LANCOM Support Knowledgebase
Dokument-Nr. 1901.3116.1949.RHOO - V1.00
Setting up a DMZ with public IP addresses
This document describes the configuration steps required to configure a DMZ with a public address range on a LANCOM router.
LANtools as of version 7.80 (
download latest version
LCOS as of version 7.80 (
download latest version
The example used here shows a CompanyConnect connection from Deutsche Telekom with a gateway router and 4 public IP addresses.
LANCOM router is already integrated into the local
An Internet connection will be set up in the initial configuration step.
After this, the DMZ will then be set up with public IP addresses.
1. Setting up Internet access:
1.1) Internet access is set up using the Setup Wizard in LANconfig. Right-click on the device you wish to configure and select the option
1.2) Select the option
Set up Internet access
1.3) Select the
setting in order to use the integrated modem.
1.4) Select your
1.5) In the subsequent dialog, select option
Internet via plain Ethernet (IPoE, IPoEoA)
1.6) In the next screen, specify a
for the Internet connection.
Obtain IP parameters automatically from DHCP server
and enter the
supplied by your provider.
No backup connection
is used in this example, so we can leave the default settings unchanged.
1.9. Exit the setup Internet connection wizard with the
button. The configured values are then written to the LANCOM router.
1.10) Once the configuration has been written back to the device the Setup Wizard will ask whether you wish to continue with
in this screen since the configuration steps for setting up the Internet connection are now complete.
2. Setting up the DMZ:
2.1) Open the configuration dialog for the LANCOM router in
and switch to the menu
Configuration -> IPv4 -> General -> IP networks
2.2) Highlight the
entry and click on
2.3) You must enter the public IP address of the LANCOM router as IP address (here: 18.104.22.168). The
size of the DMZ network
. In this example
4 public IP addresses
may be used. For this reason
must be entered as
2.4) Close the dialog by clicking on the
button and switch to the menu
Configuration -> IP Router -> Routing -> IPv4 Routing table...
2.5) Since it is a public IP address range that needs to be reached, masking for this must be
for the default route in the routing table.
2.6) Highlight the default route and click on
2.7) Select the option
masking intranet only
in the configuration dialog. Then close the dialog with
2.8) The default route should then look as follows in the routing table.
2.9) Open the menu
IP-Router -> General
and make sure that the Option
Use Proxy ARP to tie remote stations into the LAN
2.10) Close the routing table with
and then write the configuration back to the LANCOM router.
2.11) Disconnect the existing Internet connection to allow the changes to become effective.
2.12) This concludes the configuration process required to set up a DMZ with public IP addresses.
Please note that the public IP addresses range can now be reached completely transparently from the Internet and are thus also open to attack from outside.
© LANCOM Systems GmbH