Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations John Tel on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

What is a DMZ?

Status
Not open for further replies.
sarta

sarta

Programmer
Nov 3, 2006
29
I have a sunrocket voip adaptor (called a "gizmo") and a emachines computer connected behind a belkin consumer grade 4 port router.

The "gizmo" has a single LAN port and runs DHCP and NAT for the computer on the LAN side, and I have a Dell computer connected to that.

The Dell gets an ip of 192.168.251.100 from the gizmo, and is running a webserver. I want to be able to hit that webserver from the aforementioned emachines computer.

Lets pretend the gizmo does not offer port forwarding, because I want to take advantage of the gizmo's DMZ functionality. So I log into the gizmo web utility from the Dell, and enter the Dells IP (192.168.251.100) in the textbox that is titled "DMZ IP address", and I click "save changes".

My question is: Doesn't being in the DMZ mean that I should be able to telnet directly to the dell from the emachines on port 80, since the dell has a webserver running on port 80? Its not working, and I think either (1) the gizmo's DMZ function doesnt work, or (2) it is not sufficient to just click "save changes" to activate the computer in the DMZ, or (3) I don't understand what a DMZ is.

By the way, getting the dell into a DMZ may not achieve what I want, but what I ultimately want is for me to be able to type "ping emachines" on the dell, and for the dell to resolve the emachines machine by sending a netbios broadcast query. I understand netbios broadcasts only work on the subnet, and I want to make the dell's netbios queries to be broadcasted across the belken router's LAN, not the LAN behind the gizmo, and I was thinking it might be a solution to put the dell in the DMZ of the gizmo.
 
Sort by date Sort by votes
Hi

Some more info would be handy.

What is the IP address of all devices.

Dell = 192.168.251.100
Emachines = ????
Gizmo = ?????

This would help us draw it out. Also tell us if you want the web server to be seen out on the Internet.

To answer your DMZ question - A DMZ (De-miltiterised Zone) is like a slang term which is now common place. Its the Zone stuck between the wild Internet and your safe Lan (sort of like that area between North and South Korea) - I belive this is were the term came from.
To put it in other words looking from the Internet into your Lan - Internet -> Firewall\Router -> DMZ -> Firewall -> Lan.
The DMZ is were companies put there Web server and mail gateways - they are partly protected because they only onpen the ports that are needed for each device, ie Port 80 and Port 443 for Web and Port 25 for mail gateways. Normally other ports would be blocked unless needed and themore ports that are open then the chances of your DMZ being compromised. Once an attacker has compromised a server in the DMZ he can then use that platform to scan for open ports in the rear firewall which is what is protecting your lan.

Hope this helps


Dave


 
Upvote 0 Downvote
Thanks for your reply... The dell webserver does not need to be visible from the internet.

Dell = 192.168.251.100 (assigned by gizmo router)
Emachines = 192.168.2.29 (assigned by belkin router)
Gizmo = 192.168.2.28 (assigned by belkin router)

I can also open port 80 on the gizmo router, however I want to try putting in the DMZ first to see how that works.

Shouldn't I be able to connect on port 80 to the Dell from the emachines if the Dell is in the DMZ?
 
Upvote 0 Downvote
Hi Sarta


Thanks for the extra Info.

You should be able to connect on port 80 to the Dell from the emachines if Gizmo router alows port 80 thru. I am not sure what the DMZ setting is trying to do - it may be just that. Does either the Dell or the emachines have more than one nic card ? If so then you will need to add a route on the machine, other wise see if there is a route or a route switch to allow you to route from 192.168.2.29 to 192.168.251.100 - The DMZ setting may be attempting this, just not sure - there may be other settings on the Gizmo regarding which protocols and port you want to open on the Gizmo. ie If opening port for mail then you would want to allow smtp on port 25 - in your case you want to allow http on port 80 - just check for this in addition to the DMZ setting as it would be very rare that you just set one switch and magic all the ports you want are automatically opened, as this would not be secure.
See if there is a ICMP protocol as well, this is for ping packets and will help you alot in getting conected.
Its good you go the DHCP working for both segments, as a test ping each of your routers to ensure proper connectivity. ie from the dell ping its side of the Gizmo which is offering the dhcp address ( possibly 192.168.251.1) , from the emachines ping the Gizmo and the belkin router - all should respond
you can check all your gateways that they are on the same segment by typing IPCONFIG /ALL - this will give you your IP, MASK and Gateway - in your case you gateway for your dell is Gizmo - here is an important point - th Gizmo will have two IP addresses - one in this segment 192.168.2.xx and another in the 192.168.251.xx segment or atleast it should.
I have not heard of a Gizmo before, but add its model number of the device so all here can Google it if need be. We should be able to get to the bottom of it as many of us run a similar setup, just with different hardware.
You mentioned the port forwarding earlier, I think this may be where you need to allow port 80 thru to the dell. ie You are allowing port 80 to forward thru your firewall\router.


Hope this helps,

Dave


 
Upvote 0 Downvote
Actually, because you are using two routers within your local LAN, it seems to me that you must set-up routing between the 2 routers.

Your Belkin router may not automatically understand where to route packets destined for your Dell machine because you haven't told the Belkin router that traffic destined for the Dell machine should be routed through the Gizmo router.

If you look in the documentation on the Belkin router it may have the information you need for setting up what I like to call "static routes". If you have trouble with this, just provide the model number for your Belkin router and I'll see if I can look up the information for you.

Good luck.
 
Upvote 0 Downvote
Thanks for the responses. I verified that the "gizmo" does not really create a DMZ like it says, so its DMZ setting should be removed from the menu. I put another SOHO router in its place to verify that a DMZ functions as I expected, which is to remove the firewall so that all ports are open.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

KenMeans
  • Locked
  • Question
DNS Issues with wireless router behind Atlantic Broad band Business Modem
Replies
0
Views
10K
KenMeans
KenMeans
dl12345
  • Locked
  • Question
IPV6 related issue on bind 9.16.1 on Ubuntu 20.04
Replies
1
Views
10K
dl12345
dl12345
Nick Ellson
  • Locked
  • Question
Bind9 with RPZ and local forwarding zones?
Replies
1
Views
10K
Nick Ellson
Nick Ellson
Blind Faith
  • Locked
  • Question
Bind9 master insisting on checking NS at root
Replies
5
Views
11K
YoBo7
YoBo7
alpha76
  • Locked
  • Question
Advice on DNS setup/configuration
Replies
3
Views
11K
technome
technome

Part and Inventory Search

Sponsor

Back
Top