Recommended Posts

Hello, I was looking to have one of my network devices completely exposed to the internet, as I have read the easiest way to do this is by setting up a DMZ (after giving that device a dedicated IP)

The problem I am running into is this, my router DOES NOT have a DMZ setting, so I was wondering if I can just open up the entire range of ports (1-65534) through port forwarding. Will this give me the same affect?

Link to comment
https://www.neowin.net/forum/topic/1026548-alternative-to-setting-up-a-dmz/
Share on other sites

  On 18/09/2011 at 20:21, remus_lupin said:

Hello, I was looking to have one of my network devices completely exposed to the internet, as I have read the easiest way to do this is by setting up a DMZ (after giving that device a dedicated IP)

The problem I am running into is this, my router DOES NOT have a DMZ setting, so I was wondering if I can just open up the entire range of ports (1-65534) through port forwarding. Will this give me the same affect?

The thing about a DMZ is that it puts that computer separate from your internal network. If you just open those ports, that machine is still on your internal network, and then you'd need to run a firewall on your other machines to protect it from that machine since it's wide open.

Why do you need a device completely exposed? What device is it?

EDIT: What router do you have? I've never seen one that doesn't have a DMZ.

  On 18/09/2011 at 21:21, HawkMan said:

It will, along with most likely breaking your network.

If you don't have a dmz, just open the ports you need.

Yeah it did break my network, I undid it. The problem is, I have TRIED opening just the ports I need but it didn't help. So I figured I would try giving my device FULL access to the internet (no restrictions)...

  On 18/09/2011 at 21:25, farmeunit said:

The thing about a DMZ is that it puts that computer separate from your internal network. If you just open those ports, that machine is still on your internal network, and then you'd need to run a firewall on your other machines to protect it from that machine since it's wide open.

Why do you need a device completely exposed? What device is it?

EDIT: What router do you have? I've never seen one that doesn't have a DMZ.

Here is what I am trying to do, get my PS3 from NAT type 3 to NAT type 2. I have tried opening all recommended ports and UPNP is enabled, I have searched through many different forums and attempted many different things, setting up a DMZ was my last resort less of calling my ISP and asking for a public IP (as the one I have is private - I read this may cause my NAT type 3 problem). However they charge $10 each month for a public IP, so I was looking for a way around this.

EDIT: It's a new internet service (I live out in the country and cannot get fibre optics/cable etc. it is a turbo hub from bell with a built in router that allows me to get highspeed internet service) The modem/router is made by Netgear and the model is MBR1210

http://www.bell.ca/shopping/en_CA_ON.4G-NETGEAR-MBR1210Turbo-Hub/71142.details

  On 18/09/2011 at 21:43, farmeunit said:

Yup I have tried both of those, however I do thank you for the link to the manual (doh) I am going to try setting up the DMZ now, hopefully it will work!

Unfortunately setting up a dmz did nothing, I still have NAT type 3.

I have each of my devices running on their own IP and I made sure when I set up the DMZ that I added the IP for the PS3 and not one of my other computers, I also made sure I put the NAT filtering on OPEN not secure

Unfortunately setting up a dmz did nothing, I still have NAT type 3.

I have each of my devices running on their own IP and I made sure when I set up the DMZ that I added the IP for the PS3 and not one of my other computers, I also made sure I put the NAT filtering on OPEN not secure

  On 18/09/2011 at 22:22, remus_lupin said:

Unfortunately setting up a dmz did nothing, I still have NAT type 3.

I have each of my devices running on their own IP and I made sure when I set up the DMZ that I added the IP for the PS3 and not one of my other computers, I also made sure I put the NAT filtering on OPEN not secure

Sounds like double nat to me

  On 18/09/2011 at 22:25, chrispinto said:

Sounds like double nat to me

I don't have a second router on my network, the turbo hub has one built in and I am using that directly.

  On 18/09/2011 at 22:25, x9248 said:

PS3 supports uPnP btw.

I have tried UPnP on my router and PS3, still NAT type 3, then I tried manually port forwarding. Still NAT type 3.

I am not having trouble with playing games, even with type 3 all games I have tried work well, I just can not do video chats.

i had the same issues. have a E2000 Cisco router, we have 2 XBox360 1PS3 3 computers in the house, and this NAT problem was happening with the 2 xbox360 and PS3. I ended up installing DD-WRT onto my router and now i dont have the issue. the custom firmware is amazing! i day look into what you have and if you cant install it, get a new router that lets you!

  On 18/09/2011 at 23:52, lflashl said:

i had the same issues. have a E2000 Cisco router, we have 2 XBox360 1PS3 3 computers in the house, and this NAT problem was happening with the 2 xbox360 and PS3. I ended up installing DD-WRT onto my router and now i dont have the issue. the custom firmware is amazing! i day look into what you have and if you cant install it, get a new router that lets you!

