DMZ means "Demilitarized Zone." If an application has trouble working from behind the router, you can expose one computer to the Internet and run the application on that computer.

When a LAN host is configured as a DMZ host, it becomes the destination for all incoming packets that do not match some other incoming session or rule. If any other ingress rule is in place, that will be used instead of sending packets to the DMZ host; so, an active session, virtual server, active port trigger, or port forwarding rule will take priority over sending a packet to the DMZ host. (The DMZ policy resembles a default port forwarding rule that forwards every port that is not specifically sent anywhere else.)

The router provides only limited firewall protection for the DMZ host. The router does not forward a TCP packet that does not match an active DMZ session, unless it is a connection establishment packet (SYN). Except for this limited protection, the DMZ host is effectively "outside the firewall". Anyone considering using a DMZ host should also consider running a firewall on that DMZ host system to provide additional protection.

Packets received by the DMZ host have their IP addresses translated from the WAN-side IP address of the router to the LAN-side IP address of the DMZ host. However, port numbers are not translated; so applications on the DMZ host can depend on specific port numbers.

The DMZ capability is just one of several means for allowing incoming requests that might appear unsolicited to the NAT. In general, the DMZ host should be used only if there are no other alternatives, because it is much more exposed to cyber attacks than any other system on the LAN. Thought should be given to using other configurations instead: a virtual server, a port forwarding rule, or a port trigger. Virtual servers open one port for incoming sessions bound for a specific application (and also allow port redirection and the use of ALGs). Port forwarding is rather like a selective DMZ, where incoming traffic targeted at one or more ports is forwarded to a specific LAN host (thereby not exposing as many ports as a DMZ host). Port triggering is a special form of port forwarding, which is activated by outgoing traffic, and for which ports are only forwarded while the trigger is active.

Few applications truly require the use of the DMZ host. Following are examples of when a DMZ host might be required:

A host needs to support several applications that might use overlapping ingress ports such that two port forwarding rules cannot be used because they would potentially be in conflict.

To handle incoming connections that use a protocol other than ICMP, TCP, UDP, and IGMP (also GRE and ESP, when these protocols are enabled by the PPTP and IPSec ALGs ).

Enable DMZ

Putting a computer in the DMZ may expose that computer to a variety of security risks. Use of this option is only recommended as a last resort.

DMZ IP Address

Specify the LAN IP address of the LAN computer that you want to have unrestricted Internet communication. If this computer obtains its address Automatically using DHCP, then you may want to make a static reservation on the Basic → Network Settings page so that the IP address of the DMZ computer does not change.

44

Page 46 Page 48
Page 47
Image 47
SMC Networks SMCWBR14-N manual Enable DMZ, DMZ IP Address
Page 46 Page 48

SMCWBR14-N specifications

The SMC Networks SMCWBR14-N is a wireless router that has established itself as a reliable choice for both home and small office environments. This device is renowned for its balance of performance, flexibility, and cost-effectiveness, making it a popular option among budget-conscious consumers looking for stable connectivity.

One of the primary features of the SMCWBR14-N is its compliance with the IEEE 802.11n wireless standard. This technology allows it to deliver significantly higher data rates than older standards like 802.11g, making it ideal for tasks such as streaming video, online gaming, and large file transfers. It operates on both the 2.4 GHz frequency band, which provides extensive coverage range, and it can reach speeds of up to 300 Mbps. This dual-band functionality ensures that multiple devices can connect simultaneously without significant interference.

The router comes equipped with four 10/100 Mbps Ethernet ports, enabling wired connections for devices such as gaming consoles, desktop computers, and smart TVs. The data transfer rates over wired connections are stable, ensuring low latency and reliable performance, which is essential for users engaged in intensive online activities.

A notable feature of the SMCWBR14-N is its built-in firewall and various security options. This includes Wi-Fi Protected Access (WPA/WPA2) encryption, which significantly enhances the security of the wireless network. The router also supports MAC address filtering, which allows users to define which devices can connect to the network, adding an additional layer of security.

Configuration and management of the SMCWBR14-N are user-friendly, thanks to its web-based interface. Users can easily access the settings via any web browser, allowing for quick adjustments and monitoring of the network. The router supports Quality of Service (QoS) features, enabling users to prioritize bandwidth for specific applications, thus ensuring a smooth operation for real-time activities like VoIP calls and video conferencing.

Furthermore, the SMCWBR14-N supports various advanced features such as DHCP server functionality and dynamic DNS, making it suitable for users who desire a more hands-on approach to their networking setup.

In summary, the SMC Networks SMCWBR14-N wireless router is an excellent choice for individuals and small businesses seeking a robust and versatile networking solution. Its blend of high-speed wireless connectivity, comprehensive security options, and easy management makes it a compelling option for navigating the demands of modern internet usage.
Top Page Image Contents