[Firewall] DMZ setup issue

Dave Dewey ddewey at cyberthugs.com
Mon Feb 25 19:19:44 CET 2013

Quoting Lonnie Abelbeck (lists at lonnie.abelbeck.com):

> Hi Dave,
> Your error log looks like your DMZ client is trying to access the DMZ gateway address ( with UPnP.
> How are your DMZ client's configured, usually I have to:
> DMZ_HOST_OPEN_UDP="0/0~53,67,68"
> To support DHCP and DNS from the local box if need be.
> Also, be sure to add your DMZ_NET in your NAT_INTERNAL_NET so the DMZ is NAT'ed via the external interface.

Lonnie, NAT'ing the DMZ was it - I figured that out about an hour
after I sent the email. Classic face palm moment.

@Jason, I would use a separately publicly-routable IP for the DMZ
but I'm only getting one (and additionaly static IPs are
outrageously expensive), that's why I'm configuring this way.

Thanks guys!


More information about the Firewall mailing list