NETGEAR FVX538v1 - ProSafe VPN Firewall Dual WAN Setup Manual
How to set up a dmz lan on the fvx538?
Hide thumbs
Also See for FVX538v1 - ProSafe VPN Firewall Dual WAN:
- Planning manual (26 pages) ,
- Configuration manual (8 pages) ,
- Specifications (2 pages)
Advertisement
Quick Links
How to set up a DMZ LAN on FVX538?
This document describes how to set up a DMZ LAN on the FVX538 firmware version 3.0.3-17, and how
to use the Multi-NAT function on the DMZ. This article will cover the following features:
1. Enable & configure the FVX538 DMZ port
2. Inbound & Outbound rules for DMZ
Topology:
Multiple IPs from ISP: 10.180.38.80-10.180.38.85
Internet
WAN: 10.180.38.80
LAN: 192.168.1.1
192.168.1.x
Note: There is a FS116 (16-port switch) connected to the FVX538 in this diagram so that multiple
servers can be a part of the DMZ
We have been given multiple static IP addresses from our ISP which range from 10.180.38.80-
10.180.38.85 (obviously imaginary). We would like our FTP server (local IP 172.16.0.20) to be accessed
from the public IP of 10.180.38.82, and our HTTP server (172.16.0.80) to be accessed from the public IP
of 10.180.38.80, which is also our router's public address. We would like our local users (192.168.1.x) to
be able to access the FTP and HTTP service of those servers. LAN user-initiated access to the DMZ is
enabled by default (but DMZ-initiated access to the LAN is blocked by default), so we will not need to
add any LAN DMZ rules to allow Local User access. They can access the servers through their DMZ IPs of
172.16.0.x.
ProSafe VPN Firewall Router
Link/Act 100
1
Link/Act 100
Link/Act 100
P ower
5
A cti ve
A cti ve
T es t
W A N1
W A N2
FVX538
Firmware: 3.0.3-17
4
Gigabit
Link/Act
S peed
8
CONS OLE
LAN
DMZ: 172.16.0.1
Auto 10/100 Mbps
FS116
FAST ETHERNET SWITCH
Power
1
2
3
4
5
6
7
172.16.0.20
MODE L
FVX538
Auto
Uplink
Fac tory
Defaults
Blink=Act
100M
8
9
10
11
12
13
14
15
16
172.16.0.80
10M
Normal/Uplink
Advertisement
Related Manuals for NETGEAR FVX538v1 - ProSafe VPN Firewall Dual WAN
Summary of Contents for NETGEAR FVX538v1 - ProSafe VPN Firewall Dual WAN
- Page 1 How to set up a DMZ LAN on FVX538? This document describes how to set up a DMZ LAN on the FVX538 firmware version 3.0.3-17, and how to use the Multi-NAT function on the DMZ. This article will cover the following features: 1.
- Page 2 First, assuming our LAN IP and Internet are already connected, we’ll need to enable the DMZ. In the Network Configuration->DMZ Setup menu: 1 – Select Yes for Do you want to enable DMZ Port? 2 – Input the router’s DMZ IP address and Subnet Mask in the IP Address and Subnet Mask fields (computers on the DMZ will use this as their gateway), we chose 172.16.0.1.
- Page 3 After clicking Apply, you should be able to connect devices to the DMZ port (8) on the FVX538. Static addresses given to those devices will be set to the 172.16.0.x subnet with a gateway of 172.16.0.1, which is the router’s DMZ IP address. Next, we’ll configure the FTP and HTTP servers’...
- Page 4 No rules are currently shown. Under Inbound Services click add.. to add a new Inbound Service Policy, the following screen appears: 1 – Under Service, choose the service you’d like. In this case we chose FTP. If you’d like all services to be forwarded to a server, you can choose Any.
- Page 5 All other fields can be left as default. When all the information is set, click Apply. The following screen will appear: You can see the information we entered in the previous screen is now displayed in the Inbound Services menu.
- Page 6 Using the same procedure, we can create an HTTP service as well, this time we’ll just tell it to use the same IP that the router is assigned on WAN1: 1 – Under Service choose the service you’d like. In this case we chose HTTP. 2 –...
- Page 7 When all the information is set, click Apply, the following screen will appear:...
- Page 8 If our FTP server needs to send files to remote servers that require the connection to be from a specific IP, we can change the IP our server reports in the Outbound Services section. Clicking add… under Outbound Services shows the following screen: 1 –...
- Page 9 All other settings should be fine as default. Click the Apply button and the following screen appears: Since the HTTP server will use the router’s WAN1 address for its outbound address by default, there is no need to add a rule for that. At this point, we have configured the servers to be able to be accessed from the Internet.