What Is the Routing Relation among the WAN, LAN and DMZ Ports in Different System Modes?

User Application Requirement
Updated 03-25-2016 07:31:49 AM 93152
This Article Applies to: 

On TP-Link ER series routers, like TL-ER6120, there are three available system modes (NAT, Non-NAT and Classic) suiting for different network requirements. For more information about the three system modes, please refer to the FAQ 676.

And on TP-Link ER series routers, there is a DMZ port, which is also call Hard DMZ to distinguish from the NAT-DMZ (also called software DMZ) function.

Note: the TL-ER604W has no DMZ port.

The Introduction of DMZ port

DMZ (Demilitarized Zone) is a network which has fewer default firewall restriction than the LAN does. It allow all the devices connected to the port to be exposed to the Internet for some special-purpose services.

The DMZ related function, such as DHCP server, will be available only when the DMZ is enabled as show in the picture below.

Note: you may need to reboot the router to bring this change into effect.

 

The Routing Relation among the WAN, LAN and DMZ port in different System Mode

As we can see in the picture above, the DMZ physical port can work in Public and Private Mode. In different DMZ Modes and different System Modes, the WAN, LAN and DMZ ports have different routing relationship. Here is the detailed instruction.

1. NAT & Classic Mode

In DMZ-Private Mode, the hosts in the LAN and DMZ can communicate with the WAN (Internet) via NAT, which means the IP address and port will be translated; while the hosts in the LAN and DMZ areas can communicate directly according to the route table without translating IP address. Hosts in the WAN cannot communicate with LAN and DMZ initiatively because of the NAT.

In DMZ-Public Mode, the hosts in the LAN can communicate with the WAN and DMZ via NAT; The hosts in the WAN and DMZ talk to each other according to the route table. The hosts in the WAN and DMZ cannot talk to the LAN initiatively as well in this situation.

2. Non-NAT Mode

In Non-NAT Mode, no matter what kinds of modes the DMZ port works in, the hosts in all the three areas communicate with each other according to the route table. The NAT function of this router will be disabled at all in this situation.

The Routing Relation among the Multi WAN Ports

For routers with multi WAN ports like TL-ER6120, the routing relation among the WAN ports has some difference in different System Modes.

1. NAT mode

In NAT mode, the hosts in different WAN areas are unreachable via the router.

2. Non-NAT & Classic Mode

In non-NAT and Classic Mode, the hosts in the different WAN areas can communicate with each other according to the route table.

 

By concluded, we can have all the situation in the table below:

Is this faq useful?

Your feedback helps improve this site.

From United States?

Get products, events and services for your region.