DMZ Support

Support for a DMZDemilitarized Zone (demilitarized zone) can be enabled through the Firewall tab within the Exinda SD-WANSoftware-Defined Wide Area Network Management Interface.

The DMZ feature of the Exinda SD-WANWide Area Network allows the user to specify the IPInternet protocol address of a local computer that has been designated as the DMZ. The specified IP address is called the "DMZ IP address". When the Exinda SD-WAN receives a packet from the internet over any of the WAN ports then the Exinda SD-WAN forwards the packet to the specified DMZ address if none of the port forwarding rules apply to the given packet.

If no port forwarding rules are specified and a DMZ IP address is specified, then all packets received on a WAN port is forwarded to the local computer with the specified DMZ IP address. It should be noted that if one or more port forwarding rules are specified that they take precedence over the forwarding of traffic to a DMZ, if the DMZ feature is enabled. Moreover, it should be noted that any port forwarding that occurs as a result of the UPnPUniversal Plug and Play feature being enabled takes precedence over any port forwarding rules.

Setting up a DMZ is useful if there are several computers in the local network, but only one of them (that has been designated as the DMZ) is desired to be directly accessible via the Internet. Normally, support for DMZ should be disabled when running the Exinda SD-WAN in the Pass Through mode since a DMZ would already be implemented in the legacy network.

The DMZ feature can be configured by clicking on the status Enabled or Disabled for DMZ in the configuration table and selecting the appropriate radio button. If Enable is selected, then the IP address for the DMZ must be specified. When you click Apply, the DMZ feature is configured accordingly.