Unfortunately I do not think this will help in my case, as the turbo hub itself is what seems to be limiting my NAT type, so even if I bought an external router and put DD-WRT on it, it would still be going through the turbo hub and my NAT would be limited at that point. Having said that I checked google and there is no custom firmware for my particular model.

Thank you very much for the suggestion though!

seems like this problem has been going on for sometime, and there is no fix for it. what about firmware is there a update you can use? have you contacted the location where you got the device from and question with them?

"calling my ISP and asking for a public IP (as the one I have is private"

If your router has a private IP from your ISP on its wan port, then yeah your behind a double nat.. And nothing you do on your router is going to make any difference for unsolicited inbound traffic.

Unless you have control over the device giving your router the private IP on its wan port, there is NOTHING you can do.

  • Like 1
  On 19/09/2011 at 11:03, lflashl said:

seems like this problem has been going on for sometime, and there is no fix for it. what about firmware is there a update you can use? have you contacted the location where you got the device from and question with them?

  On 19/09/2011 at 12:16, BudMan said:

"calling my ISP and asking for a public IP (as the one I have is private"

If your router has a private IP from your ISP on its wan port, then yeah your behind a double nat.. And nothing you do on your router is going to make any difference for unsolicited inbound traffic.

Unless you have control over the device giving your router the private IP on its wan port, there is NOTHING you can do.

Unfortunately I did call them and they would not give me a public IP... They told me that they are only available for their business clients.

Oh well, thanks for all your help!

So you can not get any unsolicited inbound traffic? Or do they have your private IP in the dmz of their nat? You can make things work in a double nat, as long as the traffic is being sent to your private IP.

I would do a simple port forward to some service that is listening, be it ftp, ssh, http, telnet, something that is easy to turn on and you know is listening on your machine via netstat -an seeing the box listening on that port.

Then setup a forward on your router to that port and ip of the box listening. Then check that with canyouseeme.org -- do you see that port open.

I can walk you through a simple port open and forward check.

  On 19/09/2011 at 13:42, BudMan said:

So you can not get any unsolicited inbound traffic? Or do they have your private IP in the dmz of their nat? You can make things work in a double nat, as long as the traffic is being sent to your private IP.

I would do a simple port forward to some service that is listening, be it ftp, ssh, http, telnet, something that is easy to turn on and you know is listening on your machine via netstat -an seeing the box listening on that port.

Then setup a forward on your router to that port and ip of the box listening. Then check that with canyouseeme.org -- do you see that port open.

I can walk you through a simple port open and forward check.

Thanks, I will try this when I get home, I am at school all day today. Will be home around 10:30pm Eastern time.

I think I understand what I need to do, I won't know until I actually try though, so a walkthrough would be fantastic.

depends on the server your picking, lets say you installed filezilla server, by default ftp server listens on tcp 21, so you verify ftp server is listening say on your box 192.168.1.42 via netstat -an on the .42 box, or just accessing it via 192.168.1.42 from a different box on your network - does ftp work? If so then your listening, now go to canyouseeme.org and put 21 for the port - should show closed, then setup the port forward on your router to forward 21 to your 192.168.1.42 now does canyouseeme.org show open? If so then you have atleast some inbound ports forwarded by your isp to your private IP.

If shows not open even when you forward, then your isp is not forwarding any ports to your routers private wan IP. And there is nothing you can do for running any services or having any unsolicited reaching your network.

Now you say your routers wan has a private ip?? Really, thats a really lame ISP -- you might want to change. So your saying when you look on the wan status of your router it shows 10.x.x.x, 192.168.x.x or 172.16-31.x.x ?? If this is the case your ISP is a joke, and I would switch as fast as I could get another one connected.

But if that is not an option, if your ip is private, you can reduce issues with making sure your routers nat private side is different. Ie if your routers wan is 192.168.1.0/24 then make your private lan 192.168.2.0/24 for something.. Having the same network on your wan and lan can cause you all kinds of grief -- it works sometimes, but can have issues.

I tried your steps but even after port forwarding canyouseeme.org still was unable to pick up anything through port 21 (using filezilla).

And yes the WAN status of my router shows 172.16.x.x

Right now I am with Bell Canada, I would switch... but unfortunately I can not, I live in a very bad area and don't really have any other choice (rogers offers the same service but slower - and I have read online they suffer from the same things I am currently experiencing). I had dial-up until a couple years ago (we can not get cable etc.) I am using a portable internet service that uses cell service for internet (its expensive and offers little bandwidth).

