FreshTomato Wiki

User Tools

Site Tools

Trace: forward-dmz

Sidebar

freshtomato.org

Wiki

▸ About

▸ Releases

▸ Hardware compatibility

▸ 3G/4G/5G compatibility

▸ Feature matrix

▸ Documentation

▸ HOWTOs

▸ FAQ

Forum

AX

Download

Changelog

Development

Bug track

ARM

Download

Changelog

Development

Bug track

MIPS

Download

Changelog

Development

Bug track


TomatoAnon

✔️ Help (WikiText Syntax)

🧑‍🤝‍🧑 Credits

💰 Donations

forward-dmz

DMZ

On a sophisticated network, the DMZ (Demilitarized Zone) is a specific area of the network where services are provided in a secure way. However, in FreshTomato, DMZ has a simpler effect. When enabled, all unknown ports on FreshTomato's WAN are forwarded to the defined DMZ host IP address, instead of each being dealt with individually.

Since it opens a large security hole, consider DMZ a “lazy” and potentially dangerous approach to port forwarding. You are advised to use other port forwarding methods before resorting to DMZ.

Enable DMZ: This turns the DMZ function on or off.


Destination Address: The LAN IP address of the device to receive all these forwarded ports.



Destination Interface: This is the VLAN/bridge where the above host can be found.


Source Address Restriction: If entered, this limits DMZ activity to the defined source IP address range.

The Default is empty, which means ports from any address/range will be forwarded.


Leave Remote Access: If enabled, this forces SSH (TCP port 22) and HTTP (TCP port 443) traffic to always be answered by the FreshTomato router, regardless of DMZ settings.



forward-dmz.txt · Last modified: 2024/10/09 22:57 by hogwild

Page Tools

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki