Solved Modify DMZ configuration to gain acess to computer

October 29, 2016 at 02:25:05
Specs: 1, Q
hello all,

I have a computer which I need to make accessible from the internet by placing it in a z zone.

I have a static IP assigned to my router by the ISP.

The router gives all connected devices an IP in the form of 192.198.1.x

Can someone give me instructions to set up the above config. Do I type in the public IP into the DMZ config or the on assigned by the router. The same question goes for the config when setting up the computer IP


See More: Modify DMZ configuration to gain acess to computer

Report •

#1
October 29, 2016 at 03:18:35
The 192.xxx.xxx.x.... Address is an internal (Class C LAN) address. This makes the end device accessible to other devices within the Local Area Network. This address is irrelevant when connecting to a device from the Internet (WAN), Wide Area Network.

You wish to create a "demilitarized zone" in order to give access from the Internet? An area outside of your own local network?

Having a static IP address provided by your ISP makes the job a lot easier but I'm not sure lowering all of your defenses by way of DMZ is the right way to go.

If you google "what is my IP address" will give you your external (public) IP address, the address you are seen to be residing at from the rest of the world. This is where you need to start.

If you have a mobile device that you can access the Internet from without the need to connect to your home network you can test your configuration externally.

message edited by btk1w1


Report •

#2
October 29, 2016 at 08:23:21
✔ Best Answer
The simplest solution would be to use a port forward rather than setting up a DMZ.

Let's say you're making a web server and the computers LAN address is: 192.168.1.50

We know that the web (http) uses port 80. Your port forward would look like this:

forward port 80 to 192.168.1.50

You would have to look up the info on creating port forwards in your router manual (downloadable if you don't already have it). I would use that info to create a port forward before attempting to do the DMZ thing.

I have several port forward configured on my router. The first is for RDP so I can connect to my windows PC at home from my windows PC at work. The second is for ssh so I can connect to my FreeBSD box at home from either my windows PC or my FreeBSD PC in my office at work. ssh uses port 22 and RDP uses 3389 so my forwards look like this:

forward port 22 to 192.168.1.20
forward port 3389 to 192.168.1.80

When I want to connect to my FreeBSD box I simply ssh to my WAN (external) IP and the router forwards that session to 192.168.1.20 and voila, I'm connected.

It matters not how straight the gate,
How charged with punishments the scroll,
I am the master of my fate;
I am the captain of my soul.

***William Henley***


Report •

#3
October 30, 2016 at 13:08:05
You could also use something like Log Me In. Then you don't have to worry about leaving your computer in a DMZ.

www.logmein.com


Report •

Related Solutions

#4
October 30, 2016 at 18:53:30
accessible from the internet for personal use or public use?
Only forward the ports needed for internet access as described in previous replies. (http,https,ssh)

For personal access the easiest is to setup remote desktop access with teamviewer (still free for personal use) or, as already mentioned, logmein (premium service). No need to setup any port-forwarding for this kind of service.


Report •

Ask Question