Netgear FVS318Gv2 – ProSAFE VPN Firewall Series Reference Manual
LAN Configuration
96
NETGEAR ProSAFE VPN Firewall FVS318G v2
Enable and Configure the DMZ Port for IPv4 and IPv6
Traffic
Traffic
The demilitarized zone (DMZ) is a network that, by default, is configured with fewer firewall
restrictions than the LAN. The DMZ can be used to host servers (such as a web server, FTP
server, or email server) and provide public access to them. The rightmost LAN port on the
VPN firewall can be dedicated as a hardware DMZ port to safely provide services to the
Internet without compromising security on your LAN.
restrictions than the LAN. The DMZ can be used to host servers (such as a web server, FTP
server, or email server) and provide public access to them. The rightmost LAN port on the
VPN firewall can be dedicated as a hardware DMZ port to safely provide services to the
Internet without compromising security on your LAN.
By default, the DMZ port and both inbound and outbound DMZ traffic are disabled. Enabling
the DMZ port and allowing traffic to and from the DMZ increases the traffic through the WAN
ports.
the DMZ port and allowing traffic to and from the DMZ increases the traffic through the WAN
ports.
Using a DMZ port is also helpful with online games and videoconferencing applications that
are incompatible with NAT. The VPN firewall is programmed to recognize some of these
applications and to work correctly with them, but other applications might not function well. In
some cases, local computers can run the application correctly if those computers are used on
the DMZ port.
are incompatible with NAT. The VPN firewall is programmed to recognize some of these
applications and to work correctly with them, but other applications might not function well. In
some cases, local computers can run the application correctly if those computers are used on
the DMZ port.
A separate firewall security profile is provided for the DMZ port that is also physically
independent of the standard firewall security component that is used for the LAN. For
information about how to define the DMZ WAN rules and LAN DMZ rules, see
independent of the standard firewall security component that is used for the LAN. For
information about how to define the DMZ WAN rules and LAN DMZ rules, see
on page 153, respectively.
When you enable the DMZ port for IPv4 traffic, IPv6 traffic, or both, the DMZ LED next to LAN
port 8 lights green to indicate that the DMZ port is enabled. For more information, see
port 8 lights green to indicate that the DMZ port is enabled. For more information, see
This section contains the following topics:
•
•
•
DMZ Port for IPv4 Traffic
You can set up the DMZ port for IPv4 traffic. You can enable or disable the hardware DMZ
port (LAN port 8; see
port (LAN port 8; see
on page 13) and configure an IPv4 address and subnet
mask for the DMZ port.
To enable and configure the DMZ port for IPv4 traffic:
1.
Log in to the unit:
a. In the address field of any of the qualified web browsers, enter https://192.168.1.1.
a. In the address field of any of the qualified web browsers, enter https://192.168.1.1.
The NETGEAR Configuration Manager Login screen displays.