Netgear FVX538v1 How to set up a DMZ LAN on the FVX538?
Netgear FVX538v1 - ProSafe VPN Firewall Dual WAN Manual
View all Netgear FVX538v1 manuals
Add to My Manuals
Save this manual to your list of manuals |
Netgear FVX538v1 manual content summary:
- Netgear FVX538v1 | How to set up a DMZ LAN on the FVX538? - Page 1
firmware version 3.0.3-17, and how to use the Multi-NAT function on the DMZ. This article will cover the following features: 1. Enable & configure the FVX538 DMZ port 2. Inbound & Outbound rules for DMZ Topology: Internet Multiple IPs from ISP: 10.180.38.80-10.180.38.85 ProSafe VPN Firewall - Netgear FVX538v1 | How to set up a DMZ LAN on the FVX538? - Page 2
First, assuming our LAN IP and Internet are already connected, we'll need to enable the DMZ. In the Network Configuration->DMZ Setup menu: 1 - Select Yes for Do you want to enable DMZ Port? 2 - Input the if you would like devices on the DMZ to automatically receive IPs from the FVX538 DHCP server. - Netgear FVX538v1 | How to set up a DMZ LAN on the FVX538? - Page 3
After clicking Apply, you should be able to connect devices to the DMZ port (8) on the FVX538. Static addresses given to those devices will be set to the 172.16.0.x subnet with a gateway of 172.16.0.1, which is the router's DMZ IP - Netgear FVX538v1 | How to set up a DMZ LAN on the FVX538? - Page 4
(or port) that you would like forwarded doesn't appear in the Service dropdown, you can create a custom service in the Security->Services menu, after which your new service name will be shown in the Service dropdown list in this screen. 2 - Under Action choose Allow always. 3 - For Send to DMZ - Netgear FVX538v1 | How to set up a DMZ LAN on the FVX538? - Page 5
All other fields can be left as default. When all the information is set, click Apply. The following screen will appear: You can see the information we entered in the previous screen is now displayed in the Inbound Services menu. - Netgear FVX538v1 | How to set up a DMZ LAN on the FVX538? - Page 6
well, this time we'll just tell it to use the same IP that the router is assigned on WAN1: 1 - Under Service choose the service you'd like. In this case we chose HTTP. 2 - Under Action choose Allow always. 3 - For Send to DMZ Server, choose the local DMZ address of the - Netgear FVX538v1 | How to set up a DMZ LAN on the FVX538? - Page 7
When all the information is set, click Apply, the following screen will appear: - Netgear FVX538v1 | How to set up a DMZ LAN on the FVX538? - Page 8
send files to remote servers that require the connection to be from a specific IP, we can change the IP our server reports in the Outbound Services section. Clicking add... under Outbound Services shows the following screen: 1 - Under Service choose FTP 2 - Under Action choose Allow always 3 - Under - Netgear FVX538v1 | How to set up a DMZ LAN on the FVX538? - Page 9
for that. At this point, we have configured the servers to be able to be accessed from the Internet. By default, LAN users can initiate connections to the DMZ (but DMZ can't initiate connections to the LAN), so we don't need to add anything else.
How to set up a DMZ LAN on FVX538?
This document describes how to set up a DMZ LAN on the FVX538 firmware version 3.0.3-17, and how
to use the Multi-NAT function on the DMZ.
This article will cover the following features:
1.
Enable & configure the FVX538 DMZ port
2.
Inbound & Outbound rules for DMZ
Topology:
Internet
ProSafe VPN Firewall Router
MODE L
FVX538
Auto
Uplink
Factory
Defaults
CONSOLE
Speed
Link/Act
Gigabit
Active
Link/Act 100
Active
Link/Act 100
WAN1
WAN2
Power
Test
Link/Act 100
LAN
8
4
5
1
100M
10M
1
2
3
4
Normal/Uplink
Power
5
6
7
8
9
10
11
12
13
14
15
16
Blink=Act
Auto 10/100 Mbps
192.168.1.x
172.16.0.20
172.16.0.80
DMZ: 172.16.0.1
WAN: 10.180.38.80
LAN: 192.168.1.1
Multiple IPs from ISP: 10.180.38.80-10.180.38.85
FVX538
Firmware: 3.0.3-17
Note: There is a FS116 (16-port switch) connected to the FVX538 in this diagram so that multiple
servers can be a part of the DMZ
We have been given multiple static IP addresses from our ISP which range from 10.180.38.80-
10.180.38.85 (obviously imaginary). We would like our FTP server (local IP 172.16.0.20) to be accessed
from the public IP of 10.180.38.82, and our HTTP server (172.16.0.80) to be accessed from the public IP
of 10.180.38.80
, which is also our router’s public address
. We would like our local users (192.168.1.x) to
be able to access the FTP and HTTP service of those servers. LAN user-initiated access to the DMZ is
enabled by default (but DMZ-initiated access to the LAN is blocked by default), so we will not need to
add any LAN DMZ rules to allow Local User access. They can access the servers through their DMZ IPs of
172.16.0.x.