[Help needed]Creating DMZ on ER605
Hi all,
I just purchased an TPLink ER605 V1 router for my home network and have some issues, can you please help me?
CURRENT SETUP
I divided network to 2 subnets:
A: 192.168.1.0/24 for all home devices (laptop, phones...)
and
B: 10.0.0.0/24 for home servers
The network diagram is as follows:
my network
modem 192.168.1.1 routing table:
server IP is 10.0.0.11.
I would like to expose server from subnet B to all devices in sub net A.
Current DMZ config on ER605:
ISSUESI cannot ping server from machines in network A:
From the line " Redirect Host", I think the modem is doing its job by re-routing packages to ER605, but then there is no response for pinging.
traceroute cmd produces same result, being stopped at 192.168.1.100 (ER605 wan interface)
This is the route table from ER605:
Server from net B can reach the internet, can ping youtube or google.
May I know where did I go wrong in configuration? Because DMZ should already exposed the server right?
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Hi @tom168
Thanks for posting in our business forum.
Set up the port forwarding first.
How to set up Port Forwarding feature on TP-Link SMB Router (new UI)
Troubleshooting Virtual Services(Port Forwarding) on the Router Doesn't Take Effect
So if you need to access the server in 10.0.0.1/24, you should port forward on the ER605. If you gonna expose it on the Internet, you should port forward twice. On ER605 and your 192.168.1.1 router.
When you port forward on 192.168.1.1, you should port forward the IP address of the ER605(WAN IP). Then this tunnels into the ER605 from the public Internet.
- Copy Link
- Report Inappropriate Content
Hi @tom168
Thanks for posting in our business forum.
tom168 wrote
@Clive_A
Thank you for your reply.
I dont desire to expose my server to internet, just to another subnet.
I tried port fordwarding on the ER605 and network A can ping server, so it means the config on ISP issued modem is good.
However, port forwarding solution is not good for me since I need to expose all ports on server and I have many servers (3 of them).
Is there anyway to just expose all LAN to WAN on ER605? This is a closed-environment so I dont really worry about security here.
DMZ is the same as the port forwarding. Just set all ports open if the server in B got that port available. You should DMZ on the ER605. It should work as expected. If no, reboot and try again.
But you cannot forward all LAN to WAN. ER605 is a router. NAT cannot be disabled.
- Copy Link
- Report Inappropriate Content
Hi @tom168
Thanks for posting in our business forum.
Set up the port forwarding first.
How to set up Port Forwarding feature on TP-Link SMB Router (new UI)
Troubleshooting Virtual Services(Port Forwarding) on the Router Doesn't Take Effect
So if you need to access the server in 10.0.0.1/24, you should port forward on the ER605. If you gonna expose it on the Internet, you should port forward twice. On ER605 and your 192.168.1.1 router.
When you port forward on 192.168.1.1, you should port forward the IP address of the ER605(WAN IP). Then this tunnels into the ER605 from the public Internet.
- Copy Link
- Report Inappropriate Content
@Clive_A
Thank you for your reply.
I dont desire to expose my server to internet, just to another subnet.
I tried port fordwarding on the ER605 and network A can ping server, so it means the config on ISP issued modem is good.
However, port forwarding solution is not good for me since I need to expose all ports on server and I have many servers (3 of them).
Is there anyway to just expose all LAN to WAN on ER605? This is a closed-environment so I dont really worry about security here.
- Copy Link
- Report Inappropriate Content
Hi @tom168
Thanks for posting in our business forum.
tom168 wrote
@Clive_A
Thank you for your reply.
I dont desire to expose my server to internet, just to another subnet.
I tried port fordwarding on the ER605 and network A can ping server, so it means the config on ISP issued modem is good.
However, port forwarding solution is not good for me since I need to expose all ports on server and I have many servers (3 of them).
Is there anyway to just expose all LAN to WAN on ER605? This is a closed-environment so I dont really worry about security here.
DMZ is the same as the port forwarding. Just set all ports open if the server in B got that port available. You should DMZ on the ER605. It should work as expected. If no, reboot and try again.
But you cannot forward all LAN to WAN. ER605 is a router. NAT cannot be disabled.
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 1419
Replies: 3
Voters 0
No one has voted for it yet.