Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I'm guessing there are different types of dmz's. a router dmz and a firewall dmz. a router dmz would forward all ports to one ip by default. a firewall dmz is a nic placed between the trusted and untrusted sides of a firewall. confused? yes, me too.
Code:
Internet
|
|
Router------- 192.168.2.1 ----- voip
| dmz 192.168.2.2
|
|
| lan
192.168.3.1
|
|
|--192.168.3.2
|--192.168.3.3
|--192.168.3.4
I set up a very nice linux router called brazil firewall. I added a 3rd nic as is required to set up a dmz with the software. I was expecting it to forward all ports to one ip like how linksys routers work, but nope. doesn't work that way. I would like to open up any unused ports to 192.168.2.2 my vonage modem. am I right that the dmz in this linux router s completely different from the dmz in a linksys router?
Linksys routers use of the term DMZ is bad.. really bad.. The way the Linksys DMZ works is to forward ALL outside ports to one IP on the internal network. essentially letting anyone from the outside into your internal network, and putting the machine protected by your router right out on the Internet like low hanging fruit...
This is bad, you do not want to use this method ever imho..
A true firewall DMZ is a SEPERATE network segment.
you can control who from the INSIDE private network can access specific ports and systems in the DMZ.
you can control who from the INTERNET public network can access specific ports and systems in the DMZ.
If someone from the outside exploits a machine in the DMZ, they can't use that exploited machine to attack other machines on your internal network, that is why there is a THIRD interface. the DMZ interface.
I would find out what specific ports need to be forwarded from the outside to the VoIP box, and ONLY forward the necessary ports, not ALL ports..
that's what I was thinking, that the term dmz was used wrong by people who don't know what they're talking about. I'll call vonage tech support and ask them about setting up my dmz. right.
I'm gonna hook up the vonage box behind the new linux router for now. if it starts having problems I'll try port forwards and go from there. usually it hates to be behind a firewall, but that linux router is amazing.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.