Assigning DMZ to 1 of the ports (on the back of Omnia)!

Hi, I would like to have 1 of my ports in DMZ because on that port I would like to connect (wired) my digital TV decoder. How to configure without putting in danger the other ports?

1 Like

I have the same question.

You create a bridge for the wan interface, and assign that port plus the wan port to the corresponding vlan - I’ll paste my relevant config bits below. I’m using this solution in Belgium / Flanders with a Telenet digicorder - so it works:

config interface 'wan'
    ...
    option type 'bridge'
    option ifname 'eth1 eth2'

config switch_vlan
    option device 'switch0'
    option vlan '1'
    option vid '1'
    option ports '0 1 2 3 5'

 config switch_vlan
    option device 'switch0'
    option vlan '2'
    option vid '2'
    option ports '4 6'

Thanks. I will try this.

Bear in mind that this config only works with Turris OS 3.X, for Turris OS 4.X and upwards you need a different config (You would just add Interface LanX to WAN in LuCI -> Network -> Interfaces -> WAN -> Physical settings and remove LanX from LAN Interface (again Physical settings))

1 Like

On what LAN port on the back of your router is the DMZ assigned in your example?
Is it LAN 3?

IIRC I’ve chosen the LAN port closest to the WAN port - for easy identification.

Thanks. Good to know. I haven’t switched to 4.x yet - planning to do so during the upcoming weeks. But at the same time I’m also going to deploy a managed switch before the router - so there will be no more need for this.

Hi there
I was trying to use this setup, yet in the dropdown list in Physical Settings of the WAN interface, I only get to choose 1 of the devices. This means I cannot add another LANX interface to the WAN “interface” without excluding ETH2 from WAN, which of course would not make much sense.
I also noticed that in Physical Settings of the LAN interface (for instance) the dropdown list shows a checkbox beside each interface, so it allows for multiple interfaces to be selected. The dropdown list in the same menu of the WAN “interface” doesn’t show such checkboxes, which only allows for one interface to be selected.
Am i missing something?
Any help would be appreciated.
Thanks in advance.

DMZ is DMZ … that is, demilitarized zona. It is not preferable to use port-forward counterports to a specific IP LAN address ?? If the external IP is fixed - it is possible to define also external IP. Communication outside will serve itself, communication inside is given.

If you use DMZ it’s gateway to the Internet without any firewal – it sis necessary ?

Activate „Bridge interfaces“ :wink:

1 Like