What is a WAN-Port and what is it used for really? It’s that extra ethernet port on the back of the router that you cannot use for your fifth computer. The WAN and LAN-ports are often referenced in the router manual or in guides on the internet, and the ports can be found on almost any router. There is no doubt that these little things are there for a reason.
[toc]
WAN stands for Wide Area Network. The WAN-Port is the uplink to the internet. While the LAN-ports (Local Area Network) will connect to your computer and other devices, the WAN-Port needs to be connected to the wall or the modem that your ISP has provided. Without connecting a cable to the WAN-port, your network will not have any connection to the internet, and you are not able to watch cute cat videos or the latest episode of House of Cards on Netflix.
That was the quick answer. But as with anything else, there is always more to it and today I thought that we are going to dabble into the topic of WAN, LAN and what you can do with this port on the back of the router.
It’s important that you first know the difference between LAN and WAN, as both of these terms will be on the back of the router. Usually, a router has five network ports on its back, where four of them are marked LAN and one is marked WAN.
LAN stands for Local Area Network and means that it is a network of computers that are connected to each other. Your apartment or your house has its own network, which is the LAN. Essentially, all private networks are LANs. In a LAN, you can share resources with each other like printers or files or you can connect to other computers or devices. Your router and everything behind it is a LAN.
WAN stands for Wide Area Network. This is a bit more complicated as WANs can be both private or public. A private WAN is often used by companies to connect their offices together. There could be a LAN at each office that is sharing printers and such locally, but a WAN that connects all the LANs together, so the company can share files with everybody.
WANs are connecting LANs over the internet, and since no business want their traffic to go unencrypted over the internet, they are using VPN tunnels to create secure connections between each LAN. When a VPN (Virtual Private Network) tunnel is configured at both locations, the traffic through the tunnels are private and unauthorized users can’t see it.
Foy home users, WAN doesn’t have to be so complicated. It’s more known as a way for the internet to come into your house and to your router. As I described above, companies connect smaller offices to the HQ via WAN and for home users, it’s kind of the same but for the ISP (Internet Service Provider) instead. The ISP connects LANs from home users to their WAN, thus giving all LANs access to the network.
But just to be clear, ISPs doesn’t join LANs together, they keep them separate. Your neighbor is not able to print on your printer or see your files.
The WAN-port on the back of the router is the outgoing connection to the internet, that is something we have covered by now. Your router will redirect all internet traffic through this port, both incoming and outgoing. Since all traffic goes through one port, every package will look the same for other servers and devices of the internet. What this means is that whichever device you are using, it will have the same IP address outside the network.
When the package comes back to that IP address (your assigned IP address by your ISP), it’s your router’s job to know which device it was that made the request and redirect that package to that device. The router is essentially taking the packages that come from the WAN-port and redirect them to different LAN-ports or over the wireless network.
If you would skip the router and directly connect your ISP to a computer, that computer alone would have internet access, no other device in your home. If you would take a switch and use it as a router, that wouldn’t work either, since a switch isn’t made for translating incoming and outgoing packages to the internet.
There are times when you should not use the WAN-port on the router. Mainly, it is when you need to connect a second router on the same network for whatever reason. Most of the time, this is because you have purchased a router yourself while your ISP is offering a router as well. To connect them, it’s very important to not use the WAN-port on the second router, as that would not share the LAN with it. Remember, you are trying to connect a device inside your LAN, which means that a LAN-port should be used for that instead.
If you would like to read more about connecting two routers together or learn how to do it, I highly suggest that you take a look at my guide on how to connect two routers which you can find here.
A common misconception with all the abbreviations is that WAN strands for Wireless Area Network. Since LAN is such a common (well, not very uncommon) word, from the 90s and early 2000s when friends got to together to play games, people are aware of what it is and that it means Local Area Network. When hearing WAN, the first thought is then Wireless, which is understandable.
However, as you now know, it is very wrong. In fact, there is nothing named Wireless Area Network. Instead, it is WLAN, Wireless Local Area Network. So, if you already knew LAN, you can simply put a W in front of it when talking about wireless. It doesn’t have to be harder than that. It would mix up WLAN with WAN, very interesting conversations could happen…
Sometimes, when the WAN-port is not used (like if you have a second router and is instead using the LAN-port), it would be nice to use it as a LAN-port instead. While I agree that it would be nice, it is not possible. While the ports are looking the same, they have completely different functions.
