Block DMZ Host access to internal network

SOLVED
Reply
Highlighted
Contributor
Contributor
Posts: 2
Registered: ‎03-22-2019

Block DMZ Host access to internal network

Message 1 of 3
(1,072 Views)

hi

I am setting up a DMZ Host on a G1100 router. By default, it appears that the machine has access to all other machines on the internal network. I do not believe this is normal. Is there a setting somewhere to prevent it?

thanks

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
MVP MVP
MVP
Posts: 1,876
Registered: ‎06-24-2018

Re: Block DMZ Host access to internal network

Message 2 of 3
(1,041 Views)

Yes that is normal when you setup a DMZ host. A DMZ host will not block access to other hosts on the subnet. Setting up the DMZ host will completely open up that device to the internet. So if that device gets infected then the other devices on your network will be as risk.

In a residential/home router it is a very misleading setting. To have a true DMZ typically it will be done with mulitple firewalls or a virtual subnet. Is there a reason that open up that device? Can you just use port forwarding and use only the necessary ports?

View solution in original post

2 REPLIES 2
Highlighted
MVP MVP
MVP
Posts: 1,876
Registered: ‎06-24-2018

Re: Block DMZ Host access to internal network

Message 2 of 3
(1,042 Views)

Yes that is normal when you setup a DMZ host. A DMZ host will not block access to other hosts on the subnet. Setting up the DMZ host will completely open up that device to the internet. So if that device gets infected then the other devices on your network will be as risk.

In a residential/home router it is a very misleading setting. To have a true DMZ typically it will be done with mulitple firewalls or a virtual subnet. Is there a reason that open up that device? Can you just use port forwarding and use only the necessary ports?

View solution in original post

Contributor
Contributor
Posts: 2
Registered: ‎03-22-2019

Re: Block DMZ Host access to internal network

Message 3 of 3
(1,032 Views)

thank you Edg1. I was hoping for a built-in firewall solution to prevent exposing the rest of the network to the DMZ host. Without that, it does not seem reasonable to use this DMZ feature indeed. cheers.

How-To Videos
 
The following videos were produced by users like you!
   
Videos are subject to the Verizon Fios Community Terms of Service and User Guidelines and contains content that is not created by Verizon.
Covid19


Browse Categories
Categories:
Posts

Verizon Troubleshooters
Unable to find your answer here? Try searching Verizon Troubleshooters for more options.