Exposing a Network Device as a DMZ Host

You can allow access to a network device that you want to act as a network Demilitarized Zone (DMZ) host. The DMZ is a dedicated host that receives all inbound traffic from the WAN with one exception: it does not receive traffic directed to the host servers and services configured in the Firewall Management window. A DMZ host also does not receive traffic related to LAN-side initiated connections to the Internet. These connections are managed dynamically at the firewall. The DMZ host receives all of the “unsolicited” inbound traffic from the Internet that isn’t specifically configured to go to other network servers.

When a server is a DMZ host, it can receive any inbound traffic from the Internet, and it is treated by the Linksys One network as being outside of the firewall. This option should only be used if you need hosting services that are not listed above and understand the security implications of a DMZ host.

IMPORTANT: A Demilitarized Zone (DMZ) host is not protected by the firewall and may be vulnerable to attack. Designating a DMZ host can also put other computers in the network at risk. When designating a DMZ host, consider the security implications and protect the network if necessary.

To expose a network server as a DMZ host:

1.Define a static IP address for each device or service. See the ”Adding DNS Names for Static IP Devices” section on page 95.

2.Click the Data Devices > Firewall tab.

3.Select the IP address for the Site DMZ host drop-down box.

4.Click Commit. Your change takes effect immediately.

Using the Services Router Advanced Interface

The Data Devices > SVR tab opens the Services Router advanced interface. For more details on using this interface, refer to the CPE Advanced Administration Guide, available on the

Linksys One Communications Solution

8

Chapter

98

Chapter 8: Managing Data Devices

 

Using the Services Router Advanced Interface

Page 104
Image 104
Cisco Systems 2.1 manual Using the Services Router Advanced Interface, Exposing a Network Device as a DMZ Host