TW100-BRV204 User’s Guide
6
• PCs connected to the DMZ port are on the same LAN segment as PCs connected to the
Hub ports. They must use the same IP address range.
• PCs connected to the DMZ port are NOT visible to PCs on the hub (LAN) ports. So you
cannot use Microsoft networking or other networking protocols to connect to PCs on the
DMZ. The connection must be made via the Internet.
• PCs connected to the DMZ port still share the WAN port IP address for Internet access.
• To make PCs on the DMZ port available from the Internet, the "Virtual Server" (Port
Forwarding) feature must be configured to send incoming traffic to the appropriate server.
Advantages of the DMZ Port
If running any Servers on your LAN, you should connect them to the DMZ port, for the
following reasons:
• Traffic passing between the DMZ and LAN passes through the firewall. The firewall will
protect your LAN if your Server is compromised and used to launch an attack on your
LAN.
• When using the Virtual Servers feature, (see Virtual Servers in Chapter 6) a firewall rule
to allow incoming traffic from the Internet (WAN) to the DMZ is automatically created.
If the Server is connected to the LAN (hub) ports, you must add the firewall rule manually.