DSL-604+ ADSL Ethernet Router User’s Guide
32
DMZ IP Address
NAT may conflict with certain interactive applications such as video conferencing or playing Internet video
games. For these applications, a NAT bypass can be set up using a DMZ IP address. The DMZ IP address is a
“visible” address and does not benefit from the full protection of the NAT function. Therefore it is advisable that
other security precautions be enabled to protect the other computers and devices on the LAN. It may be wise to
use isolate the device with the DMZ IP address from the rest of the LAN.
For example, if you want to use video conferencing and still use NAT, you can use the DMZ IP address function.
In this case, you must have a PC or server through which video conferencing will take place. The IP address of
this PC or server will then be the DMZ IP address. You can designate the server’s IP address as the DMZ by
typing in the IP address in the DMZ IP Address space provided and clicking the OK button.
For the system that uses the DMZ IP address, you may want to manually assign an IP address to it and adjust
your DHCP server addresses so that the DMZ IP address is not included in the DHCP server range. This way
you avoid possible IP address problems if you reboot the DMZ system.
IP Masquerade Pass Through
Since certain protocols have difficulty operating in conjunction with NAT, the Router can forward these packets
without subjecting them to NAT address mapping. In particular, IPsec (a special network security protocol) and
PPTP (a tunneling protocol used for virtual private networks) are not compatible with NAT. For this reason, the
Router is configured to allow them to pass by default. You may disable this using the IP Masquerade Pass
Through menu. To block in effect either packet type while NAT is running you must deselect the type here and
click the OK button.
Figure 4- 9. IP Masquerade Pass Through