If more LAN-ports is what you need, you should instead get a switch. A switch will give you extra LAN-ports that you can use for your devices. A great switch that requires no configuration is the Netgear GS105, which you can find on Amazon. I use this switch myself and have three of them in my apartment.
Great reading and of immense help thank you.
Kind regards Barry
Thank you . That was very clear explenation of WAN and LAN, that learned me at lot.
Please I want to connect my WiFi wireless IP Camera to my WiFi Router so that I can view the LiveCam on my phone when I am far from home or on a vacation trip. How possible is this and if possible do I need to connect the WiFi Router to Internet (if yes) How can I do it when I don't have a LAN cable modem in my home? (I only have USB WiFi Modem that uses SIM card). I hope my questions are understood? Please I need help on how to go about the connection. Thank You
The WiFi Router I have doesn't have USB port, only LAN and WAN ports.
Hi Henry,
Thanks for asking! From what you are saying, it sounds like you should be able to connect your camera wirelessly using the WiFi network. You will need internet access to see your camera when you are not at home. However, not knowing much about the brand of the wireless IP camera, I am not sure how you log in or interact with the wireless camera so that you can input the WiFi Network and password to get access to it. If you know what kind it is, you should be able to find information online on how to connect it to the WiFi network.
May I used Isp line direct to switch or hub, if not then what is the way to connect Internet through this without router.
Hi Mrinal,
No, you can't. Most likely, the ISP line is a coaxial cable, which cannot be directly plugged into a switch or hub. Those are made for TCP/IP networks, which is what your router creates, and uses to connect to the internet.
If your ISP line is a ethernet cable, then you can use it directly with a computer, and it will have a public IP address. However, it cannot be connected into a switch or hub, as it cannot create more public IPs for you, and expand the public IP network.
So in short, you will need a router to connect to a switch or hub.
In what port should I plug my ethernet cable, WAN or LAN?
Hi Zandre,
That depends. Are you trying to connect your laptop, or another device to your router? If so, you plug in the ethernet cable to your device, and then to a LAN port on the router. If you are trying to plug in a modem to the router, you plug the ethernet cable into the modem, and the WAN Port on the router.
Hi, I have a plusnet router, but have just purchased a zyxel mesh. I have set up the mesh network by connecting the primary node via LAN to my plusnet router LAN port.
I can see that the Mesh is all connected to the router and each other, I have decent speed and backhaul. But I can't connect to the internet!?!
Is there a setting I am missing? Or do I need to do something else?
I'm new to all this, so please keep it simple!
Any help would be really appreciated (especially as my son is about to kill his Xbox!), thank you!
Hi Mr Collins,
Thanks for the questions. Given everything you have said, it sounds like you have physically set it up correctly, especially since the plusnet router can see the zyxel mesh. However, to effectively troubleshoot the issue, it might require a bit of testing with the settings. The best step I can offer initially is to see if you can connect to the plusnet router directly, and then connect to the internet. If so, then its possible something is not set up correctly with the zyxel mesh, or that plusnet is blocking anything on the zyxel mesh from connecting to the internet.
My only other guess at this time is to check if your zyxel mesh assigns the same IP addresses as the plusnet router. If so, IPs can conflict and that may be a reason why you can't connect to the internet. See if you can check those settings in the zyxel mesh and plusnet router, to see if they use the same set of IP addresses, like both using 192.168.1.1. If so, change the IP Address range for the zyxel mesh to use another range, such as 192.168.10.1.
Let me know if this works!
I have a modem/router that has 4 LAN ports and one port labeled LAN,WAN. What would the be used for.
Hi Eric!
Good question! Honestly, I can't be too sure because I have not seen it or researched it much, but what it seems to indicate is that port could be a WAN or LAN port, depending on software settings you can change in the administrator interface for the modem/router. By default, its most likely a WAN port, unless changed to be a LAN port. If you know the model and type of modem/router you have, I'm sure it can be checked online to see if this is actually the case.
Check the settings in the GUI of the router. Some firmwares allow you to switch the WAN port into LAN, like Tomato firmware.
Hi, I have recently changed to SKY broadband and have received their latest hub (SR203 I think) I have a PS4 which i wire direct to the hub with a cat8 Ethernet cable, can this be plugged into the WAN port on the back of the hub? The other ports are in use but the WAN port is spare so don’t want to buy a switch if it’s not needed, I have plugged the PS4 into the spare WAN port and it does connect for online gaming but I’m not sure if it is safe or correct to do this? Thank you in advance.
