1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

DMZ NAT on an RV042

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by walpoledan, Aug 9, 2005.

  1. walpoledan

    walpoledan Network Guru Member

    I think that I've been under an incorrect impression regarding the way that the DMZ will work on an RV042 but I'm hoping that somebody here can tell me one way or the other.

    I'm setting up a small network for a client. They have a person that they give internet access to but who the don't trust particularly. I need to allow that person to share their internet access but not to have access to their internal LAN. My solution to that has been to hang their stuff off a DMZ port and segregate it that way.

    However, it looks like this isn't going to work for me with the RV042, at least if tech support is correct. They are saying that I can only do 'one to one' NAT (or perhaps just address forwarding) to hosts on the DMZ, not get hosts in the DMZ NAT-ed along with the hosts in the LAN using the single WAN IP address on the device. Since I have only one DHCP address on the device I'm pretty much SOL. Does that sound correct or am I missing something with this box?

    Thanks very much for any help and I'll be happy to provide config details if they're requested
  2. morpheme

    morpheme Network Guru Member

    Not sure if this applies to the RV042 but works on the RV082

    You need to use the VLAN feature.

    You can set which LAN ports belong to which VLAN, and each VLAN can talk to the WAN, but not to each other.

  3. walpoledan

    walpoledan Network Guru Member

    Re: Not sure if this applies to the RV042 but works on the R

    Thanks Andy but I think that it won't work in the RV042. At least a quick search of the manual gave me no hits for 'vlan' so I'm assuming it's not a feature of this box. Perhaps I'm not looking for it correctly though?

    I'm pretty surprised that they wouldn't have made it at least an option to do masquerading NAT for both the DMZ and the LAN at the same time. Perhaps it's not as common as I think that it is but I use it on my bigger firewalls all the time and the cruddy DFL-80 that this box was to replace does it with no issues (The DFL-80 is dog-slow, minimally configurable and well... I hate it... so it's on the way out :thumbdown:).
  4. morpheme

    morpheme Network Guru Member

    Looks like you're right...

    On the RV082, between 'System management' and 'Firewall' there's a tab labelled 'Port Management', which is where you set it up.

  5. TazUk

    TazUk Network Guru Member

Share This Page