NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
FVS318Gv2 DHCP in DMZ
Can the FVS318Gv2 issue DHCP addresses to both the LAN subnet and a separate DMZ subnet? The idea is that i'd like to create a guest wi-fi and use the DMZ to issue IP Addresses separate from the LAN subnet. The manual indicates that DHCP can be enabled in the DMZ, however, it is not clear if it can be a separate subnet from the LAN subnet. There is a note in the manual on page 3-13 that indicates that the DHCP server in the DMZ should be the same as the LAN IP Addresses. This seems to defeat the purpose a separate DMZ with it's own port. "Note: The starting and ending DHCP addresses should be in the same subnet as the LAN IP address of the VPN firewall (the IP address that is configured in the LAN TCP/IP Setup section of the screen)." Just looking for some clarification. Thanks!
VPN client access to DMZ systems on Netgear ProSafe SRX5308
Greetings, I have Netgear ProSafe SRX5308 with the latest firmware for present moment - 4.3.3-5. I have WAN 1 configured (lets say public IP 7.7.7.7) - it works fine, does not matter for current problem. I have LAN 1 configured for 172.16.0.0/16 local network with 172.16.0.1 IP address for firewall itself. I have DMZ configured for LAN 4 / DMZ port with 192.168.32.0/24 range and 192.168.32.1 IP address for firewall itself. I have couple linux hosts in DMZ zone, since I am working on configuring those no need to access from WAN yet, just from internal LAN. I have created LAN-DMZ Outbound rules allowed PING any-any, SSH any-any, HTTPS any-any, so I can ping, ssh or https to servers in DMZ from my local network. This is working just fine. I am working from home from time to time so I would like to be able to configure those DMZ servers from home, so I configured L2TP server (enabled, set range 172.17.0.1-172.17.0.16, created user). I am able to establish VPN connection from my home, getting 172.17.0.1 IP and able to access any server in my LAN (local network 172.16.0.0/16) but I cannot access / ping any server in DMZ (192.168.32.0/24), even I can ping Netgear IP in DMZ just fine (192.168.32.1). Those DMZ servers have only one IP address in 192.168.32.0/24 subnet (e.g. 192.168.32.10) and default gateway is Netgear IP (192.168.32.1). I cannot find anything on firewall similar to VPN-DMZ rules, only LAN-WAN, DMZ-WAN, LAN-DMZ. I thought VPN users should fail into LAN-DMZ rules, but seems they are:(. Any hints are very welcome. TIA, Andre. I found later next thread similar for my problem https://community.netgear.com/t5/ProSecure-STM-and-UTM-Discussion/VPN-client-access-to-DMZ-systems/m-p/10284#M251 but the answers from moderator is - problem with routing... looks fishy for me. DMZ servers has only 1 IP and default gateway is Netgear Router. VPN clients has default gateway - Netgear router. So this should be nothing extra to configure on "clients" in subnets where Netgear router has interfaces in. You do not have extra routing rules on client to acess LAN from VPN, suppose same way should work to access DMZ from VPN.