Discussion in 'Cisco Small Business Routers and VPN Solutions' started by eaguilac, Mar 17, 2010.
RV042 could manage 5 Public IPs ???
Yes, with one-to-one NAT. The option is to assign private range begin, public range begin, and range length.
wan port 2 - one-to-one nat
It's possible that if i use wan port 2 ?? (wan/dmz)
You can instead use DMZ for the 5 public IPs if you wish. The DMZ option also has a range configuration.
Or use WAN port 2 as a WAN and use one-to-one NAT as previously described. Note: one-to-one NAT does change the way the firewall functions. Full access to those machines on LAN will be permitted from internet unless rules are made.
- If i use DMZ on WAN port 2 , the configuration of router doesn't change ?
- If i use DMZ on WAN port 2 and i have 5 Publics IPs, the router use the first of my IPs ?
(i could use only 4 IPs on my servers ? )
By default, the router is setup for dual WAN, you have to change it to DMZ. DMZ rules apply of course.
If using DMZ, the router doesn't use a public IP, you get all 5 for servers. You will need a switch/hub connected to the DMZ port for the servers.
When using one-to-one NAT, the router is in Dual WAN mode and would then require the 1st public IP to be used by the router, use the remaining 4 for servers on the LAN.
dmz - one-to-one NAT
Now it's clear.
DMZ - firewall
sorry, one more thing
DMZ no pass for the firewall ??
What is the diference in conect into DMZ port or conect direct into a Switch/Hub ??
I couldn't control acces port, for ex.?
DMZ need public ip
and continue with this :
- DMZ mode use with only 1 WAN ??
- DMZ need public ip ??. That apear in web console :
X Subnet Range (DMZ & WAN within same subnet)
Specify DMZ IP Address: . . . (wath address put here ??)
Subnet Mask: . . .
(DMZ no pass for the firewall ??) When using DMZ, the router firewall is bypassed. Port access is controlled on the server.
(What is the diference in conect into DMZ port or conect direct into a Switch/Hub ??) If you plug in a server into the DMZ port, you can't plug anything else into it. If you are using a range of public IP's with DMZ, you will need some way of getting more ports, that's what a switch would be for.
(DMZ mode use with only 1 WAN ??) You can use the router for DMZ only if you wish. If you have another WAN connection from ISP, you can use WAN1 while DMZ is being used to give internet access to LAN users.
(DMZ need public ip ??) Yes, DMZ needs an assigned public IP from ISP.
You input the IP address and subnet assigned by the ISP into the DMZ fields.
[(What is the diference in conect Switch/Hub into DMZ port or conect direct into a Switch/Hub ??)]
I refer a security terms ?
[(DMZ mode use with only 1 WAN ??) You can use the router for DMZ only if you wish. If you have another WAN connection from ISP]
I question that because i have 2 WAN connection from 2 diferent ISP:
1 WAN with Dinamyc IP (actually in use with Forwarder ports)
1 WAN with 5 Fixed IPs (new)
and i need see wath way i use the Router
[, you can use WAN1 while DMZ is being used to give internet access to LAN users.]
That is in mode Dual Wan ??
Within the help menu in the router, it reads that servers in the DMZ are protected from attacks such as SYN flooding. So there is some firewall protection going on in the router for DMZ, but you'll still want something on the server itself for security. There really isn't any security difference between connecting 1 server to the DMZ port and putting a switch/hub on the DMZ port. A switch/hub is just so you can put more than 1 server on the DMZ port. If you have more than 4 devices for LAN, you'll need a seperate switch/hub for use on the LAN to expand those ports since the RV042 has only 4 ports for LAN.
If you are going to use DMZ for your servers, set the router for DMZ mode. You can still use WAN1 for your dynamic IP just like you are now for internet access for the LAN. You may want to double check all your forwarded ports to make sure they are still there if you do switch it to DMZ.
rv042 2 wans
oh, i refer
(the diference in conect Switch/Hub into DMZ port or conect direct into a Switch/Hub )