I had a different service which was much more open (allowed for NAT 1 on my PS3) however just last week they said they were discontinuing the service and I would have to convert to this new one. Sure it's faster but I went from an unlimited bandwidth plan (3mbps) at $45/month to a 3GB/month plan on a 21mbps speed (5mbps down) for $55/month going up to a max of 10GB in a month for $80. However I have 6 months unlimited, at the end of which I am sure they will have larger plans at more reasonable prices.

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Posts

    • https://deadline.com/2025/06/spaceballs-2-casts-rick-moranis-bill-pullman-keke-palmer-1236431204/
    • Microsoft updates default app choices for Windows 10 and the Curl tool with build 19045.6029 by Sayan Sen Microsoft has rolled out a new Windows 10 release preview build today for Insiders flighting the channel. The new build, 19045.6029, has some new changes and improvements. The biggest highlight is related to default app choices for the EEA (European Economic Area) region. Microsoft writes: "We are rolling out some small changes in the EEA region for default browsers via the Set default button in Settings > Apps > Default apps: Additional file and link types will be set for the new default browser, if it registers them. The new default browser will be pinned to the Taskbar and Start menu unless you choose not to pin it by clearing the checkboxes. There is now a separate one-click button for browsers to change your .pdf default, if the browser registers for the .pdf file type." Microsoft has also updated the curl command line tool with "most recent stable version is 8.14.1". Aside from those, remote Component Object Model (COM) activation that were failing with 0x8001011 error code has been fixed. And there are several other changes too. The full changelog is given below: [Mobile Operator Profiles] Updated: Country and Operator Settings Asset (COSA) profiles. [App Platforms and Frameworks] Fixed: An issue affecting Component Object Model (COM) functionality on Windows platforms, where remote COM activations were failing with error 0x8001011. Upgraded the version of the curl tool included in Windows to v8.13.0. [Authentication Platform] Fixed: An issue affecting the device registration in Entra ID Windows Account Manager (WAM) plugin. [Input and Composition] Fixed: An issue affecting the complete removal of unused language packs and Feature on Demand (FOD) packages. This led to unnecessary storage use and increase in Windows Update installation time. [Print and Peripherals] Fixed: An issue affecting USB-connected Multi-Function printers with dual protocol interfaces, where scanning may fail and prevent use of the OS’s built-in scanning functionality. [Start Menu] Fixed: An issue causing jump lists to disappear from the Start Menu. Fixed: An issue where the Start Menu was not starting after installing an update. [Settings] Fixed: Settings > System > About unexpectedly shows version 2009 instead of version 22H2. [Servicing] Fixed: An issue where Kiosk devices using the ForceAutoLogon configuration and Shift Override might stop responding with a blue screen after being locked and unlocked by support administrators. [File Server] Fixed: An issue where the system may hang when acknowledging an Oplock break on resources located on SMB shares. You can find the official blog post here on Microsoft's website.
    • This is a liability problem. They aren't simply going to trust that you aren't the driver. I think if they really wanted to they could do something similar to key fobs where they only work if they are in the proximity of the driver's seat. As already pointed out by a Random Stranger, simply having your passenger hit the play button doesn't make it any less distracting for the driver.
    • Windows 11 gets improved app defaults settings and Windows Share in build 22631.5545 by Taras Buria Windows 11 build 22631.5545 is now available for download in the Release Preview Channel of the Windows Insider Program. The update is a pretty minor one, but it still packs some important changes, such as improvements for app defaults in the Settings app, Windows Share enhancements, and a few fixes here and there. With build 22631.5545, Microsoft is giving users in the EEA region more control over default apps in Windows 11, particularly for browser defaults. Now, browser defaults support additional file and link types. Your default browser now pins itself to the taskbar (you can turn this option off), plus you can change your typical PDF viewer with one click (if the browser of choice supports PDF handling). As for Windows Share improvements, the sharing window now includes a preview of the link that you are about to send to someone. The rest of the changelog includes various fixes: [Audit] Fixed: An issue with auditing privilege use created too many security event logs. These logs filled up the system