Advantages of the DMZ Port | TRENDnet BRV204 manual

TW100-BRV204 User’s Guide

•PCs connected to the DMZ port are on the same LAN segment as PCs connected to the Hub ports. They must use the same IP address range.

•PCs connected to the DMZ port are NOT visible to PCs on the hub (LAN) ports. So you cannot use Microsoft networking or other networking protocols to connect to PCs on the DMZ. The connection must be made via the Internet.

•PCs connected to the DMZ port still share the WAN port IP address for Internet access.

•To make PCs on the DMZ port available from the Internet, the "Virtual Server" (Port Forwarding) feature must be configured to send incoming traffic to the appropriate server.

Advantages of the DMZ Port

If running any Servers on your LAN, you should connect them to the DMZ port, for the following reasons:

•Traffic passing between the DMZ and LAN passes through the firewall. The firewall will protect your LAN if your Server is compromised and used to launch an attack on your LAN.

•When using the Virtual Servers feature, (see Virtual Servers in Chapter 6) a firewall rule to allow incoming traffic from the Internet (WAN) to the DMZ is automatically created.

If the Server is connected to the LAN (hub) ports, you must add the firewall rule manually.

6

Image 10

TRENDnet BRV204 manual Advantages of the DMZ Port

Contents

Page Page Table of Contents 120 Overview 136 General Problems Internet Access108 136 TW100-BRV204 Features Internet Access Features Configuration & Management LAN FeaturesAdvanced Internet Functions Package Contents Physical Details Front-mounted LEDs Using the DMZ Port Rear Panel Advantages of the DMZ Port Requirements ProcedureChoose an Installation Site Connect LAN Cables Connect WAN Cable Power UpCheck the LEDs To Do this OverviewRefer to Using UPnP Configuration ProgramPreparation Using your Web Browser If you cant connect TW100-BRV204 User’s Guide Cable Modems Setup WizardCommon Connection Types DSL Modems Big Pond Cable Australia Other Modems e.g. Broadband WirelessSingTel RAS Home Screen Navigation & Data Input Data LAN Screen LAN ScreenButtons To Configure your PCs to use Dhcp Using the TW100-BRV204 s Dhcp ServerUsing another Dhcp Server What Dhcp Does TCP/IP Settings Overview Windows Clients Using Dhcp Checking TCP/IP Settings Windows 9x/MEUsing Specify an IP Address Gateway Tab Win 95/98 Checking TCP/IP Settings Windows NT4.0 Windows NT4.0 TCP/IP Obtain an IP address from a Dhcp Server Specify an IP Address Windows NT4.0 DNS Checking TCP/IP Settings Windows Network Configuration Win Using a fixed IP Address Use the following IP Address Checking TCP/IP Settings Windows XP Network Configuration Windows XP TCP/IP Properties Windows XP For Windows 9x/ME/2000 Internet AccessAccessing AOL For Windows XP Other Unix Systems Macintosh ClientsLinux Clients Fixed IP Address Operation Status Screen Internet Data Status ScreenSystem Connection Connection Status PPPoEData PPPoE Screen Connection Log Connection Log Messages Message Description Pptp Status Connection Status PptpData Pptp Screen Connect Disconnect Connection Status Telstra Big Pond Data Telstra Big Pond Screen Data SingTel RAS Screen Default GatewayConnection Details SingTel RAS RAS Plan DNS IP Address Dhcp Client Data Fixed/Dynamic IP address Screen Connection Details Fixed/Dynamic IP AddressRelease/Renew Button will display Either Release Or Renew Update the data shown on screen Internet Features Identification WAN Port ConfigurationData WAN Port Configuration Screen IP Address Login Communication Applications Advanced InternetCommunication Applications Special Applications Screen Special ApplicationsData Special Applications Screen Incoming Ports Using a Special ApplicationMulti-DMZ Outgoing Ports Data URL Filter Screen URL FilterURL Filter Screen Filter Strings Dynamic DNS Screen Ddns ServiceDynamic DNS Domain Name Server Data Dynamic DNS Screen Ddns Service User Name Password/Key Domain Name Ddns Status Ddns Data Virtual Servers Using the DMZ port for Virtual ServersIP Address seen by Internet Users Defining your own Virtual Servers Connecting to the Virtual ServersVirtual Servers Screen Data Virtual Servers Screen Data Options Screen Backup DNSOptions MTU size Admin Login Admin Login Screen Security Configuration To use this feature Access ControlAccess Control Screen Data Access Control Screen