Hi Jamie!
Thanks for reading.
I think I understand what you have. Your SR203 device is most likely a modem and a router combined.
Generally, you wouldn't be able to plug this into the WAN, because the SR203 would think that whatever is plugged into the WAN, is receiving a public IP address from your Internet Service Provider, which looks like its SKY in this case.
Now that you have plugged it in there, and it did work, would indicate to me that its actually acting as a LAN port. Its possible that the PS4 received a public IP from your ISP, but chances are unlikely that happened. Its likely that this router has software configurations that allow you to change the use of that port from a WAN to a LAN, giving you that flexibility you're looking for. In this case, that means it would have been assigned a private IP address to your PS4.
If this did receive a private IP address, then you should be fine with nothing to worry about. If its public, that means its directly accessible to the internet, which generally is not wanted. You can check this by looking at your settings in your PS4 to see if it received a private IP address. You can also check your SR203 settings as well, and you should see all the devices connected to it. If the IP address is one of the following ranges, then you have nothing to worry about: 10.0.0.0 - 10.255.255.255, 172.16.0.0 - 172.31.255.255, 192.168.0.0 - 192.168.255.255. And if you're curious to learn more about private IP addresses, google RFC1918.
Hope this helps!
I don’t know if this will get a reply but I have a problem. I use the google wifi system and they only have one port which is connected to my modem. I need to plug my work computer into the same unit but there’s no plug to use (I’m assuming. The symbols make no sense to me so i don’t know which port is what) and I’m lost on what to do.
Hi Amber,
Great question. From my understanding of the mesh Google WiFi routers, each node should have 2 ethernet ports on them that both look the same, according to the most recent versions I have seen. I am not sure if they ever came out with a version that only ever had one port, but I usually have seen two as the minimum. How old is your Google WiFi router?
Does the bottom of yours look like this?
https://www.shopkeep.com/wp-content/uploads/2017/12/google-wifi-power-cable-1.png
If so, you will just need another internet cord to plug into your work laptop, and into the open port on the Google WiFi router, and it should work.
I have a LAN but no internet connection so I would like to tether my smart phone to my router to give my LAN access to the internet. I can already do this by usb tethering my smart phone to my linux pc then I can surf the net from my single pc. I understand the first step is to run an ethernet cable from my tethered pc to my router using the WAN point. I believe the next step is to set up a a dhcp server on my linux pc. Then somehow I need the incoming ip address from the phone to be translated to an outgoing address for the router. I am a programmer not a network engineer and looking at my linux pc I cannot quite figure out what to do. I have set up 2 linux networks one restricted to the usb port the other restricted to the WAN port - eth0 - on the router. I found an opportunity to set up a third network called shared. But there are too many options such as shared, local link, etc etc to know what to select. Combined with not knowing how to get the various addresses out of phone, pc and router and relating them to each other it makes for far to many unknowns. Can you give me a description using addresses for selecting static or automatic addresses and relate them to my 3 designated networks in linux mint. This all came about because I wanted to set up a NAS based on a raspberry pi but all the tutorials seem to presume the LAN is already connected to the internet. It occurs to me though that on the pc between phone and router I could install LAMPS with owncloud as a file backup to my NAS. Is that feasible?
Hi Mike,
Thanks for reading and great question too.
Personally, I come from a programming background as well, and only as of recently moved into IT Infrastructure and Information Security to really understand how the apps built by us programmers reside in an IT environment, its been quite enlightening.
Anyway, you've mentioned quite a complicated setup, and I feel you can simplify it a bit, but also make it more secure.
First, I would probably hesitate to use your computer as a means to handle all of your public traffic. If this is for an extended / indefinite period of time, I would use a dedicated device, like a raspberry pi you have mentioned. If its just for on demand instances, then this should suffice as a stop gap.
Anyway, again, depending on your use case, your network speeds will likely be throttled if you use a hotspot for an extended period of time, going over say 10-20 gb of data usage (that depends on your provider but might be something you'll want to look into).
