DMZ not working
DMZ not working
So I just got this router a few days ago, and am trying to set up a DMZ. I have the target sever set for DHCP reservation, and the same IP address as the destination for the DMZ. I also have several "Virtual Servers" setup as well. Turns out the DMZ just dosn't work as I think it should, where ALL incoming traffic goes to that server, except ports noted in the Virtual Server list.
I vaugly read some where that the DMZ must be directly connected to the router on a particual port (1 of 5), but can't find that info.
Just curious if anyone else has this issue, and if there is a way to actually make it work as expected.
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
What's the hardware version of your R600VPN? As I know, you don't need to connect your client to the particual port for DMZ. Because R600VPN hasn't physical DMZ port.
And DMZ should work as you said. Maybe you can check if there any new firmware that you can try to upgrade.
- Copy Link
- Report Inappropriate Content
Hardware version is TL-R600VPN v4.0
Firmware version is 4.0.3 Build 20190227 Rel.48206
Although I have a server set up as the DMZ target I STILL have to add ports manually via the "Virtulal Server" pane to get it to work. Is it possible what the DMZ doesn't work if ANY of the Virtual Server IP's are the same as the DMZ?
- Copy Link
- Report Inappropriate Content
Do you mean to configure DMZ and virtual server for the same IP address? I cannot make sure whether this will cause the issue. But I think you can try to disable virtual server temporarily, just enable DMZ only and check if you can access your server from the external network. If cannot work, maybe the DMZ function has problem.
PS: We need to make sure that your server can access the router at first.
- Copy Link
- Report Inappropriate Content
I have deleted all of the virtual server entries.
the only thing I have setup is the DMZ entry, to an IP addres of the server on the internal LAN, but incoming traffic that should go to the server is being blocked by the router. I am attachign my current config file for you to take a look, and let me know what is wrong.
- Copy Link
- Report Inappropriate Content
Cannot get the conifguration from the config file. Unless you tell me the username and password. Then I can restore the config in my R600VPN and login to check the settings.
But I did a simple test that only set DMZ, and I could access the LAN server from WAN.
The LAN server is HFS server that uses 4002 port. I use WAN IP:4002 to access the server.
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
I tried to restore your config file and did the test. Still can access the HFS server from WAN. ( I set HFS server as 192.168.5.101:4002)
Sorry that I haven't idea now. Maybe you can try to install HFS server for testing as well.
- Copy Link
- Report Inappropriate Content
Here is what I have tried.
I have done a "Factory Restore" to this unit. ALL setting have been erased, and everything is set exactly the way it was when it came out of the box.
I log in, create a new username and passowrd, and then log into the router with the new info.
From the router Network / WAN/ Page, I find my public IP address is 47.38.25.120.
I do a port scan for that IP address on port 5001. As expected, the port is closed.
Next I go to the DHCP Client List, find the IP address of my server (in this case, 192.168.0.105), and make that the DMZ IP address. At this point, the only changes from the original set up are the usernam and password, and to set up an internal IP address as the DMZ.
Next I do a port scan using my IP address 47.38.25.120 on port 5001, and the port scan now shows this port is open.
I am expecting to log into the server on port 5001, but when I try to log in, [https://47.38.25.120:5001] nothing happens. Absolutly Nothing. Becasue the port scan shows the port open, it seems traffic is getting TO the DMZ server, but not FROM the DMZ server.
Next I add port 5001 to the Virtual Server list, and go back to https://47.38.25.120:5001, and the web page immediately comes up. So only with the port and internal IP address entered into the Virtual Server List, does traffic travel both ways.
Something is wrong with your software or the hardware, but the DMZ setup is NOT working as expected.
- Copy Link
- Report Inappropriate Content
Your description is very clear, it may has problem as you said. Could you tell me what server and service your were using ? Maybe it's related to the specific service of data.
And I has a beta FW for R600VPN, you can try to upgrade if you don't mind. If it cannot solve your problem, you can dwongrade to your current firmware.
https://static.tp-link.com/2020/202002/20200226/TL-R600VPNv4_un_4.0.3_[20190226-Rel.38572(Beta)]_up.zip
- Copy Link
- Report Inappropriate Content
@Andone I am using a Synology NAS.
in other setings with other routers, designating the Synology NAS works as expected. I don't have to set up special ports for it, as all traffic go to and from it. But with the TP link, that isn't working.
The ONLY way I can make it work with the TP device is to set up a specail "Virtual Server".
and I can't download the firmware from the link you provided. It sends me to this page:
"Please go to TP-Link Offical Website to get products, software and services for your region."
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 6892
Replies: 20
Voters 0
No one has voted for it yet.