Internet Access Date/Time Access Control LogGroup Members Screen Source IP address Firewall Rules Screen This feature is for advanced administrators onlyFirewall Rules Data Firewall Rules Screen Data Add Edit Move Delete View Log System Rules Type Define Firewall RuleData Define Firewall Rule Screen Source IP Action Dest IPLog Logs Enable LogsData Logs Screen Timezone Syslog Server Mail Alerts MailData E-Mail Screen Mail Logs Smtp Server SubjectPort No Data Security Options Screen Enable DoS Firewall ThresholdSecurity Options Firewall Options Define Schedule Screen SchedulingData Define Schedule Screen Available Services ServicesData Services Screen Add New Service TW100-BRV204 always uses Tunnel Mode TW100-BRV204 does not support Transport ModeIPSec VPN Endpoint VPN ConfigurationPolicies Address VPN Pass-through Common VPN SituationsClient PC to VPN Gateway Connecting 2 LANs via VPN Connecting 2 VPN Gateways Data VPN Policies Screen VPN ConfigurationVPN Policies Screen VPN List Adding a New Policy Enable/DisableCopy General Settings VPN Wizard General Screen VPN Wizard Traffic Selector Screen Local IP addresses Remote IP addresses Manual Key ExchangeManually assigned Keys ESP Encryption ESP AuthenticationTion is enabled Encryption Algorithm IKE Phase IKE Phase 1 IKE SA Encryption AuthenticationAlgorithm IKE Exchange AH Authentication IKE Phase 2 ScreenIKE Phase 2 IPsec SA IPsec SA Life Time VPN Wizard Final Screen Setting LAN a Gate LAN B Gate Way Example 1 Connecting 2 TW100-BRV204 sConfiguration Settings VPN Examples DES IPSec SA Parameters Setting Value TW100-BRV204 ConfigurationExample 2 Windows 2000/XP Client to LAN Windows Client Configuration Windows 2000/XP Local Security Settings Windows 2000/XP Policy Properties Filter Properties Addressing New Rule Properties Filter Action VPN Setting Windows Setting Modify Security Method Tunnel Setting Windows 2000/XP Client to TW100-BRV204 Filter List Filter Action Modify Security Method DUT to Win2K Properties Properties General Tab Key Exchange Security Methods IKE Security Algorithms Single Client SettingExample 3 Windows 2000 Server to VPN Gateway Server/Gateway Windows 2000 Server Configuration Windows 2000 Server Addressing Requesting a Trusted Certificate CertificatesTrusted Certificates Data Trusted Certificates Screen Data Self Certificates Screen Self CertificatesActive Self Certificates Requesting a Self Certificate Self Certificate Requests Signature Algorithm Hash AlgorithmSignature Key Length CRLs To add a New CRL Status Certificate Revocation Lists SA Type Data VPN Status ScreenVPN Status Data Transfered Server Setup Microsoft VPN Screen Data Microsoft VPN Client Database Screen Client DatabaseData Microsoft VPN Screen Pptp Server Button Tions Data Microsoft VPN Status ScreenServer Status Server Log Windows Client Setup Windows 98/ME To establish a connection Windows ME VPN Dialing Properties Windows Windows 2000 Network Connection Windows 2000 VPN Host Changing the connection settings Windows 2000 Finish Wizard Windows XP Windows XP Network Connection Type Windows XP Connection Name Windows XP Connection Availability Upgrade Diagnostics PC DatabaseRemote Admin Network Config File Data Config File Screen Ping Network DiagnosticsData Network Diagnostics Screen DNS Lookup PC Database PC Database Screen Known PCs AdministrationData PC Database Screen Generate Report Data PC Database Admin Screen PC Database AdminPC Properties Entry Add as NewStandard Screen Settings Remote AdministrationData Remote Administration Screen Information Port Number AccessTo connect from a remote PC via the Internet Allow Remote Overview Using this ScreenRouting Routing Screen Static Routing Enable RIPData Routing Screen Static Routing Table Entries Configuring Other Routers on your LAN Local Router For the TW100-BRV204 s Routing Table Static Routing ExampleOther Routers on the Local LAN Entry 1 Segment For Router As Default Route To perform the Firmware Upgrade Upgrade FirmwareData Upgrade Firmware Screen Upgrade Firmware UPnP Enable UPnP Services Allow Configu RationAllow Internet access to be disabled Data UPnP Screen Internet Access General ProblemsProblem 1 Cant connect to the TW100-BRV204 to configure it Appendix a Troubleshooting TW100-BRV204 FCC Statement FCC Radiation Exposure Statement CE Marking WarningCE Standards Limited Warranty Technical Support 142