Continuing with your current setup, I don't think you can tether your phone to your router as it wouldn't create a network interface from a USB connection, most off the shelf routers cannot do that (that I know of). So it seems like you are stuck using your Linux PC to get an internet connection, unless you get another raspberry pi to act as your dedicated "modem/router/firewall". With that in place, all you will really need is a DHCP server to serve up IP Addresses and handle DNS queries, which by default should be forwarded to some public DNS server. Then you will just need an easy firewall rule (likely using iptables, depending on your flavor of linux), and just write a rule that forwards all incoming traffic to the raspberry pi, to the network interface that the internet is connected to (whatever that interface name is on the raspberry pi). That should then just about do it, and you can certainly find that rule on line doing a quick google search. Now this is if your raspberry pi is handling everything.
If it doesnt, and you want to use a router as you have mentioned, the same as above applies, but it will have to be done on your Linux Mint PC.
In regards to the networks you have set up, I am not sure what those are in particular, but those networks will have to forward all of their outbound traffic onto the usb network interface that is connected to the internet, with the same commands as above, but three rules, one per your network.
As with your NAS, that should be easy enough to set up on your raspberry pi. But then once thats installed, we can handle the networking via the explanation / rules I mentioned above. Are you trying to access this NAS remotely, outside of your LAN? Because if so, you will need to see if the USB tethering doesnt block all incoming connections as the phone itself might be a firewall and router and provide you internet access, but only outbound connections, and likely not let you configure incoming connections. This is why a dedicated device would be better, but also not USB tethered, but rather running on a 4G modem.
As for your last scenario, I am not too aware of what owncloud is, but if you are just looking for networking area storage, any network connected device that has network file sharing capabilities, like samba, or ntfs, should work just fine, and might not need a whole LAMP stack to accomplish that.
I know I mentioned a lot above, but if I can get your use case down really well, we can come up with a configuration that suits your needs.
Best,
Orest
Hello. I have a pace modem that has a built in router. For whatever reason, the ISP is telling me their modem needs to be bridged to another router (I have a netgear AC1450 Router) in order to access the internet. The ISP modem/router was placed in bridge mode by the ISP which I assume passes control to my router. The modem is not DSL, and not fiber, there is a CAT5 cable going from the wall to a modem LAN port. So not sure what type of connection this is.
I obviously need to get a cable from my router to the modem. Do I use the LAN port on the router or the WAN port on the router and does the other end go in LAN port or WAN port on the modem? I have an internal network that is working fine with devices communicating with each other, but none of the devices can access the internet. Right now the router has a cable from from a LAN port on the router to a LAN port on the modem. I can ping various web sites from a command prompt using computers on my network, all inter connected via LAN ports on the router. But when I try and actually type a web address in the search bar from a computer I am not able to access the internet. So I have something plugged in wrong, or something is set up wrong on the router. The ISP modem/router is set to bridge mode, do I need to set my router also to a bridge mode?
Hi Tom,
Thanks for asking!
You're set up seems quite odd, thought I might say that modem / router combinations provided by your ISP are generally not the best networking equipment. By general networking standards and protocols, it should not need to be bridged. Actually, what seems better is that your netgear AC1450 router would be placed in bridge mode, and your ISP's modem / router combination would handle DHCP for you (which I have done before, and didnt get that great of performance of performance, so I switched to a double NAT setup). Though, if they did place the modem / router in bridge mode, then yes, control should be passed over to your netgear router. As for the modem connection, not being DSL, fiber or coaxial, I am not sure of what connection is provided via an CAT 5 ethernet cable. Would you be able to look up the brand of your cable modem? That can help with the troubleshooting.
In a normal set up, with a modem, you'd use the WAN port of the router, and connect it to the ethernet port on your modem. Bud given you are using a modem / router combination, and with the modem / router in bridge mode, then you would use the WAN port on the netgear router, to a LAN port on the modem / router combo. Currently, is the WAN port on the modem connected to the wall via the CAT 5 cable you mentioned? If so, I would leave that alone.
If you can ping websites, and not visit them via HTTPS, then that's very strange, as most consumer routers should let all traffic out and then back in, including pings and HTTPS. What do you see when you try to visit a website in the browser? If you can provide more information I can better troubleshoot, but as of now, leave the set up as is, with your modem / router in bridge mode, and your netgear router running normally out of the box (using DHCP), as that is likely the source of internal IP addresses for your devices, and actually doing your networking. In addition, you should be able to see the public IP address in your netgear router admin interface as networking control is being passed to that router. If not the something is off.
You can change it up, by having the netgear router be in bridge mode, and change your modem to not be in bridge mode, and that might help. Or you just have both not in bridge mode, and the difference here is your end up creating two networks in a double NAT setup, where your second network (via the netgear router) is where most of your devices connect from. There shouldn't be any problems with a set up like this either, and one I have actually done before.
Hope this info helps!
I have an iPad Pro which keeps loosing wireless connection at home. It seems to be a big problem for lots of people. I am angry that I spent a lot of money on the iPad Pro mainly to get better at procreate. I have read many articles about changing the setting on my router connection from wan to wlan or lan. I dont have a background in this stuff and I wonder how that would effect our pc, laptop and phones in this home which all work perfectly on the current WiFi. This connection drops almost every time I am on.
Hi Bernice,
Thanks for reading.
In regards to your issue with your iPad Pro dropping connections, I am not sure what much you can do. WAN stands for Wide Area Network, that's where your internet comes from, and that should stay untouched. LAN is Local Area Network, which is your private home network, and generally refers to a wired network (such as with ethernet cables). This and WLAN are generally the same in most network setups.
WLAN is Wireless LAN, and this is where you would makes changes. This is the network for your WiFi. There may be some WiFi settings you can change that will help, but without more knowledge on the situation, I am not sure what can be done to resolve this issue. If this is happening on a lot of iPad Pros, it could be the wireless chip is defective.
But if we are to go back to our network to possible address this, maybe you can tweak the channels for your WiFi and see if a different channel works. In my post on "How to Connect Two Routers & Have the Same SSID", I mention how changing your WiFi channels might improve your WiFi and in your case, may stop the dropping of the connection. This guide should help you analyze and change WiFi channels to optimize it for your location.
Though if there aren't any other devices that are experiencing issues with connection drops, then this may not do much. If there are, this may help. As long as you don't change your WiFi name or password, you shouldn't really affect the other devices on your network, like your PC, laptops, phones, etc.
So first I suggest you change the channels used by your WiFi, and then see if that improves your connection.
Hope this works!
Orest
I have a main router provided by my fiber company and I have connected a second router to the first one using the WAN port. Doing so, automatically it created the network 192.168.2.1 and the pc got the 192.168.2.151 IP address automatically.
If I don't use the WAN port, then I need obviously to setup the IP for the second router (i.e. 192.168.1.201) and limit the DHCP in the proper range.
So... why can't we use the WAN port?
Thanks for reading Fran!
Given you have a different router / modem combination from your fiber company, this equipment may have different functionality assigned to the WAN port. It mostly comes down to the software that is running on the router, that really defines the functionality of the WAN port and if it can change. Usually though, the functionality is usually hard coded as a WAN port.
However, it looks like the way you have set it up, is a double NAT setup, where the second router creates its own second network. That is fine if you'd like to have devices on two different networks, but if you want all of the devices on a single network, then this set up would not work, and you'd need to set up the second router on the same network with DHCP off and the IP assigned as you noted.
So its not that you can't use it, it just comes down to the functionality that you are looking for, which is different between the WAN and LAN ports.
Hello,
My modem has one port that goes to the WAN port on my router.
I have 2 IP phones that use static IP's, they are plugged into a PPO switch. The PPO switch cable goes to one of the LAN ports on the router. The phones will not connect to the internet unless the modem cable goes into a LAN port on the router and not the WAN port. When I do this, the phones connect, however, I cannot access the internet from my main computer. The main computer only can access the internet if the modem is plugged into the WAN port on the router, then the IP phones don't connect. The main computer is plugged into another switch and that switch also goes to a LAN port on the router.
I need to have my IP phones connect to the internet as well as my main computer.
I obviously have something set up wrong, but not sure what. Can you help?
Thanks,
Tom
Hi Tom,
Thats very strange, and I am honestly not sure how I can explain that. What is a PPO switch? I have not heard of that acronym for a network switch but i assume its a basic layer 2 network switch. To me it seems like there is a routing issue on the router (with the routing table) but I can't really see how this would happen. Seems almost like a hardware issue to me, as i can't see how the IP Phones only have internet access when the modem is connected over a LAN port. I will say I'm not that experienced in IP phones, but i imagine they shouldn't have a problem with NAT on a router, as to me is seems like that could be the issues the IP Phones are having. Without anymore concrete knowledge, I'm just speculating but I feel that something isn't set up correctly with the IP Phones. I'd keep the WAN port plugged in with the modem, and some way, the IP Phones should be able to connect over the WAN port to the internet. I wish i could be more helpful.