Back to Help and Support
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
1

Ask

2

Reply

3

Solution

Exposed Host DMZ Port Forwarding

toomanylogins
3: Seeker
3: Seeker

‎21-11-2022 04:18 PM

We are running a business server for the office network behind the router. For anyone else experiencing problems it would appear that you have to set up port forwarding and the exposed host in order for this to work. I was under the assumption that the exposed host setting would automatically forward all traffic to the office server/firewall this appears not to be the case.

The Vodafone documentation is useless but I've got it working by port forwarding and using the exposed host setting pointing to the local IP address of the firewall.

It is also unclear from the documentation ( which there is none i could find) if the firewall settings the router are still applied to the Wi-Fi connections after you expose host.

How difficult would it be for Vodafone to create a few network diagrams are setup instructions for common SME setups where you are running some servers and other equipment behind the router. It's shocking that they are so useless.

 

0 Thanks
3 REPLIES 3

Jayach
16: Advanced member
16: Advanced member

‎21-11-2022 09:45 PM

Vodafone are a domestic supplier (at least as far as this forum concerned, (that why it is called Home broadband & Landline).

However, you are correct, exposed host would suggest everything would be forwarded to the designated IP address.

 

0 Thanks

CrimsonLiar
16: Advanced member
16: Advanced member
In response to Jayach

‎22-11-2022 12:28 AM

Using the standard Vodafone router you should be creating a basic "three-legged" system when you run DMZ.  Normally you wouldn't then need to use port forwarding in addition to the DMZ.  If it were a dual firewall sandwiched DMZ then it'd be different, and sufficiently complex you probably couldn't do it with the standard Vodafone router!  If you have one of the business packages with the Cisco Meraki equipment, that could be a different story!

On a three-legged system WAN, LAN, & DMZ on a standard router, again on a basic router, you'll lose ALL firewall abilities on that DMZ leg.  It gets different as soon as you move away from those basic systems, and you start moving towards active list-based firewalls rather than just NAT, and only allowing connections where you are the originator.

You'd have to check in the documentation that should exist, but it used to be possible on the business packages to have multiple IPs, one of which you could use to give your server a net-facing WAN IP, while still being accessible on your LAN.

toomanylogins
3: Seeker
3: Seeker

‎22-11-2022 03:15 PM - last edited on ‎23-11-2022 08:57 AM by Community Manager

For reference.

In the event anyone else has this issue the exposed host option does forward all traffic to the IP address on the local network. You do not need to add any port forwarding rules.

In my case as I'm a software developer [Removed] I run a firewall on the network and I am forwarding to the IP address of that which then does the forwarding to the internal servers.

 

[MOD EDIT: This post has been edited to remove inappropriate content please see Community Guidelines]