Where does a DMZ live ? :-)

Discussion in 'Wireless Networking' started by RJK, Jun 18, 2007.

  1. RJK

    RJK Guest

    sHello all you experts in wi-fi and networking.
    ....well,. sometimes it pays to pre-grovel !

    I've asked all this in here before, and I've been told it all before,
    however I have one or two extra questions ?
    I'll try to succinctly describe my hardware and what I want to do.

    Main PC, (located outside of my house in my office), with XP Home OEM in it,
    and all up to date.
    Orange Livebox, (also in office), feeds internet into my office PC along a
    rj45 LAN lead.
    ....and Livebox feeds wi-fi internet to Dads' PC in the house, which has a
    Linksys WMP54g pci card in it.
    (not really relevant but - Livebox wi-fi currently switched off)

    I also have a (atm unused) Linksys WAG354G (adsl modem/router/wifi), in my
    office)

    I want to connect a short rj45 lead from the 2nd rj45 port on the Livebox to
    the Linksys WAG354G, then keep
    wi-fi switched off in the Livebox, and wi-fi switched on in the WAG354G.
    ....so that Dads PC gets its' internet from the WAG354G wi-fi router - which
    in turn gets its' internet connenction from the LAN lead with which it's
    connected to the Livebox 2nd rj45 port.

    (which I trialled a while ago, and it all worked but, I got alarmed by the
    DMZ that appeared in the firm/software in the Livebox)

    The main reason I want this is so that when Dad wants to use his PC, I
    simply switch on the WAG354G, and when he's finished I can simply switch it
    off. This method also means that I don't have to keep switching wi-fi on
    and off in the Livebox - which won't do its' eeprom much good anyway :)
    .....Wi-fi in the Livebox can stay permanently switched off - meaning that
    I'm bathed in much less EMF whilst sat in the same office with the thing
    just three feet away. ...now some wise crack is gonna pipe up and say,
    "...next to no EMF whilst there's not transceiving going on..." ....well I
    want wi-fi off in the Livebox !

    I digress, ...

    With the above set up, in my office, what are the security implications of
    that DMZ which seems to be set in the Livebox ?
    (both adsl/modems/routers have Netword Address Translation in them, and both
    PC's have good software firewalls in them as well).

    I think I have to set:-
    LAN IP address to e.g. 192.168.1.1 in Livebox and 192.168.1.2 in WAG354G
    Broadcast LAN IP addresss 192.168.1.255
    Subnet Mask 255.255.255.0 in both ?
    DHCP Start Address in Livebox is 192.168.1.7 ?
    DHCP Server End address in Livebox is 192.168.1.150
    ....by the way my ISP gives me a dynamic IP address.

    ....from previous dabblings I think I have to set a different DHCP address
    range in WAG3545G.
    e.g. 192.168.1.151 - 192.168.1.200 ...is this correct.

    Do I have set a DMZ address range so that only ONE address is allocated for
    the WAG354G to access the internet through the Livebox ....does that make
    any sense or am I barking up the wrong tree ?

    Does this DMZ open port in the Livebox - which suppplys internet to the
    WAG354G - become visible, or rather accessible by nasties out there on the
    web ? ...dies that also make any sense ?

    It's been a couple of months or more since I had a go at this, and last
    time, I almost lost access to the innards of the WAG354G

    ....any help most gratefully received.

    regards, Richard
     
    RJK, Jun 18, 2007
    #1
    1. Advertisements

  2. Hi
    DMZ is usually feature in Cable/DSL Router that allow to put one Network
    device (computer, or any other stand alone network device) in front of the
    Firewall.
    By doing so all the ports of the device that is on the DMZ are opened and
    nothing obstruct traffic, however the device is sitting on the Internet
    without any protection sharing it content with the world.
    DMZ has to be avoided, in most circumstances ports can be opened as needed
    toward the network device in question, and there is No reason for DMZ.
    DMZ affect only the device that its IP address was configured to be on the
    DMZ, if the device is switched off it does nothing.
    If you must use DMZ make sure that the device is configured with static IP,
    so that it would not end up assigning another device to the DMZ.
    Jack (MVP-Networking).
     
    Jack \(MVP-Networking\)., Jun 18, 2007
    #2
    1. Advertisements

  3. RJK

    RJK Guest

    RJK, Jun 18, 2007
    #3
  4. RJK

    RJK Guest

    RJK, Jun 18, 2007
    #4
  5. RJK

    RJK Guest

    THIS is what I want !!!!
    http://www.ezlan.net/shield.html

    ...but, I want a "blow by blow" account on how to do it, including how to set
    all those address ranges in my Livebox and WAG354G !! :-( :)


    regards, Richard
     
    RJK, Jun 18, 2007
    #5
  6. RJK

    RJK Guest

    RJK, Jun 18, 2007
    #6
  7. Hi
    I can not make it simpler than what you see ob the page. What specifically
    is unclear about the setting?
    Jack (MVP-Networking).
     
    Jack \(MVP-Networking\)., Jun 19, 2007
    #7
  8. RJK

    RJK Guest

    PLZ ignore me, I've plodding away at this all evening now, I think I can see
    how to do it, but, I just got way-laid by a few hours, (is that how one
    spells way-laid ?), by my Inventel Orange Livebox, which collapsed, and I
    had to reset it ...and now it's 3:30 am !!

    After just a little tweaking, my LAN connection to it started complaining
    that it was only partially functional, and hours of digging around and
    upsetting almost everything in XP that was working okay beforehand, I
    finally tried resetting the Livebox which cured it, and now I've just
    knocked my LAN connection etc back into shape, and re-tweaked all my
    soft/firm-ware settings in Livebox etc, am off to bed now.

    Much thanks for your help.

    regards, Richard
     
    RJK, Jun 19, 2007
    #8
  9. RJK

    RJK Guest

    RJK, Jun 19, 2007
    #9
  10. RJK

    RJK Guest

    It seems that the only way I can sensibly connect this Livebox and Linksys
    WAG354G together, (needing to keep the Liveboxes' VOIP telephone
    working -i.e. VOIP will not work with the WAG354 as the "front"
    adsl/modem/router supplying internet to the Livebox), is to have the
    Inventel Livebox/adsl modem/Router as the "Cable/DSL Modem at the "front"
    (adsl line plugged into it), and a short rj45 lead from it - to my WAG354G
    and my Office PC connected by rj45 lead to the WAG354G which is now, I
    suppose, acting as a "shield" router ! :)

    re: the above hardware arrangement, (seeing that Upnp and DHCP appear to
    have to be switched off in the 2nd / "shield" router ...as it is connected
    atm), it would probably be very difficult for me to get wi-fi working in the
    WAG354G without DHCP, what with my vast knowledge of dns no's / /Static IP
    addresses and "tunnelling 'n'all !! ...and having the routers connected
    this way around, and trying to use wireless on the WAG354G would of course
    defeat the object of having two routers connected to get the shielding
    effect on the 2nd router ....which supplies internet to my main PC on rj45
    lead ....phew !!!

    So I think I'll leave them as they are for a while, and just switch on
    wireless in Livebox for Dad's PC when he needs to use it !
    ....but, it would have been so nice to have the Linksys as the "front"
    adsl/modem/router.
    ....anyway thanks muchly for your help, ...in the past as well.

    regards, Richard
     
    RJK, Jun 19, 2007
    #10
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.