Question about HotBrick SoHo 401 Firewall

1 Answer

DMZ setup My owners manual says that this device has a DMZ, it also indicates it in the diagrams. However the back of my unit only marks 4 ports for LAN and 1 for WAN. According to the diagrams I am to use the LAN port closest to the WAN port. The software in the unit also indicates that I have a DMZ I cannot get the servers in the DMZ to reach the WAN nor the LAN, I can't get the WAN to see the servers in the DMZ. All the servers have public IP addresses. I've tried to create firewall rules but either they do not work or I'll get a responce that the table is full (there are no other rules). Where am I going wrong? Thanks Lou

Posted by on

1 Answer

  • Level 1:

    An expert who has achieved level 1.


    An expert who has answered 20 questions.


    An expert that hasĀ over 10 points.


    An expert whose answer gotĀ voted for 2 times.

  • Contributor
  • 55 Answers
Re: DMZ setup

Is there a setting in the software to select the IP address for the DMZ? I'm not sure about the firewall, but most routers need you to configure the software to actually show which IP on your network is allowed DMZ.

Posted on Aug 24, 2006

Add Your Answer

0 characters

Uploading: 0%


Complete. Click "Add" to insert your video. Add


3 Points

Related Questions:

1 Answer

What wires goes to the ports in the back of the sonicwall 205

Hi Heather,

First off don't plug anything into the plug that says Console. Next you have 5 X ports X0- X5 If your just connecting a desktop computer you should plug the ethernet cable from your desktop to the X3 jack, and so one if you are connecting directly to the Router. If you are going to use wireless connection then you don't need to plug anything into the back of the Sonicwall 205, you'll need to log into the router and assign a password so you can log on from your remote device.

That's it.

Good Luck,


Dec 08, 2014 | SonicWALL SSL-VPN 2000 VPN Gateway - 4 x...

1 Answer

I have configured Cisco ASA Firewall and I have given ICMP Inspect also But I cant able to ping the PC Kept in the DMZ from the Outside interface


· Please check the whether the security level for DMZ and outside interface, If DMZ is high security level. Please do the NAT configuration
· If it's having the same security level. Please issue the command "same-security-traffic permit inter-interface "in the global config mode.

Mar 01, 2011 | Cisco ASA 5505 Firewall

1 Answer

I wanna open port for my DVR dvr is :- ip cmd port 9201 video port 9202 and my router is fortigate60 i hope any one can give me full solution best regards

You will need the router login info, then using a browser go to:

That will bring you into the settings area of the router. Then do one of two things, find Port Forwarding, and forward the public 9201 & 9202 to the DVR at port 9201 and 9202. Make sure to do this for both UDP and TCP.

Another and easier option, is to go to your DMZ setting. Just turn DMZ on and set it to

Doing it with the DMZ will take care of any ports that need forwarding, they will point to the 88 machine (your DVR).

Good luck!
From the management computer browse to The FortiGate web-based manager appears.
From the management computer browse to The FortiGate web-based manager appears. From the management computer browse to The FortiGate web-based manager appears.

Jan 26, 2010 | Fortinet, Inc. FortiGate 60: FortiGate Pro...

3 Answers

New cisco asa 5510 setup

connect your laptop to the asa5510 using a cross over cable

Oct 07, 2009 | Cisco ASA 5510 Firewall

1 Answer

Unable to map server to storage media over the internet for back

Virtual Private Network (VPN) endpoint and pass-through support. Additional firewall features include custom and policy-based filtering options. These options have to be configured properly.
Check your configuration level and access policy.
If its a public server you have to place it in DMZ.
Check IP settings of the server. U may require a VPN tunnel
Rate if this is helpful
Good Luck

Jun 01, 2009 | D-Link NetDefend DFL-200 Firewall

2 Answers

Pix 515 E allow few websites only.

Do the nslookup for the three websites and write an access list to permit the traffic only to the said website ip addresses


1. go to dos prompt

2. type "nslookup"

3. type "

Note : You will get the ip address of the websites

4. Create an object group for these websites

5. Add ip addresses of the websites

6. create an access-control list element to permit the traffic from your circle office to this object group for port tcp 80 and 443

You are done

Mar 09, 2009 | Cisco PIX 515E Firewall

1 Answer

Ploblems with dmz-outside (webpage). pix

Remove this line:

static (DMZ,INSIDE) netmask

You don't need a translation going from a lower security level to a higher one. You will also need a nat line for the dmz so that pc's on the dmz will be translated outbound. The only connection that will work on the dmz is the webserver when he's sending traffic outbound with a source port of 80. Something like:

nat (DMZ) 101

Other than that, it looks like it should be working. You've got permission, a route, and a translation. Maybe "clear local-host" to get rid of any bad xlates and try again. Check debg level syslogs, run packet captures, "clear asp drop" then "show asp drop" after an attempt?

Feb 28, 2009 | Cisco PIX Firewall 506

1 Answer

Cannot Access Internet from the DMZ

If there is proper policy in place then there wont be any issue.

if at all you need to access your DMZ from internet you need to configure VIP or MIP on the firewall and also a policy needs to be written to permit the traffic.

If you need more help you shall contact me.

Oct 10, 2008 | Juniper Networks SECURE SERVICES GATEWAY...

1 Answer

Cyberguard SG300

From the main configuration screen select Network Setup, and then click on the Connections Tab. In the tabline below that click on Aliases.

At this point you input the Alias IP address and the netmask and add it, selecting port 25. The firewall now knows that it is to forward all traffic on port 25 to the computer that has the IP address you put in.

You should be aware that doing the above opens a direct access point into your network! Port 25 is the port used for SMTP (Sendmail) and it is the most vulnerable and most hacked service on the Internet! You should seriously consider not doing this.

A better option would be to goto the DMZ tab and configure a DMZ net on your firewall - you will need to obtain a second routable IP address from your ISP to do this though. By creating the DMZ and then routing port 25 to a machine inside the DMZ you isolate the machine running SMTP from all of the other machines inside your protected network and so make a compromise much less likely.

All of the systems inside your protected network will still have demand access to the machine in our DMZ, but the machine in your DMZ would be unable to initialize access to the protected network, which is a much safer setup.

Oct 19, 2007 | Cyberguard SG300 (00852503000366) Firewall

2 Answers

Sonicwall Pro 300 DMZ Problem

If you're within a network and try connecting to computers on it with the WAN public IP, it simply won't work - you must use the network IP. On an external Internet connection, it should connect fine to the public IP. If you have access to an external machine (remote desktop), or if you know of an FTP proxy, you can try it that way. I also believe a web based FTP client would act as somewhat of a proxy, you could try that with the public IP and see how you go.

Aug 09, 2007 | SonicWALL PRO 300 Firewall

Not finding what you are looking for?
HotBrick SoHo 401 Firewall Logo

Related Topics:

546 people viewed this question

Ask a Question

Usually answered in minutes!

Top HotBrick Network Security & Firewall Devices Experts


Level 2 Expert

567 Answers

john smith

Level 2 Expert

366 Answers

Sudeep Chatterjee
Sudeep Chatterjee

Level 3 Expert

3267 Answers

Are you a HotBrick Network Security and Firewall Device Expert? Answer questions, earn points and help others

Answer questions

Manuals & User Guides