cancel
Showing results for 
Search instead for 
Did you mean: 

Thomson 585 v7 and lack of DMZ

maccoylton
Grafter
Posts: 48
Registered: ‎11-08-2007

Thomson 585 v7 and lack of DMZ

I run a server at home with, which I like to be able to access from anywhere.  Previously I had the server in the DZ to avoid any issues, however it appears the new Thomson 585 v7  wireless router that PlusNet are now supplying does not have DMZ capability.
I did some digging, and the "alternative" appears to be to use the "Assign the public IP address of a connection to a device" option  found on the task section at the bottom of the devices page (Home > Home Network > Devices). I tried this, it told me I would have to release and renew the DHCP lease on the server, which I did  and It got the external IP address however nothing worked. The server couldn't talk to the internet nor the router, and the rest of my clients couldn't either talk to either either,  they all ended up with a self assigned IP address.
Anyone got any experience or ideas on this.
The router is new this week, it;s running firmware 7.4.4.7
Thanks
Dave 
10 REPLIES 10
samuria
Grafter
Posts: 1,581
Thanks: 3
Registered: ‎13-04-2007

Re: Thomson 585 v7 and lack of DMZ

Have you looked at the documents here
http://www.thomsonbroadbandpartner.com/dsl-modems-gateways/products/product-detail.php?id=161
Looking around other say there is an option for DMZ
Port forwarding is no problem using the web interface (GUI); I haven't tried to use DMZ so can't say if it actually works, but it is one of the built-in options when setting up firewall rules.
Putting any server in a DMZ zone is dangerous you should just forward the required ports
maccoylton
Grafter
Posts: 48
Registered: ‎11-08-2007

Re: Thomson 585 v7 and lack of DMZ

Samuria
I do understand the implications of what I'm asking, having run my Mac OS X server that way for a number of years. As a temporary measure I have set up lots of port forwards, however  I'm still struggling to get one or two things working as I'd like, hence the question.
I saw the reference to DMZ in the firewall configuration, but can't find any reference to say which device or interface represent the DMZ, there is no reference to DMZ in the user guide,
I've pored over them and googled, the CLI references does make a number of references to DMZ, however there are no examples,  and I find the command set a little cryptic.
Thanks

Dave
Oldjim
Resting Legend
Posts: 38,460
Thanks: 787
Fixes: 63
Registered: ‎15-06-2007

Re: Thomson 585 v7 and lack of DMZ

maccoylton
Grafter
Posts: 48
Registered: ‎11-08-2007

Re: Thomson 585 v7 and lack of DMZ

Thanks Oldjim,  but these are the instructions for "Assign the public IP address of a connection to a device" , which as per my first post I tried, although it appeared to work in that the "server" got the external IP address, the result was none of my devices (wired or wireless)  including the server could talk to the router nor to the internet.
I also tried a reset and setting this up from scratch with the same result.
Regards
Dave

Oldjim
Resting Legend
Posts: 38,460
Thanks: 787
Fixes: 63
Registered: ‎15-06-2007

Re: Thomson 585 v7 and lack of DMZ

I did find this one which may be a way round it http://www.speedtouch.net.nz/forum/topic.asp?TOPIC_ID=462 but it did look as though it wasn't what you wanted
maccoylton
Grafter
Posts: 48
Registered: ‎11-08-2007

Re: Thomson 585 v7 and lack of DMZ

My apologies I guess I should include all the places I've already been in my posts. I read this one earlier, and I think it might explain at least why the server is not able to function, although it doesn't really explain why the other clients can't route properly after setting this up.
The key piece is this:- BB. This works fine with windows pcs with their own version of tcp/ip networking. You may find Linux box does not like it at all. Problem being you have to use dhcp to force the speedtouch to pass the address. But if your gateway is outside the subnet of the ip it simply won't route.
When I tried this last night, the address and the gateway  the server got were in different subnets, so that would explain why the server couldn't route, but not why the rest of the clients were also impacted.
Oldjim
Resting Legend
Posts: 38,460
Thanks: 787
Fixes: 63
Registered: ‎15-06-2007

Re: Thomson 585 v7 and lack of DMZ

Sorry I haven't been able to help but this is one reason I ditched the Speedtouch 585 - the firmware has all sorts of non documented restrictions in it even to the point of disabling a number of very useful CLI commands.
puddy
Grafter
Posts: 1,571
Registered: ‎10-06-2007

Re: Thomson 585 v7 and lack of DMZ

I have a speedtouch 716wl v5 wireless and found portforwarding for my ip camera (uses port 8000) would only work if Iset it up with
1. Game & Application Sharing setup create new game or application ***
2. enter name  then Manual Entry of Port Maps
3. enter Protocol use ANY instead of TCP or UDP
4. enter port range  (8000-8000) for my web cam Translate To (8000-8000)
5. Assign a game or application to a local network device I use the my desktop computer (we have 2 laptops and 1 Desktop with lan cable in to router) ip camera plugs in to router

Some speedtouch routers use port 1 for DMZ but I could not set mine up that way.
*** your application could be in the list I know xbox and some programs have a template already setup with portforwarding
puddy
maccoylton
Grafter
Posts: 48
Registered: ‎11-08-2007

Re: Thomson 585 v7 and lack of DMZ

Puddy,
thanks for the info on how to set up game and app sharing. I was  wanting to avoid doing this manually, since my server already has all the firewall setup I need.
I also read that port 1 was  used in Thomson version of DMZ. I tried that and there were a few issue with that as a setup.  First issue was that although I got the correct IP on the server it could not talk to the internet, Saw some commentary that this could be caused if the gateway address for the router was not in the same subnet as the ip address, which with plusnet current setup it isn't.  Second issue was that other machines connected to  the router couldn't connect to the network any more, internal or external. And the third is that my server is currently on a gigabit switch,, to allow for media sharing in my local network, why would I want to move that to a 100MB port on the router?
I guess there's no such thing as a free lunch and these are just limitations I'll have to live with.
Regards
David
itsme
Grafter
Posts: 5,924
Thanks: 3
Registered: ‎07-04-2007

Re: Thomson 585 v7 and lack of DMZ

I believe your only option is to request a block of IP addresses if the router can support this. You then assign one to the router and one to the server