How to configure totally open DMZ with OpenWRT

dmzopenwrt

I have OpenWRT router.

I have NAS in my LAN, which i need to access from WAN and from all computers in the LAN. So, it should be accessible from any computer and it needs to access some of them, too.

I read OpenWRT wiki and forums, and they recommend VLAN for network separation, but i do not need that – i want it all be on one network, so it can be visible to each other, and NAS visible from the WAN?

Any idea, how that can be done?

In case, if its important my equipment:

Router Model: Buffalo WZR-HP-G300NH
Firmware Version: OpenWrt Backfire 10.03.1 / LuCI 0.10.0 Release (0.10.0)

Best Answer

I have met similar problem and I can share solution which appears to be very simple. In OpenWRT the feature you are looking at is plain port forward.

Open you router IP, typically http://192.168.1.1

In Network menu, choose Firewall, the Port Frowards. Scroll down to "New port forward" and add:

Name: ALL->DMZ
Protocol: choose do you need both TCP=UDP or just TCP
External zone: wan
External Port: leave empty!!!
Internal zone: lan
Internal IP address: choose IP of host, in your case it's NAS
Internal port: leave empty!!!

Click Add, and Save & Apply.

That will work exactly the same as in other routers firmware "DMZ host", the host with ALL external traffic redirected to it by default.

To have more security I recommend you to forward only ports you need, without exposing it widely to Internet.

If you will want to add additional SINGLE Port Forwards, they will be added to the end of list. IMPORTANT: always move rule ALL->DMZ to the bottom of the list and "Save & Apply". The rules are processed in the order, so the first one met condition and others do not work.

Best Regards, Arunas B.

Best Answer

Related Solutions

Router – Recommendation for easy to use router and setup to handle multiple VLANs, to avoid multiple DHCP servers conflicting

Openvpn – OpenWRT + OpenVPN client forwarding from lan to vpn not working

Related Topic