Netgear UTM25EW-100NAS ユーザーズマニュアル
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual
4-18
LAN Configuration
v1.0, September 2009
To reserve an IP address, select Reserved (DHCP Client) from the IP Address Type pull-down
menu on the LAN Groups screen as described in
menu on the LAN Groups screen as described in
or on the Edit Groups and Hosts screen as described in
.
Configuring and Enabling the DMZ Port
The De-Militarized Zone (DMZ) is a network that, by default, has fewer firewall restrictions when
compared to the LAN. The DMZ can be used to host servers (such as a web server, FTP server, or
e-mail server) and provide public access to them. The fourth LAN port on the UTM (the rightmost
LAN port) can be dedicated as a hardware DMZ port to safely provide services to the Internet
without compromising security on your LAN. By default, the DMZ port and both inbound and
outbound DMZ traffic are disabled. Enabling the DMZ port and allowing traffic to and from the
DMZ increases the traffic through the WAN ports.
compared to the LAN. The DMZ can be used to host servers (such as a web server, FTP server, or
e-mail server) and provide public access to them. The fourth LAN port on the UTM (the rightmost
LAN port) can be dedicated as a hardware DMZ port to safely provide services to the Internet
without compromising security on your LAN. By default, the DMZ port and both inbound and
outbound DMZ traffic are disabled. Enabling the DMZ port and allowing traffic to and from the
DMZ increases the traffic through the WAN ports.
Using a DMZ port is also helpful with online games and videoconferencing applications that are
incompatible with NAT. The UTM is programmed to recognize some of these applications and to
work properly with them, but there are other applications that might not function well. In some
cases, local PCs can run the application properly if those PCs are used on the DMZ port.
incompatible with NAT. The UTM is programmed to recognize some of these applications and to
work properly with them, but there are other applications that might not function well. In some
cases, local PCs can run the application properly if those PCs are used on the DMZ port.
The DMZ Setup screen lets you set up the DMZ port. It permits you to enable or disable the
hardware DMZ port (LAN port 4, see
hardware DMZ port (LAN port 4, see
) and configure an IP address and
subnet mask for the DMZ port.
Note: The reserved address is not assigned until the next time the PC or device contacts
the UTM’s DHCP server. Reboot the PC or device, or access its IP configuration
and force a DHCP release and renew.
and force a DHCP release and renew.
Note: A separate firewall security profile is provided for the DMZ port that is hardware-
independent of the standard firewall security used for the LAN.