside of the router. So what's being suggested is that you go into your router port forwarding section and designate some "Non-Default" port value on the Internet side to forward to your devices "Port 80" requirement. All "Intruders" know port 80, so port 80 is always checked by hackers, port scanners, etc. for accessibility. So that's why you see so many "IP" addresses attempting to connect on that port.

When you do something like "Port Forwarding", then instead of typing http://this_is_my_WAN_address which is the same as http://this_is_my_WAN_address:80 and it takes you directly to your device, port forwarding tells the router to listen on a different WAN port, like the suggested port 6789 and then forward that port request to your device on port 80. Once you have completed the port forwarding configuration then to connect to your device from the WAN you would need to type http://this_is_my_WAN_address:6789 to see your device as the router would re-direct the port 6789 to port 80 where your device is connected on your LAN.

It may be entirely possible that you can go into your device configuration settings and change the port that it listens on. For example, if you changed your device to listen on port 6789, then in your router port forwarding you can update it to 6789 --> 6789 from what you would have configured it for earlier, which was 6789 --> 80. What that means locally is that now if you want to access your device from your LAN that you would need to type http://this_is_my_DEVICE_LOCAL_LAN_IP_address:6789

Changing your port numbers would also provide you a bit of security thru obfuscation as well and free up port 80.

---

@makina2 wrote:

Hi, I am new to this forum but I have owned a D6400 router for 4 years. 

 

It may not matter, but you have posted your message in the section of this community given over to General WiFi Routers (Non-Nighthawk). (This is easily done, given Netgear's impenetrable community structure.) Your device is a DSL Modem/Router.

You might get better replies, and find other answers, over in the appropriate section:

DSL Modems & Routers

> Attached to this port means to me [...]

   If you don't know much, and you're looking at a page which says "Port
Forwarding", then it might make more sense to talk about "port
forwarding", rather than to invent your own technical terms ("Attached
to this port") which have a meaning to only you.

> I don't know how to set something up on the D6400 to "choose some
> non-default value for the external port?"

   How did you specify your current port-forwarding rule?  ADVANCED >
Advanced Setup > Port Forwarding / Port Triggering : Add Custom Service?

   What did you specify as the "external port"? "80"?  Specify some
other external port number.  (My example was "6789".)

> I don't know how to "specify the non-default port number in the
> outside-world URL"

>       http://<your_puplic_IP_address>:6789

   How do you access the thing now?  Add ":6789" to your current URL.

> How does "specifying non-equal external and internal ports in a
> port-forwarding rule" help me in this case as I have no idea what it
> means.

   You might think of an IP address with a port number as a building
street address with an apartment number.  Normally, a web server lives
in apartment 80.  Strangers may call your building, and ask for
apartment 80, expecting to talk to a web server.

   With port forwarding, the router acts as a concierge, who can
redirect an incoming message to a different apartment (port) in a
different building (IP address).  In this example, a message addressed
to your router's public IP address at port "6789" (the external port
number) could be redirected to your (unspecified) "low level heating
controller" at port 80 (the internal port number).  That's what port
forwarding does.

   The probability of a stranger probing port 80 is high, because that's
where a web server normally lives.  The probability of a stranger
probing some odd-ball port, like, say, "6789", is lower, because no one
expects anyone to live there.

> It may not matter, [...]

   It doesn't.  This is a router problem, not a DSL problem.  Why waste
everyone's time with this trivial distraction?

> I have made the changes [...]

   I'll take that as "everything works now".  Which is good news.

> [...] much of this stuff is just as I knew it in the 60s and 70s but
> the terminology has been updated. [...]

   Actually, it's (much) worse than that.  In the old days, _circuits_
were switched, so, if you were connected, you knew where your message
would go.  Now, _packets_ are switched (over common circuits), so every
packet has addresses (source and destination), and you have only a vague
idea how your message gets anywhere.  Here, a "port" number really is
just an extension to an address (like an apartment number in a
building).  Typically, the address specifies a particular gizmo, and the
port specifies a particular program which is running on the gizmo.
Everything's (more) complicated.