DMZ vs Open Ports and Rules.

Comments

10 comments

  • Avatar
    Firewalla

    Can you please share when you are doing the port forwarding what rules do you have under the rule button? do you have a rule allowing connection to the port forwarded 'port'?

    0
    Comment actions Permalink
  • Avatar
    Pimbox

    Rule

    Action: Allow

     

    Matching: LocalPort UDP Port 27015 (L4D2 Server Exemple).

    On: Server (device)

    Schedule: Active Time> Always

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    Do you have a port forwarding rule to port forward 27015?  

    0
    Comment actions Permalink
  • Avatar
    Pimbox

    Yes:

    Service: L4D2

    Protocol: UDP

    External Port: 27015

    Internal Port:

    Devide: Server

    Port: 27015

    Allow on Firewall: Enable (in Disable don't work too without server in DMZ).

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    Your configuration is correct ... if DMZ works, my take is, very likely there are other ports that are not port forwarding.  You will need to double-check your application and make sure all the related ports are forwarded

    1
    Comment actions Permalink
  • Avatar
    Pimbox

     Okay, I'll check. But the strange thing is that before having the Firewalla Gold, everything was already configured on the TP-Link Archer C6 that it used as a router, now with Gold in place and exactly with the same settings, they only get access from the outside with the DMZ on . I deactivated all the NAT services of Tp-Link to not have conflict with Gold's but without results, anyway, as it is working, I will leave it this way.

     Is there any risk of leaving the server in the DMZ (with the Firewall on, as it is)?

    Thank`s

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    Leaving the server in DMZ is like connecting your server directly to the internet.  Highly do not recommend this, unless you know what you are doing. 

    As of the DMZ works and port forward not working, you need to check your old configurations and see if there is anything that's missed.  

    0
    Comment actions Permalink
  • Avatar
    Pimbox

    Yes, i ll check all configs.

    In "simple" routers, DMZ is like connecting directly to the internet, but DMZ in Firewalla with Firewall flag allowed, my Firewall rules works in this DMZ Device right?

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    The concept of DMZ is routing traffic;  while rules are more of controlling traffic.   They operate at different layers, so yes, even with DMZ traffic, rules will apply.

    1
    Comment actions Permalink
  • Avatar
    Pimbox

    Nice!
     I missed this OSI class hahaha.
     I will look for the settings more carefully and adapt the use of the server to get it out of the DMZ.
    Thanks.

    0
    Comment actions Permalink

Please sign in to leave a comment.