NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
FVS318G DMZ and correct rules
Hi there,
I searched through all the postings and couldn't find anything that seemed to fit my simple issue. We have a project where we need to have 3 machines in front of the FVS318G so those 3 machines don't have anything blocking access to the internet (for things like torrents, chats, streaming, etc).
Rather than doing port forwarding thru the firewall, I thought it would be easier to setup the DMZ port.
I did that and connected a switch to the DMZ port. The machines on the DMZ get 192.168.10.x. The machines behind the firewall get 192.168.2.x
For the DMZ I also added the "DMZ WAN Rules" Outbound Services rule of always allow for all services. I did not add any other rules, so no Inbound Rules.
The machines on the DMZ can browse the Internet with no issues, but everything with specific ports, like the torrents, are not working. We did disable the firewall on the machines for testing to confirm that it was not the machine blocking.
So my guess is that I am missing some type of DMZ WAN Inbound Services rule. But those rules seemed to be for having a server or something on the DMZ, which I don't have.
Please tell me what step or rule I am missing. I just want all the machines on the DMZ to be able to do whatever they need to without having to worry about the ports being allowed/forwarded/etc.
thanks
I searched through all the postings and couldn't find anything that seemed to fit my simple issue. We have a project where we need to have 3 machines in front of the FVS318G so those 3 machines don't have anything blocking access to the internet (for things like torrents, chats, streaming, etc).
Rather than doing port forwarding thru the firewall, I thought it would be easier to setup the DMZ port.
I did that and connected a switch to the DMZ port. The machines on the DMZ get 192.168.10.x. The machines behind the firewall get 192.168.2.x
For the DMZ I also added the "DMZ WAN Rules" Outbound Services rule of always allow for all services. I did not add any other rules, so no Inbound Rules.
The machines on the DMZ can browse the Internet with no issues, but everything with specific ports, like the torrents, are not working. We did disable the firewall on the machines for testing to confirm that it was not the machine blocking.
So my guess is that I am missing some type of DMZ WAN Inbound Services rule. But those rules seemed to be for having a server or something on the DMZ, which I don't have.
Please tell me what step or rule I am missing. I just want all the machines on the DMZ to be able to do whatever they need to without having to worry about the ports being allowed/forwarded/etc.
thanks
19 Replies
- and assume if you test with main LAN rules with inbound wide open the ports is open on DMZ side?
- Are you trying to forward the same port to all the DMZ machines? Do you have any Outbound DMZ rules?
- Can anyone tell me if this got resolved please, I have exactly the same issue. One network secured behind the firewall with our SBS 2011 server running exchange for connecting phones. Have rules to this and it works well. Want another network in the DMZ for customer testing which also has our Linksys PAP Voip router in it and Vodadone Sure Signal femtocell. Basically want fully open network in the DMZ using the DHCP server in the FVS318G.
Any help greatly appreciated. - This is what I ended up doing.
318G has the DMZ port enabled with an ip address of 192.168.10.1
Another wired router is plugged into the DMZ port. That wired router was given a static ip address of 192.168.10.150.
On the 318G, I added a DMZ outbound rule that allows everything out. I added one DMZ inbound rule that forwards all traffic to the "DMZ server" IP address of 192.168.10.150.
I then do all my port forwarding, etc on my wired router. - Thanks for that. Seems strange to have a DHCP server in the DMZ software and then have no way of using it. Oh well revert to previous configuration, customer network off of DGN2200 and local network behind firewall.
stuartmc wrote: Thanks for that. Seems strange to have a DHCP server in the DMZ software and then have no way of using it. Oh well revert to previous configuration, customer network off of DGN2200 and local network behind firewall.
DMZ with DHCP enable should work fine.- Yes the DHCP works but I can find no way of opening the DMZ to all traffic. The rules require a "server" IP address and I just want it open to all traffic to any IP issued by the DHCP server
- I don't think you understand how the DMZ works. You have 1 public IP. You cannot translate "all ports" to multiple devices in a DMZ, only 1.
stuartmc wrote: Yes the DHCP works but I can find no way of opening the DMZ to all traffic. The rules require a "server" IP address and I just want it open to all traffic to any IP issued by the DHCP server
you need to use WAN-DMZ
http://interface.netgear-forum.com/FVX538/dmz_wan_rules.htm
you need to create both in/out rules with all the ports open by the your IP range you choose for DMZ
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
