1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

RV016, DMZ work for anyone?

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by spicyjeff, Aug 24, 2006.

  1. spicyjeff

    spicyjeff LI Guru Member

    I've seen one our two posts here and there about people not able to get the DMZ port on the RV016 to work. Described by others and experienced by me the same, what happens is that the machine using the DMZ port can be seen from the LAN side but cannot connect to the WAN nor is it seen from the Internet.

    So has anyone gotten the DMZ port feature to work? An if so, mind to share some of your configuration details? Thanks.
     
  2. Toxic

    Toxic Administrator Staff Member

    you do have a public IP address provided from your ISP for the DMZ only yes?
     
  3. spicyjeff

    spicyjeff LI Guru Member

    Yes, we have a range of 16 static IPs and the RV016 has been operating on one for almost a year. I have tested the static IPs and the network configuration with a laptop and the other IPs and subnet do work.

    However the confusion (and I call it that because of lack of documentation or feedback in the RV016) comes when setting up the DMZ port. The DMZ port configuration screen just has two fields. One labeled "IP Address" and the other labeled "Subnet". Now I assume it wants the static IP and subnet from our ISP, so I plug them in and the DMZ machine can be seen from the LAN but the DMZ machine does not route over the WAN. Doesn't seem to be any gateway or anything, might as well not even be plugged in as far as it is concerned.

    Current setup (false IPs):

    WAN: 10.0.0.194, subnet: 255.255.255.240
    LAN: 192.168.1.1, subnet: 255.255.255.0
    DMZ: 10.0.0.195, subnet: 255.255.255.240
     
  4. Toxic

    Toxic Administrator Staff Member

    it says a Publishable IP address, the 10.x.x.x IP range is not. thats private I guess it maybe affecting the DMZ then
     
  5. pablito

    pablito Network Guru Member

    I can't confirm one way or the other but a few questions:
    Assuming that your actual WAN/DMZ IPs are true public and routable IPs do the subnets overlap or are they distinct (needing unique gateways)?
    Your sample subnets are overlapping.
    My RV082 has two options for DMZ:
    Subnet & Range (DMZ & WAN within same subnet)

    I'm assuming that the Subnet option (default) acts like a classical DMZ that has to route via the WAN IP.
    The Range option would be more like additional IPs on a single NIC or multiple NICs that route via the main default gateway.

    (just another thought, if the subnets are different then it is possible to have the multiple subnet problem reported eslewhere)
     
  6. spicyjeff

    spicyjeff LI Guru Member

    Yes, I am aware of that. That is why I noted in my post that they were "false IPs" since I did not feel like pubishing our actual public IPs.
     
  7. spicyjeff

    spicyjeff LI Guru Member

    They are the same subnet. The Public subnet is (false IPs again) 10.0.0.192-207 with a subnet mask of 255.255.255.240. The .192 and the .193 are reserved by out service provider with .192 being their router and .193 being our ethernet gateway while .207 is the broadcast address for the subnet. So we are using the next available IP, .194 for the RV016 router/firewall which is the gateway for our internal LAN. That leaves .195-.206 open and I was trying to configure one of those public IPs in the RV016 as the DMZ port IP.

    Unfortunately the RV016 seems to be lacking in this area as with the latest firmware there are only two fields in the DMZ port configuration area. One for an IP Address and the other for a subnet, without much further explanation.

    I'm not quite sure I follow you here, but I did try different subnets in the RV016 DMZ port configuration screen and none of them worked. Basically the DMZ then had no connectivity even from the LAN side, where as with the .240 subnet (same as the WAN port) the DMZ could at least be seen from the LAN side. So it looks like the measly configuration screen on the RV016 might be attempting to be the same as the subnet option on the RV082.
     

Share This Page