This topic has been marked solved and closed to new posts due to inactivity. We hope you'll join the conversation by posting to an open topic or starting a new one.
How can I change the DMZ VLAN-ID from 4094 to any other, lower ID (e.g. 4093)
My router is on frrmware version 4.3.4-1 and I recently reactivated the DMZ. Next to the router I have a Netgear GS108PEv3-Switch (firmware 2.00.08) and in the following several Netgear GS108T (firmware 5.4.2.22) and a Planet GSD-800 Switch. On the last GS108T I have a Debian-Server and a ReadyNAS 310 which should be connected to the DMZ with always one of their LAN-Adapters
The router has (hard coded?) VLAN-ID 4094.
On the Netgear GS108PEv3 it is possible to setup a VLAN with ID 4094.
All other Netgear GS108T and the Planet GSD-800 are limited to VLAN IDs from 1 to 4093.
Is it possible to change the DMZ VLAN-ID on the Router? May be via telnet? Or does somebody of you have some other ideas/workarounds?
Re: How can I change the DMZ VLAN-ID from 4094 to any other, lower ID (e.g. 4093)
Hi Worli,
We’d greatly appreciate hearing your feedback letting us know if the information I’ve provided has helped resolve your concern or if you need further assistance. If ever your concern has been resolved, I encourage you to mark the appropriate reply as the “Accepted Solution” so others can be confident in benefiting from the solution.
The NETGEAR Community looks forward to hearing from you and being a helpful resource in the future!
Re: How can I change the DMZ VLAN-ID from 4094 to any other, lower ID (e.g. 4093)
Hi DaneA,
thank you for your fast reply and sorry for my late reply ... had to go for an unplanned business trip....
Sadly this is not a good news with the hardcoded 4094 on the router. I wanted to use the dedicated WAN-DMZ security features of the router which can be conifgured independently from the other LAN ports. And this in separate VLANs.
Since I am not a VLAN-specialist: Is it secure alternative to simply patch the activated DMZ to another port on the first switch with subnet 176.16..... (in parallel to the standard LAN 192.168... patched on another port on the first switch) and to configure the web-server with a 176.16-DMZ-address? So I have two LANs running on the same physical switches. How is it really from security perspective - compared to a VLAN which segments the network? Any risks which shoudl be considered? (Hopefully I described this comprehensively as "dangerous half-knowing IT guy", as I see myself. )
Re: How can I change the DMZ VLAN-ID from 4094 to any other, lower ID (e.g. 4093)
Hi Worli,
As I understand your concern, you still want to use the DMZ as part of the VLAN configured on the switches, am I correct? If ever I am correct, you may enable DMZ on the firewall and use it as part of VLAN 4094. Be reminded that enabling DMZ exposes the DMZ LAN to the internet.
)
