Hard to describe my question in the space of a thread title.
I’ve never dealt with the little home routers that do NAT. I know most or all have the ability to forward specific ports to specific computers, so you can have incoming connections to host servers and such.
Do any have a feature where you can tell all traffic that isn’t specifically addressed to another computer via NAT address to be passed through to a particular computer? So essentially, if I have 2 computers on a network, all traffic that’s not specifically a return message to one computer goes to the other?
Look for a setting called “DMZ.”
Correct. And every NAT router I’ve ever used (quite a few), has it.
Don’t forget that the “demilitarized zone” analogy isn’t a bad one – once you’re redirecting all (or almost all) traffic to a given system, most of the implicit firewalling of NAT is gone; that system may as well be directly attached to the Internet.
I can trust my users (no kids, technologically savvy wife, wired network and numerous blocks on the wireless access), so I tend to run my systems with the “local” firewalls off – not a good idea if you’ve DMZ’d the system. On the other hand, if you’re careful, it’s a great way to get a system outside the NAT for games that require a whole bunch of different ports opened. Skip the ports and just make that system DMZ.
Thanks. I was confused at first because what “DMZ” means in networking is generally something totally different than what it means for dsl routers. Just having a router forward packets that aren’t addressed specifically as a NAT return doesn’t constitute a DMZ at all.
I’m not particularly interested in the limited security offered by a little nat router - I’ve had my computer plugged directly into the cable modem for years. I’d prefer having the convenience of not having to find a list of ports, and then open them, whenever I want to host something.
So if I set a router to treat this computer as the DMZ, it’ll essentially act as if it were directly connected to the cable modem as far as my perspective is concerned?