How to Setup a DMZ

DMZ is the acronym in English for Demilitarized Zone. So, at first sight, and with such a little name we can guess its use, but we refer to it has something to do with ports and traffic that comes through them, maybe you can realize something about the DMZ. In home routers, the ones that we can buy or those the companies that give us when contracting with them the access to internet, the original configurations keep open a series of basic ports for the correct operation of the equipment over Internet. Ports required for browsing, configuring email clients, etc.

Also, this configuration allows us the option to open other ports according to our needs and direct their traffic to a certain equipment in our home network, for example, to be able to work without problems with any program in that equipment. Take for example an internet-based game console with which we play online. If for each game that we play we have to open different ports, this will become a nuisance, because we will have to enter the configuration of our router every time and opening the ports we need.

Imagine also that we want to connect our computer to a multimedia server, for example, to watch movies on our PC online, but this equipment, for security, changes port access. It would be a problem to have to change ports every time we want to see a movie or even during the movie.

Well in these cases is where the DMZ option of our router acquires special importance. The Demilitarized Zone would be a door from our router to the internet without any barrier, this is, an exit to Internet with all the open ports. This Zone or exit is applied to a single computer in our home network, that is, we can only configure it for a computer that needs periodic port openings or to avoid having to open many ports.

Here we can appreciate how is the structure of a DMZ (courtesy of http://www.muycomputer.com/)

Enable and configure the DMZ on a router:

To configure the DMZ for a computer in our home network, simply enter the IP of that computer in the DMZ option of your router, in this moment the equipment will receive all the traffic of the ports that need without obstacles. The equipment that needs to use the DMZ should have a fixed IP.

If it is a console or other device, simply configure your internet connection manually, giving an IP address outside the range granted by our router, to avoid conflicts. So, if you do not want to open ports every time you need it for a particular computer, add it to the demilitarized zone of your router and save yourself extra work.

Note: Putting a computer in the DMZ may expose that computer to a variety of security risks. Use of this option is only recommended as a last resort.