DMZ LAN port config

Question

I'm trying to add my business WiFi system to the DMZ port on my switch. This will, hopefully, provide me an "admin" port into the WiFi system without giving access to the Internet through a particular WAN connection.

According to the tech doc, access to the WAN port is blocked by default. Essentially the same rule exists, by default, for the LAN ports. If I want to grant access between LAN ports and the DMZ I have to ALLOW that access by service.

The services I want to grant access to and from are simple, http and https. I've added the rules to allow both inbound and outbound access to those services but I am, yet, to get access. The port I've defined for the DMZ port is 192.168.1.101 with a subnet mask of 255.255.255.248. The device uses IP address 192.168.1.3 with a subnet mask of 255.255.255.0. I suspect this disparity is where my problem exists. The 101 IP address for the WAN port is outside the range for DHCP addressing as specified in the doc. The switch would not allow me to use the 255.255.255.0 subnet mask.

I'm not a switch tech. This is confusing to me. Can someone advise?

Larry

JohnRo · Answer

Hi&nbsp;lpasekof,&nbsp;

&nbsp;

Did you create firewall rules for the business AP? Is there a way you can PM a screenshot of the firewall rules you have created? Are you trying to isolate the WiFi network from the LAN or is it just for the management of the system?&nbsp;

&nbsp;

Thanks,

JohnRo · Answer

Hi&nbsp;Larry,&nbsp;
&nbsp;
I'm thinking VLANs would be the much appropriate approach on this, but your device does not support&nbsp;VLANs. I'll try to see how DMZ will be applicable.&nbsp;
&nbsp;
I'll get back to you.&nbsp;
&nbsp;
Thanks,

Forum Discussion

DMZ LAN port config

2 Replies

Related Content

DMZ and port forwarding at the same time

Vlan config

CAX80 v5.1.1.8 Firewall Blocking HTTPS API Traffic - DMZ Confirmed

Sfp port

GS308EP VLAN Config Assistance

NETGEAR Academy

ProSupport for Business