drive and prevented users from signing in. [Authentication] Fixed: This update fixes an issue where domain-joined machines running Windows 11 22H2 or 23H2 couldn’t update their account passwords on Windows Server 2025 domain controllers, which led to trust relationship issues. [Country and Operator Settings Asset (COSA)] Fixed: This update brings profiles up to date for certain mobile operators. [Display Kernel] Fixed: An issue that prevented Remote Desktop Protocol (RDP) connections until you restarted your device. [Network file sharing] Fixed: This update fixes an issue where workstations and servers might stop responding when connecting to resources located on Server Message Block (SMB) shares. [Performance] Fixed: This update addresses an issue that prevented the complete removal of unused language packs and Feature on Demand packages, which previously led to unnecessary storage use and longer Windows Update installation times. [Shell] Fixed: This update resolves an issue where kiosk devices might stop responding after being locked and unlocked by an administrator. [Windows Hello] Fixed: This update fixes an issue that prevented the automatic renewal of expiring certificates in Windows Hello for Business. [Windows Search] Fixed: Windows Search responds very slowly—the Search Box can take over 10 seconds to load before you can use it. You can find the announcement post here.
    • Father's Day is coming, so give your dad some great gifts by Steven Parker Mashup from Depositphotos.com (1) (2) Father's Day is quickly approaching on Sunday, June 15. If you haven't gotten your dad a gift for the occasion, don't sweat it. There are lots of affordable gifts you can buy for Father's Day on Amazon, and if you order one or more of them right now, you can get them shipped to you in time to give them to your dad. Below we have put together some Apple deals, and we'll keep expanding the list as we come across more interesting deals, so be sure to check back. iPad Deals Apple iPad 11" 128GB A16 Tablet $299 -14% now $299 (was $349) Apple iPad Air 11" 128GB M3 Chip Tablet -17% now $499 (was $559) Apple iPad Air 13" 128GB M3 Tablet -12% now $699 (was $799) 2024 iPad Mini A17 Pro 128GB 8.3" Tablet -20% now $399 (was $499) 2024 iPad Pro 11" 256GB M4 OLED Tablet -10% now $899 (was $999) 2024 iPad Pro 13" 256GB M4 OLED Tablet -15% $1099 (was $1299) Apple Pencil (3rd Gen, For Select iPads) -13% now $69 (was $79) Apple Pencil Pro (For Select iPad Pro & Air) -23% now $99 (was $129) AirPods deals Apple AirPods Pro 2 Wireless Earbuds -32% now $169 (was $249) Apple AirPods 4 Spatial Audio Wireless Earbuds -23% now $99 (was $129) Apple AirPods 4 Active Noise Canceling Wireless Earbuds -17% now $149 (was $179) Apple Watch Deals Series 10 GPS 42mm (Sport Band) -25% now $299 (was $399) Series 10 GPS 42mm (Sport Loop) -25% now $299 (was $429) Series 10 GPS 42mm (Sport Loop) -23% now $329 (was $429) Series 10 GPS 46mm (Sport Band) -23% now $329 (was $429) Apple Watch Ultra 2 49mm GPS Smartwatch -8% from $739 (reg $799) Apple Watch SE (2nd Gen) Smartwatch -32% from $169 (was $249) MacBook Deals 2025 MacBook Air 13.6" M4 Chip Laptop (16GB/256GB) -15% now $849 (was $999) 2025 MacBook Air 15.3" M4 Chip Laptop (16GB/256GB) -13% now $1049 (was $1199) 2024 MacBook Pro M4 14.2" Laptops -11% from $1429 (was $1599) 2024 MacBook Pro M4 16" Laptops -10% from $2249 (was $2499) Mac Deals Mac Mini M4 10-Core CPU 10-Core GPU -8% now $546 (was $599) iMac M4 24" 8-Core CPU/GPU (16GB/256GB) -8% now $1193 (was $1299) iMac M4 24" 10-Core CPU/GPU (16GB/256GB) -7% now $1349 (was $1499) Kindle deals 16GB Kindle Scribe + Premium Pen -25% now $299.99 (was $399.99) 32GB Kindle Scribe + Premium Pen -24% now $320 (was $420) 64GB Kindle Scribe + Premium Pen -22% now $350 (was $450) Samsung 49" Odyssey OLED G9 (G95SC) 240Hz Curved Gaming Monitor -$800 now $999.99 (was $1799) Samsung Galaxy Buds FE True Wireless Bluetooth Earbuds -35% now $64.99 (was $99.99) Samsung Galaxy Tab S10+ -$120 now $879.99 (was $999.99) Samsung Galaxy Watch Ultra 47mm -31% now $449.99 (was $649.99) SAMSUNG Galaxy S25+ -12% now $879.99 (was $999.99) These are just a small selection of the discounts on offer; for more great deals, go to Amazon's Deals page. As an Amazon Associate, we earn from qualifying purchases.
  • Recent Achievements

    • One Month Later
      Orpheus13 earned a badge
      One Month Later
    • Week One Done
      Orpheus13 earned a badge
      Week One Done
    • One Year In
      Orpheus13 earned a badge
      One Year In
    • Week One Done
      serfegyed earned a badge
      Week One Done
    • Week One Done
      fashionuae earned a badge
      Week One Done
  • Popular Contributors

    1. 1
      +primortal
      525
    2. 2
      ATLien_0
      265
    3. 3
      +FloatingFatMan
      205
    4. 4
      +Edouard
      168
    5. 5
      Xenon
      122
  • Tell a friend

    Love Neowin? Tell a friend!