Skip to main content

    Support

    Offers

Bugsy123's profile
Bugsy123
1st Reply
1st Topic

New Poster

 • 

2 Messages

Friday, December 13th, 2019 11:00 AM

Closed

Gateway DMZ <---> WAN isolation?

I was hoping to setup a guest wifi network that is completely isolated from the LAN. I presumed, wrongfully it seems now, that the DMZ feature, offered by the Gateway, would prevent traffic from the DMZ host ever reaching the internal LAN. My tests proove otherwise as I was able to ping computers on my LAN from the DMZ host. I did confirm that DMZ was working as external traffic aimed at the gateway's WAN address reached the DMZ host.

 

QUESTION: Is this expected?

 

If it is, then it seems like a dangerous and irresponsible setting for Comcast to offer as others might make the same assumption about network isolation.

Question

 • 

Updated 

6 years ago

937

1

0

0

This conversation is no longer open for comments or replies and is no longer visible to community members.

darkangelic

Gold Problem Solver

 • 

2K Messages

6 years ago

The setting is enabled mostly for troubleshooting purposes, e.g. isolating a problematic connection issue.

Plus you're explicitly warned that this is a security risk. For example:

 

  • Enabling DMZ (a demilitarized zone) may resolve a device communication issue, but it's a security risk. If a device needs to be accessible to outside sources, we recommend using port forwarding instead. 

 

 

 

 

0

0

forum icon

New to the Community?

Start Here