NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
SRX5308 : Load balancing & DMZ problem
Hello,
I have an easy setup :
2 dynamic IP address WAN1, WAN2
Load Balancing Round robin enabled.
DMZ activated
One Firewall rules WAN-> DMZ allow traffic port 80 to a DMZ machine.
If Load balancing is enabled; the traffic sometimes goes to the DMZ machine, sometimes not....:confused:
However, If Load Balancing is NOT enabled the incoming 80 traffic DOES go to the DMZ machine....
Seams that the LOAD balancing is incompatible with inbound redirect to DMZ interface.
Another Test : if DMZ interface is not enabled and load balancing enabled; and we create a new rules to forward incoming HTTP traffic to a LAN interface ; it works perfectly.
So Again what is the issue with the DMZ interface ?
Any suggestions ?
Big Thanks to the community and Netgears
Kind regards;
David
I have an easy setup :
2 dynamic IP address WAN1, WAN2
Load Balancing Round robin enabled.
DMZ activated
One Firewall rules WAN-> DMZ allow traffic port 80 to a DMZ machine.
If Load balancing is enabled; the traffic sometimes goes to the DMZ machine, sometimes not....:confused:
However, If Load Balancing is NOT enabled the incoming 80 traffic DOES go to the DMZ machine....
Seams that the LOAD balancing is incompatible with inbound redirect to DMZ interface.
Another Test : if DMZ interface is not enabled and load balancing enabled; and we create a new rules to forward incoming HTTP traffic to a LAN interface ; it works perfectly.
So Again what is the issue with the DMZ interface ?
Any suggestions ?
Big Thanks to the community and Netgears
Kind regards;
David
4 Replies
- Question... Why, if you have the webserver in the DMZ, do you have/need to forward port 80 - the norm is to use the DMZ to perhaps "fully expose" whichever system is in the DMZ to the internet. Your rule(s) maybe the cause of your issues.
- Hello Fordem,
Thanks again for your reply,
To answer your question I had to create a rule to allow incoming traffic on port 80 to a specific machine running in the DMZ zone. This is a normal behaviour. If I do not apply this ; then no traffic is going to my web server.
Having said that; the configuration works perfectly under LAN and load balancing enabled. However with the DMZ interface enabled things goes wrong; If there is not other comment; I will report it to Netgears support team.
If you have any other suggestion; let me know.:):):)
David - I have had problems with the DMZ port also. I placed a few VoIP phones on the DMZ port, configured the port and errrrr - VoIP phones stopped working. When I turned off the DMZ port and had it configured as a LAN port, then they work fine. So it would be GREAT TO KNOW EXACTLY what the DMZ port is doing. I haven't found any documentation that goes into that kind of detail and depth.
Hi.
Sorry for my bad english. Hope you understand what I mean :)
My setup is like Davids and im having the same problem.
I have a edge transport server in the dmz and have made a firewal rule WAN->DMZ on port 25 and selected wan destination ip adress to "WAN1"
We can say that my ip on wan1 is 10.0.0.1 and wan2 is 10.0.1.1
When I check my 25 port with open port check tool it sometimes is open and sometimes is closed.
If I check port 25 on 10.0.0.1 and 10.0.1.1 then I can see that port 25 is open sometimes on wan1 and sometimes on wan2 even if I selected wan1 in the firewal rule.
If i check other ports in the lan-wan firewall it always stays on wan1.
My problem is that I want port 25 to stay open on wan1 :)
My firmware version is 4.3.3-5
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
