Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1273
Views
0
Helpful
2
Replies

RV320 Forward Ports into DMZ Subnet

roger.hess1
Level 1
Level 1

‎05-28-2015 02:04 AM

I have a Cisco RV320 router and we have several servers that need to be accessible from the internet. So I want to put this servers into the DMZ and forward certain ports to certain servers. My LAN is subnet 192.168.0.0 and I want the DMZ to be subnet 192.168.2.0.

I enabled the DMZ and set DMZ IP-Adress to 192.168.2.10 and Subnet Mask to 255.255.255.0. Now I go to Forwarding and want to forward port 80 to 192.168.2.2 and port 8080 to 192.168.2.22 but then I get the error message "This IP address should be in LAN or Multiple Subnet IP range". Do I have to add the DMZ subnet to the Multiple Subnet Table in the network settings?

1 person had this problem
Labels:
0 Helpful
2 Replies 2

Michael Swenson
Cisco Employee
Cisco Employee

‎05-28-2015 07:58 AM

Hello,

Yes, You would have to add the subnet to the multiple subnet table.  The DMZ on the RV320 is a software DMZ.  Thus, the DMZ will allow public access to only one private IP.  Furthermore, you do not need port forwards when you use the DMZ.  The DMZ is like a port forwards forwarding all port to the private IP.

 

IF you need public access to a range of private IPs, then you could use port forwards.  You would still need to add the subnet to the multiple subnets. Or, If you have a range of public IP, then you could use one to one NAT for each public IP to Private IP.

 

Best Regards,

Mike

0 Helpful

aforster.home
Level 1
Level 1
In response to Michael Swenson

‎06-15-2015 10:59 AM

Mike,

 

What about outbound access from the DMZ subnet (created using the WAN2 port)? I have configured a private address on the DMZ subnet and placed several hosts on that subnet - WAN2 connected to a switch). Inbound works perfectly.. all ports that have been permitted on the firewall are accessible through port mapping on the public WAN1 IP address. The problem is to get those hosts on the DMZ to access the internet... I have created DMZ-> Internet outbound filters logging all traffic, and it seems the traffic is being permitted, but no NAT is being applied. Therefore, they are accessing the internet using their private address, and obviously, no return traffic is being found.

Any ideas?

 

Thanks.

 

Antonio

0 Helpful
Customers Also Viewed These Support Documents