USG40 DMZ
Freshman Member
Hello, please help,am newbie,have a USG40 firewall,I would like to run a web server on the DMZ port, how do I have to configure the rules so that the web server can be reached from outside, everything works via Lan1 with port forwarding, I just don't know how it works with DMZ, on the Fritzbox which is the DSL modem they will Ports 80 and 443 forwarded correctly! Thank you !
😁
Accepted Solution
-
Hi @user111
If you would like to achieve the scenario described above, you can configure a port as a DMZ interface. Then, apply the following rules to the DMZ interface:
- Traffic from WAN to DMZ: Allowed. This can be achieved using NAT rules.
Create NAT rules to map the WAN IP address to the server's IP address in the DMZ. If you have several ports that need to be mapped to the server in the DMZ, you will need to create an entry for each port or input a range of ports under Public Ports/Local Ports. - Traffic from LAN to DMZ: Allowed. This is achieved by the default security rule.
- Traffic from DMZ to LAN: Denied. This can be achieved by creating a security rule.
Kay
See how you've made an impact in Zyxel Community this year!
0 - Traffic from WAN to DMZ: Allowed. This can be achieved using NAT rules.
Zyxel Employee
All Replies
-
Hi @user111
If you would like to achieve the scenario described above, you can configure a port as a DMZ interface. Then, apply the following rules to the DMZ interface:
- Traffic from WAN to DMZ: Allowed. This can be achieved using NAT rules.
Create NAT rules to map the WAN IP address to the server's IP address in the DMZ. If you have several ports that need to be mapped to the server in the DMZ, you will need to create an entry for each port or input a range of ports under Public Ports/Local Ports. - Traffic from LAN to DMZ: Allowed. This is achieved by the default security rule.
- Traffic from DMZ to LAN: Denied. This can be achieved by creating a security rule.
Kay
See how you've made an impact in Zyxel Community this year!
0 - Traffic from WAN to DMZ: Allowed. This can be achieved using NAT rules.
-
The way simple DMZ works is like any LAN that being you have its own LAN subnet it then have a zone for the firewall policy such that LAN can't go to DMZ or DMZ can't go to LAN but having DMZ go to WAN only or WAN to DMZ.
Note by default LAN goes to any so you might want to change that.
0 -
Thank you very much, I'll try it!
0 -
Hello, good morning,worked great, Can you actually create and download a backup so that you can restore it after a firmware update? Can you only create a backup point in easy mode?Thank you very much, have a nice week!😉
0 -
Oh well, you can download and upload backups, I found it. Thank you very much!
0
Guru Member
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 149 Nebula Ideas
- 96 Nebula Status and Incidents
- 5.7K Security
- 263 USG FLEX H Series
- 271 Security Ideas
- 1.4K Switch
- 74 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.4K Consumer Product
- 249 Service & License
- 387 News and Release
- 84 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.5K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 73 Security Highlight
