Author Topic: Two routers internal on DMZ  (Read 15638 times)

0 Members and 1 Guest are viewing this topic.

Btaylor

  • Guest
Two routers internal on DMZ
« on: February 18, 2009, 08:32:22 AM »
Please help!

Heres the setup. 2wire router supplied by ISP does not support ip filtering.
What im trying to accomplish is to Forward several ports to intrnal IBM AS\400 but filter traffic by IP address. So an example rule in the RV042 Cisco would be
any traffic coming from public static 209.x.x.x > forward to internal ip 192.x.x.x
My question is about the settings of the internal RV042 router.

Can I set up the routers this way

Assign static Ip adress to  RV042 using internal address 192.x.x.x
Use internal subnet mask and WAN gateway for gateway
Then>
put  the internal address of the RV042 into the DMZ on the 2wire ISP router
then apply forward and ip filtering rules to internal RV042

will this work?

PcWinTech.com Forums

Two routers internal on DMZ
« on: February 18, 2009, 08:32:22 AM »

Offline Shane

  • Top Geek, err uh Dog.
  • PcWinTech Administrator
  • PcWinTech Guru
  • *******
  • Join Date: Jul 2008
  • Posts: 16,846
  • Location: USA
  • Karma: 523
  • "Knowledge should be shared not hidden."
You got it :-) but it wont be
« Reply #1 on: February 18, 2009, 08:38:31 AM »
You got it :-) but it wont be the internal address of the RV042 it will be the WAN address.

http://www.pcwintech.com/node/292

Shane
(My weekends belong to my wife and kids, I will try my best to answer all posts daily during the work week)

(About Shane)
Site Owner, Top Admin, Lead Programmer, Wife & 5 kids, Needs a lot more coffee.

When people ask "Why fix what isn't broken?" I reply "To make it better."
"Only a life lived for others is a life worthwhile"
Honor & Respect is all that matters.

Owner & Programmer of: www.pcwintech.com & www.tweaking.com

Btaylor

  • Guest
Shane thanks for the quick
« Reply #2 on: February 18, 2009, 08:51:46 AM »
Shane thanks for the quick reply! I saw the diagram yesterday and thats where I got really confused I guess. Please bare with me and I apologize for my ignorance but, ok do I use the same WAN address that is assigned to the WAN router? or Do I have to have another ISP provided static public Ip to pull this off? Surely you cant use the same ip right?

Offline Shane

  • Top Geek, err uh Dog.
  • PcWinTech Administrator
  • PcWinTech Guru
  • *******
  • Join Date: Jul 2008
  • Posts: 16,846
  • Location: USA
  • Karma: 523
  • "Knowledge should be shared not hidden."
np, here is how it works. The
« Reply #3 on: February 18, 2009, 08:57:31 AM »
np, here is how it works.

The 2nd router (the RV042) should be plugged into the 2wire just like a computer would. Make sure the cable is plugged into the WAN/Internet port though on the RV042 and on the 2wire side it is just plugged into one of the normal ports.

The RV042 will now have a WAN ip address from the 2wire. Just like a computer.
So if the 2wire gives out ips like 192.168.0.100 then the WAN ip of the RV042 should be a ip of 192.168.0. something.

Then in the 2wrie you simply put the DMZ to what local address it gave the RV042. Setting it to static for the RV042 is always a good idea.

Then you want all computers to be hooked through the RV042 and only have the RV042 to the 2wire.

I hope I explained that ok, I haven't had my coffee yet :-)

Shane
(My weekends belong to my wife and kids, I will try my best to answer all posts daily during the work week)

(About Shane)
Site Owner, Top Admin, Lead Programmer, Wife & 5 kids, Needs a lot more coffee.

When people ask "Why fix what isn't broken?" I reply "To make it better."
"Only a life lived for others is a life worthwhile"
Honor & Respect is all that matters.

Owner & Programmer of: www.pcwintech.com & www.tweaking.com

Btaylor

  • Guest
Perfect! thats what I needed
« Reply #4 on: February 18, 2009, 09:02:00 AM »
Perfect! thats what I needed was the dummy break down! lol The WAN ip was throwing me off thinking it had to be public! this is going to work out perfect and I have to implement it in about 50 different scenarios! So serioulsy thank you so much for all your help and your awesome website! Love your Einstien quote! "Only a life lived for others is a life worthwhile" - Albert Einstein   Im going to donate 10 bucks today to help out a little! I look forward to working with you in the future! I truly appreciate it Shane and wish thier were more people like you out there.

Offline Shane

  • Top Geek, err uh Dog.
  • PcWinTech Administrator
  • PcWinTech Guru
  • *******
  • Join Date: Jul 2008
  • Posts: 16,846
  • Location: USA
  • Karma: 523
  • "Knowledge should be shared not hidden."
Any time you need me, you
« Reply #5 on: February 18, 2009, 12:52:23 PM »
Any time you need me, you know where to find me :-)

-Shane
(My weekends belong to my wife and kids, I will try my best to answer all posts daily during the work week)

(About Shane)
Site Owner, Top Admin, Lead Programmer, Wife & 5 kids, Needs a lot more coffee.

When people ask "Why fix what isn't broken?" I reply "To make it better."
"Only a life lived for others is a life worthwhile"
Honor & Respect is all that matters.

Owner & Programmer of: www.pcwintech.com & www.tweaking.com

PcWinTech.com Forums

Any time you need me, you
« Reply #5 on: February 18, 2009, 12:52:23 PM »