Home » Blogs » Tobias's blog

Enable DMZ on Speedtouch 780WL

Submitted by Tobias on 16 March, 2010 - 07:51

I was struggling for hours to set up a DMZ on my Speedtouch 780WL. It's wasn't easy to figure out what to do, but i finally made it. Here is how I did it.

In this example is my external IP (the one I got from my ISP) AA.BB.CC.DD. My internal IP to the computer I want to have in a DMZ is 192.168.1.70. The Speedtouch modem is on 192.168.1.254. I'm using firmware 5.4.0.14 which you install with this wizard.

Open a terminal to telnet to your modem.


telnet 192.168.1.254

The login information is by default:
Username: Administrator (note the capital A)
Password:

When you are logged in run


{Administrator}=>nat maplist
Idx Type Interface       Outside Address                Inside Address                 Use
  1 NAT  Internet          AA.BB.CC.DD                  127.0.0.1                      0
  1 NAPT Internet          AA.BB.CC.DD                  unmapped                       97

{Administrator}=>nat mapdelete intf=Internet index=1
{Administrator}=>nat mapdelete intf=Internet index=1
{Administrator}=>:nat maplist                            
Idx Type Interface       Outside Address                Inside Address                 Use

{Administrator}=>nat mapadd intf=Internet type=nat outside_addr=AA.BB.CC.DD inside_addr=192.168.1.70
{Administrator}=>nat mapadd intf=LocalNetwork type=nat outside_addr=AA.BB.CC.DD inside_addr=192.168.1.70

That will do the trick. If you want to have some explanations (or if, of course, this doesn't work for you) you can read further. The "1 NAPT Internet AA.BB.CC.DD unmapped 97" says "if a package from Internet comes down to this rule, throw it away". Thats is something you don't want to do. You want every package to go to the computer in the DMZ. Therefore remove that rule and add a new one. "nat mapadd intf=Internet type=nat outside_addr=AA.BB.CC.DD inside_addr=192.168.1.70".

If you want do connect to you DMZ-computer with the external IP from an other computer within the network, you have to add the second rule as well. "nat mapadd intf=LocalNetwork type=nat outside_addr=AA.BB.CC.DD inside_addr=192.168.1.70"

If it still doesn't work for you, you may want to try Henrik Nordström's solution. You may also want to read the CLI manual.

DMZ for webserver

Submitted by Evans (not verified) on 4 August, 2010 - 10:33.

So before i do this, the DMZ router should be connected to the first router which is not the DMZ router?

I have my computer -> a

Submitted by Tobias on 5 August, 2010 - 07:23.

I have my computer -> a router -> Speedtouch 780WL modem -> Internet.

When you are configuring it doesnot matter how things are connected. Put your computer directly into the the speedtouch 780WL modem to have a problem free connection. Then make sure you have the IPs right.

my internet is runing in

Submitted by Anonymous (not verified) on 7 August, 2010 - 07:27.

my internet is runing in ports but i want it to run in DMZ which i cant do it ... because i gota assign an IP thing which i cant .....

can seems to find the updates

Submitted by Anonymous (not verified) on 7 August, 2010 - 07:28.

can seems to find the updates for my software aswell =(

Not working!

Submitted by Evans (not verified) on 15 August, 2010 - 12:16.

this wont work, it just says unknown command

The command do work, please

Submitted by Tobias on 19 August, 2010 - 14:25.

The command do work, please recheck your version of the modem and your firmware.

Thanks

Submitted by M.H. van der Hoek (not verified) on 21 August, 2010 - 23:04.

Thanks for sharing, it solved my problem. Keep up the good work!

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <strong> <cite> <code> <b> <i>
  • Lines and paragraphs break automatically.

More information about formatting options