Skip to main content

Public Addresses (DMZ)

The DMZ function (Public Addresses) assigns a public IP address from the subscribed IP range directly to devices. These devices are then accessible from the Internet without NAT and without port forwarding. The DMZ firewall of the Centro Business protects these devices separately from the rest of the LAN.

Typical use cases

  • Own web server / mail server: A server needs to be directly accessible from the Internet under a fixed public IP.
  • Local firewall / security gateway: A dedicated hardware firewall (e.g. Sophos, FortiGate) receives a public IP and manages traffic independently.
  • IP camera system with own management: An NVR or camera system requires its own public IP for remote access.
  • VoIP telephone system (PBX): A SIP-based telephone system is operated directly with a public IP to avoid NAT issues.

Configure DMZ

The Centro Business 2.0 provides two different DMZ options, which can be activated as follows:

  • On the router portal under Network → Public Addresses
  • Activate the desired DMZ option

Public IP addresses on all LAN ports (DHCP) With this option, the DMZ is activated on all LAN ports (incl. WLAN) of the Centro Business. The local LAN of the router can no longer be used in this mode.


Public IP addresses on LAN Port 1 (DMZ) With this option, the DMZ is activated on LAN Port 1. The local LAN of the Centro Business can continue to be used on Ports 2–4 as well as via WLAN.

Limitations

  • Not available with BNS/EC-S contract

FAQ - DMZ

What are the advantages of a DMZ?
  • Improved security: By placing publicly accessible servers in the DMZ, the internal network is protected from direct attacks from the Internet.
  • Isolation of services: Services such as web servers, email servers, and DNS servers can be isolated in the DMZ, which simplifies the security and management of these services.
  • Flexibility: The DMZ offers a flexible environment where new services and applications can be tested and deployed without endangering the internal network.
Specifics:
  • Access from the DMZ to the network (LAN) is blocked.
  • Access from the LAN to the DMZ takes place via the public IP addresses.
  • Access to the router portal takes place via the LAN network or remote access.
  • Access from the DMZ to the router portal is not possible.
info

Is something missing here? Give us your feedback!

Help us improve the CB-Guide. Let us know what content you are missing or how we can improve.

Send feedback

Last updated on