NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

Worli's avatar
Worli
Tutor
Nov 12, 2016
Solved

How can I change the DMZ VLAN-ID from 4094 to any other, lower ID (e.g. 4093)

My router is on frrmware version 4.3.4-1 and I recently reactivated the DMZ. Next to the router I have a Netgear GS108PEv3-Switch (firmware 2.00.08) and in the following several Netgear GS108T (firmw...
Security
Troubleshooting
  • DaneA's avatar
    DaneA
    Nov 13, 2016

    Hi Worli,

     

    I believe it is by design that VLAN ID 4094 is reserved for the DMZ interface and it cannot be changed.  

     

     

    Regards,

     

    DaneA

    NETGEAR Community Team

DaneA's avatar
DaneA
NETGEAR Employee Retired
Nov 17, 2016

Hi Worli,

 

We’d greatly appreciate hearing your feedback letting us know if the information I’ve provided has helped resolve your concern or if you need further assistance.  If ever your concern has been resolved, I encourage you to mark the appropriate reply as the “Accepted Solution” so others can be confident in benefiting from the solution.

 

The NETGEAR Community looks forward to hearing from you and being a helpful resource in the future!

 

 

Regards,

 

DaneA

NETGEAR Community Team

Worli's avatar
Worli
Tutor
Nov 17, 2016

Hi DaneA,

thank you for your fast reply and sorry for my late reply ... had to go for an unplanned business trip....

 

Sadly this is not a good news with the hardcoded 4094 on the router. I wanted to use the dedicated WAN-DMZ security features of the router which can be conifgured independently from the other LAN ports. And this in separate VLANs. 

 

Since I am not a VLAN-specialist: Is it secure alternative to simply patch the activated DMZ to another port on the first switch with subnet 176.16..... (in parallel to the standard LAN 192.168... patched on another port on the first switch) and to configure the web-server with a 176.16-DMZ-address? So I have two LANs running on the same physical switches. How is it really from security perspective - compared to a VLAN which segments the network? Any risks which shoudl be considered? (Hopefully I described this comprehensively as "dangerous half-knowing IT guy", as I see myself. :smileyfrustrated: )

 

  • DaneA's avatar
    DaneA
    NETGEAR Employee Retired
    Nov 21, 2016

    Hi Worli,

     

    As I understand your concern, you still want to use the DMZ as part of the VLAN configured on the switches, am I correct?  If ever I am correct, you may enable DMZ on the firewall and use it as part of VLAN 4094.  Be reminded that enabling DMZ exposes the DMZ LAN to the internet.

     

     

    Regards,

     

    DaneA

    NETGEAR Community Team

  • DaneA's avatar
    DaneA
    NETGEAR Employee Retired
    Nov 24, 2016

    Hi Worli,

     

    Let us know if you have questions.

     

     

    Regards,

     

    DaneA

    NETGEAR Community Team

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More