Firewall
DMZ Host
Cisco RV220W Administration Guide
82
4
DMZ Host
The Cisco RV220W supports DMZ options. A DMZ is a sub-network that is open
to the public but behind the firewall. DMZ allows you to redirect packets going to
your WAN port IP address to a particular IP address in your LAN. It is
recommended that hosts that must be exposed to the WAN (such as web or email
servers) be placed in the DMZ network. Firewall rules can be allowed to permit
access to specific services and ports to the DMZ from both the LAN or WAN. In
the event of an attack on any of the DMZ nodes, the LAN is not necessarily
vulnerable as well.
You must configure a fixed (static) IP address for the endpoint that will be
designated as the DMZ host. The DMZ host should be given an IP address in the
same subnet as the router's LAN IP address but it cannot be identical to the IP
address given to the LAN interface of this gateway.
To open this page:
In the navigation tree, choose
Firewall
>
DMZ Host
.
STEP 1
Check the
Enable
box to enable DMZ on the network. Uncheck the box to disable
this feature.
STEP 2
Enter the IP address for the endpoint that will receive the redirected packets. This
is the DMZ host.
STEP 3
Click
Save
to save your settings, or click
Cancel
to reload the page with the
current settings. After enabling a DMZ host, configure firewall rules for the zone.
See
Custom Services, page 87
.
Advanced Firewall Settings
Use the
Advanced Settings
menu options to configure the following advanced
firewall settings:
•
One-to-One Network Address Translation (NAT), page 83
•
MAC Address Filtering, page 85
•
IP/MAC Address Binding, page 86
•
Custom Services, page 87
•
Schedules for Firewall Rules and Port Forwarding Rules, page 89