Server in DMZ

Question

Hi Everybody,&nbsp;i want to have a server separated from my other network. I think the best is to have this in a DMZ (correct me if i'm wrong). I have a FritzBox 7490 (Modem&amp;WiFi&amp;Router), a GS108E and a FVS318G.&nbsp;I've tried to have&nbsp;My current connection is FritzBox -&gt; GS108E -&gt; FVS318G. This separates into 2: Network 1 (FritzBox, GS108E including WiFi) and Network 2 FVS318G. From 2 i can connect 1 and internet. From 1 i can connect 1 and internet, not network 2. This is not the best solution because the internal WiFi is always reachable. Now my idea was to enable the DMZ port (network 3) and configure some rules, i've add a rule ro allow all outbound connections but here issues starts, i cannot connect to the internet. I thought this should be possible, or?&nbsp;Maybe i've missed something in the whole setup and there is an other config possible.&nbsp;Any help would be appreciated.Best Mario&nbsp;

developerNoAdmi · Answer

Maybe i can answere myself. I've forget one rule. Now i have a rule allowing everything outbound and a second blocking my home network. Is this enough? I think this is also possible without the dedicated DMZ port, right?

DaneA · Answer

Hi&nbsp;developerNoAdmi,
&nbsp;
Welcome to the community! :)&nbsp;
&nbsp;
Is it possible that you configure the Fritzbox 7490 as a modem-only device? &nbsp;Here is what I suggest: &nbsp;configure the&nbsp;Fritzbox 7490 as a modem-only device then connect it to the WAN port of the FVS318G. &nbsp;In this way, the FVS318G will be the main firewall router wherein the WAN IP Address will be registered to it. &nbsp;The FVS318G supports LAN Multi-homing wherein you can add a secondary LAN IP Address. &nbsp;You will be able to have your server be on a different network by connecting it to the secondary LAN. &nbsp;Be reminded that if ever the Fritzbox 7490 will be set as modem-only device, its WiFi capability will not be in usable. &nbsp;You will need an access point to be directly connected to the FVS318G for wireless connection.&nbsp;
&nbsp;
About LAN Multi-homing, read pages 3-10 to 3-11 of the FVS318G reference manual&nbsp;here.
&nbsp;
&nbsp;
Regards,
&nbsp;
DaneA
NETGEAR Community Team

developerNoAdmi · Answer

Hi DaneA,&nbsp;yes i think this is the usual way. But is there anything against my current approach, just blocking the home network? Would be nice not to have one more device running 24h a day...&nbsp;Thank you in advance.Mario

DaneA · Answer

Hi&nbsp;developerNoAdmi,

&nbsp;

As per my suggestion, we need to avoid a Double NAT situation (having a router behind a router) because that might affect the performance of the internet connection. &nbsp;You might want to consider using VLANs. &nbsp;VLANs enables you to logically group end-stations and enhanced network security. &nbsp;The FVS318Gv2 supports VLANs. &nbsp;To know more about FVS318Gv2, access the links below:

&nbsp;

ProSAFE VPN Firewall Series Data Sheet

&nbsp;

FVS318Gv2 FAQs

&nbsp;

Regards,

&nbsp;

DaneA
NETGEAR Community Team

DaneA · Answer

Hi&nbsp;developerNoAdmi,

&nbsp;

Let us know if you have further questions. &nbsp;:)&nbsp;

&nbsp;

Regards,

&nbsp;

DaneA

NETGEAR Community Team

&nbsp;

Forum Discussion

Server in DMZ

7 Replies

Related Content

Doppeltes NAT (DMZ) mit DGND3700Bv2

NETGEAR Orbi DMZ

R7000 PS4 Speed/DMZ issues

Netgear srx5308 DMZ

Dhcp server block

NETGEAR Academy

ProSupport for Business