- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
hi
I am setting up a DMZ Host on a G1100 router. By default, it appears that the machine has access to all other machines on the internal network. I do not believe this is normal. Is there a setting somewhere to prevent it?
thanks
Solved! Go to Correct Answer
Correct answers
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Yes that is normal when you setup a DMZ host. A DMZ host will not block access to other hosts on the subnet. Setting up the DMZ host will completely open up that device to the internet. So if that device gets infected then the other devices on your network will be as risk.
In a residential/home router it is a very misleading setting. To have a true DMZ typically it will be done with mulitple firewalls or a virtual subnet. Is there a reason that open up that device? Can you just use port forwarding and use only the necessary ports?
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Yes that is normal when you setup a DMZ host. A DMZ host will not block access to other hosts on the subnet. Setting up the DMZ host will completely open up that device to the internet. So if that device gets infected then the other devices on your network will be as risk.
In a residential/home router it is a very misleading setting. To have a true DMZ typically it will be done with mulitple firewalls or a virtual subnet. Is there a reason that open up that device? Can you just use port forwarding and use only the necessary ports?
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
thank you Edg1. I was hoping for a built-in firewall solution to prevent exposing the rest of the network to the DMZ host. Without that, it does not seem reasonable to use this DMZ feature indeed. cheers.