RV082 - DMZ Wackiness

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by decker12, Aug 10, 2006.

  1. decker12

    decker12 LI Guru Member

    Hey gang, glad to see this forum exists as I have nothing but headaches with this brand new 2 day old RV082. It's not in a production environment, just in a test environment for now.

    First and foremost, which will determine immediately if it goes back to Fry's, is that I can't get the DMZ port working.

    Firewall is completely disabled.
    Dual-WAN is set to DMZ.

    Router's WAN address is something like, SN:

    DMZ setting only works with "Subnet". If I select "Subnet" and fill in a single IP (, I can ping that IP (a Windows 2003 Server) from the outside.

    Its a Windows 2003 server, all internal firewall turned off. However, I cannot use Remote Desktop to administer the server when it's in the DMZ port. I take the cable out of the DMZ and put it back on the WAN in front of the RV082, and I can Remote Desktop to it fine. Again, all firewall and protection features of the RV082 are disabled.

    Next, If I put the DMZ selection on "Range", which is what I eventually need to do as I want to put .11-.15 ALL in the DMZ port, I no longer can ping .11. Obviously I can't Remote Desktop to it or anything. It's like selecting "Range" completely disables the DMZ port.

    I have used the 1.3.2 firmware that it came with. A few minutes ago, I upgraded to the beta firmware found on these forums to see if it fixed the DMZ problem, which it didn't.

    Also, when I use the web browser to go to the DMZ port (containing the Windows 2003 server @, I get the Linksys router, not the web server that's sitting on that Windows 2003 server. Perhaps I'm missing something conceptually about how the DMZ port should work. I figured I plug something into the DMZ port and it's as good as being in a hub that's in front of the router, except I get some basic protection (syn flood, etc) from the RV082. So.. why is the router showing up at when it should be that Windows 2003 server?

    Thanks for any advice!
  2. Toxic

    Toxic Administrator Staff Member

    thie DMZ feature is a True DMZ. not like most routers just open ports in firewall for the DMZ IP.

    as the helpfile states:

    I would at a guess think the DMZ needs a different IP address than your WAN1 ports IP address.

    so you need 2 External IP addresses. One for the DMZ and one for your WAN port. if you cannot do this, then put the Server on a LAN port. port forward WAN1 port 80 traffic to the Server's LAN IP address.
  3. Toxic

    Toxic Administrator Staff Member

    btw what subnet are you using?
  4. decker12

    decker12 LI Guru Member

    Now I'm a bit confused - let me instead paint the picture of what I need to happen, and perhaps you could suggest the correct configuration.

    The router WAN IP is set to

    Server 1 is Needs SMTP, HTTP, FTP, Remote Desktop.

    Server 2 is Linux box. Needs *separate* SMTP, HTTP, FTP.

    Server 3 is Development web server. Needs it's own HTTP.

    The WAN IP and Public IPs for the above servers are all on the same subnet.

    My initial logic was to do this:

    Hook up a switch, plug .11 to .13 into the switch, plug the switch into the DMZ. Incoming traffic hits the RV082 first, gets protected against SYN flooding and other attacks, heads off to the DMZ and then to it's publically accessible servers.

    Naturally .11 to .13 have no firewall protection of their own, short of the built in Windows software firewall. That's another bridge to cross.

    Ideally, I'd be able to put ALL the servers behind the RV082 firewall. I used to be able to do that with my old Sonicwall VX PRo using One to One NAT. My initial attempts to setup One-to-One NAT on this router were unsuccessful - no traffic was being translated, and as soon as I turned it on, I couldn't access the router's administration pages via it's public IP anymore (even though I had all security and firewall turned off).

    But regardless, the DMZ issue is my first obstacle. I realize that my basic solution is to just ignore the DMZ port and put a switch in front of the router, and then place all the server's external IP NICs to that switch.

    However, if I have to develop work arounds because I can't seem to get the DMZ working right, and then I can't seem to figure out why the One-to-One NAT isn't working right, then naturally I start to wonder what other curve balls this device is going to be throwing my way, especially one I start screwing with the VPN capabilities.

    Thanks again for any advice you may have!
  5. Toxic

    Toxic Administrator Staff Member

    well thats a nice set of guides and i would agree your layout "SHOULD" work.

    the firewall could come in the way of a new box running m0n0wall (Free and brilliant) with 3 nics in it.

    problem is i cannot see how using as a server on the DMZ and DMZ is set for that it then gets redirected to the WAN of the router.
  6. cable_guy

    cable_guy LI Guru Member

    We're having the same problem with a RV082, the DMZ just doesn't appear to work as it should. VPN, LAN, Firewall and NAT are all fine though.

    Did you get your multiple servers to work on the DMZ in the end?
  7. decker12

    decker12 LI Guru Member

    I've sadly given up on the DMZ for the time being. Having another big problem which I'll post in the forums shortly...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice