NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

eetee's avatar
eetee
Aspirant
Apr 19, 2019

Allow wired server to communicate with Guest Network (R6220)

 I have: - a R6220 router running the V1.1.0.86_1.0.1 firmware - a NAS connected to the network via a cat6 cable. - the Guest Network is enabled and is isolated from the rest of the network  ...
eetee's avatar
eetee
Aspirant
Apr 19, 2019
antinode wrote:

   I know nothing, but it's not obvious to me that "making the NAS the
DMZ server" would allow isolated guest devices to access it.  It _would_
allow incoming connections to the NAS from the outside world.

Presumably if the outside world can communicate with the NAS unhindered, then anything connected to the Guest Wifi can as well...

This is less than ideal though.

Ideally the interaction between the all my devices/servers on my network with the internet remains unchanged, but the NAS can communicate with guests.

antinode's avatar
antinode
Guru
Apr 20, 2019

> Presumably if the outside world can communicate with the NAS
> unhindered, then anything connected to the Guest Wifi can as well...

 

   _You_ might presume that, but I wouldn't.  Again, with no actual
knowledge, I'd expect the DMZ implementation to resemble a broad
port-forwarding rule, and the guest-network restriction to be a
firewall-like rule.  Although a rational policy might treat these cases
similarly, I would expect the actual implementations of these features
to be quite independent.  An experiment ought to resolve the question of
whose guess is better.

 

> Ideally the interaction between the all my devices/servers on my
> network with the internet remains unchanged, but the NAS can communicate
> with guests.

 

   I understand what you want, but the NAS just another device on your
LAN.  Either a guest can communicate with a device on your LAN, or it
can't.  And that (I claim) is independent of how the outside world can
communicate with a device on your LAN.

  • eetee's avatar
    eetee
    Aspirant
    Apr 20, 2019

    That's all fine...

    At this point I want to avoid placing the NAS on the DMZ. If there are no other solutions, I will probably experiment then, but right now I like to see if there are other potential solutions.

     

    Another potential solution I think could work is setting up some VLANs (e.g. default, NAS and guests) and using static routes so that default can talk to NAS, guests can talk to NAS but default and guests can't talk to each other...

    However, I am unsure if this will work and if it does I would appreciate some guidance to do so.