Jump to content
Reminder, starting today you will no longer be able to login to the forum using your display name, to login you must now use your email address. ×

What are the pros and cons of putting my console in DMZ?

demonchine

Recommended Posts

demonchine

demonchine

Posted
Posted

My question is: does putting my console in DMZ negate the affects of traffic prioritization? Meaning will DMZ help, hinder or have no effect?

 Correct me if I’m wrong, but a console in DMZ bypasses routing rules?

Link to comment
Share on other sites
BIG__DOG

BIG__DOG

Posted
Posted

Any device that is placed in a routers DMZ has ALL ports open to it. This is a major security threat especially for pc's, laptops, tablets etc etc. It is less of a deal for consoles as their data is automatically encrypted but is still a risk. Port triggering in my opinion is a better option to take.

Link to comment
Share on other sites
  • Administrators
Netduma Alex

Netduma Alex

Posted
  • Administrators
Posted

DMZ is useful as a testing step. For example, if DMZ gave you an Open NAT, you would know that it was POSSIBLE to get an Open NAT with your current router setup. If you still had Closed NAT, you'd know that the problem was upstream of your router. It's a good process of elimination.

As a long term solution... It can work, but it's not ideal. As @BIG__DOG said above, it's dangerous to have a PC in DMZ. A console is less risky but it's still a risk.

Link to comment
Share on other sites
crawlgsx

crawlgsx

Posted
Posted

I would not put your console in DMZ, it is not necessary. For any flaws the XR Routers have - NAT is not one of them. If you only have one console, you don't need to do anything to have open ports. It will NAT just fine on its own. If you have two of the same console (Xbox One especially) change from Secure to OPEN NAT and call it a day. This is a majority of the reason I purchased this Router as many modern routers these days can not achieve Full Cone NAT so if you have 2 Xbox One's on the same network it is a giant mess. The XR series are some of the few routers available that will do this without custom firmware.

For more information I suggest reading up on: https://badmodems.com/Forum/viewtopic.php?f=6&t=21

Link to comment
Share on other sites
David824

David824

Posted
Posted
8 minutes ago, crawlgsx said:

I would not put your console in DMZ, it is not necessary. For any flaws the XR Routers have - NAT is not one of them. If you only have one console, you don't need to do anything to have open ports. It will NAT just fine on its own. If you have two of the same console (Xbox One especially) change from Secure to OPEN NAT and call it a day. This is a majority of the reason I purchased this Router as many modern routers these days can not achieve Full Cone NAT so if you have 2 Xbox One's on the same network it is a giant mess. The XR series are some of the few routers available that will do this without custom firmware.

For more information I suggest reading up on: https://badmodems.com/Forum/viewtopic.php?f=6&t=21

I have my ps4 on mine but I have AP router running off of it...I noticed the only thing that truly matters for me is to have UPNP open pr my son's xbox will go moderate because his xbox one won't find a available UPNP (that's the error it says when he tries logging on)

Link to comment
Share on other sites
BIG__DOG

BIG__DOG

Posted
Posted
15 minutes ago, David824 said:

I have my ps4 on mine but I have AP router running off of it...I noticed the only thing that truly matters for me is to have UPNP open pr my son's xbox will go moderate because his xbox one won't find a available UPNP (that's the error it says when he tries logging on)

go into network settings on xbox and advanced then select an alternative port number, it usually gives you a list of ports you can use.

Link to comment
Share on other sites
David824

David824

Posted
Posted
1 hour ago, BIG__DOG said:

go into network settings on xbox and advanced then select an alternative port number, it usually gives you a list of ports you can use.

I'll have to try that.. thanks

Link to comment
Share on other sites
demonchine

demonchine

Posted
  • Author
Posted

My concern isn’t achieving open NAT per se. I was just wondering how DMZ affects my gaming packets. As in do incoming packets for all devices on my router pass through my console in the DMZ first, or do packets coming through go directly where they are needed?

Link to comment
Share on other sites
BIG__DOG

BIG__DOG

Posted
Posted
1 minute ago, demonchine said:

My concern isn’t achieving open NAT per se. I was just wondering how DMZ affects my gaming packets. As in do incoming packets for all devices on my router pass through my console in the DMZ first, or do packets coming through go directly where they are needed?

It does not prioritize packets at all, it just allows your device to have every port open to it inbound and outbound.

Link to comment
Share on other sites
demonchine

demonchine

Posted
  • Author
Posted
1 hour ago, BIG__DOG said:

It does not prioritize packets at all, it just allows your device to have every port open to it inbound and outbound.

So packets coming in for my kid playing Minecraft on their phone, which is behind the routers firewall will pass through my DMZ console first? 

Link to comment
Share on other sites
BIG__DOG

BIG__DOG

Posted
Posted
26 minutes ago, demonchine said:

So packets coming in for my kid playing Minecraft on their phone, which is behind the routers firewall will pass through my DMZ console first? 

No, DMZ just opens all ports for a specific device it does not allow a device to send/receive packets before another device. That is down to QOS and traffic prioritization.

Link to comment
Share on other sites
demonchine

demonchine

Posted
  • Author
Posted
4 hours ago, BIG__DOG said:

No, DMZ just opens all ports for a specific device it does not allow a device to send/receive packets before another device. That is down to QOS and traffic prioritization.

 

 watching this video made me believe that all incoming traffic would go to the (DMZ) device outside the firewall first,  thus making it ideal to have your console in DMZ.... but I get that it’s dangerous, too.

 

 

Link to comment
Share on other sites
demonchine

demonchine

Posted
  • Author
Posted
10 hours ago, crawlgsx said:

I would not put your console in DMZ, it is not necessary. For any flaws the XR Routers have - NAT is not one of them. If you only have one console, you don't need to do anything to have open ports. It will NAT just fine on its own. If you have two of the same console (Xbox One especially) change from Secure to OPEN NAT and call it a day. This is a majority of the reason I purchased this Router as many modern routers these days can not achieve Full Cone NAT so if you have 2 Xbox One's on the same network it is a giant mess. The XR series are some of the few routers available that will do this without custom firmware.

For more information I suggest reading up on: https://badmodems.com/Forum/viewtopic.php?f=6&t=21

Doesn’t this (turning your NAT filtering off) expose everything connected to your router, rather than just 1 thing put in DMZ?

Link to comment
Share on other sites
BIG__DOG

BIG__DOG

Posted
Posted
4 hours ago, demonchine said:

Doesn’t this (turning your NAT filtering off) expose everything connected to your router, rather than just 1 thing put in DMZ?

yes, in a nut shell. But why would  anyone want to expose their entire network either by disabling a firewall or 1 device through the DMZ!

Link to comment
Share on other sites
demonchine

demonchine

Posted
  • Author
Posted
4 hours ago, BIG__DOG said:

yes, in a nut shell. But why would  anyone want to expose their entire network either by disabling a firewall or 1 device through the DMZ!

Yep. Makes sense to me. Ultimately that’s the reason I am not going to use DMZ.

Link to comment
Share on other sites
e38BimmerFN

e38BimmerFN

Posted
Posted

DMZ isn't needed for xbox. If the XR router is setup well, uPnP enabled and if you have more then one game console online at the same time, set NAT Filter to OPEN(only for two or more game consoles), and your ISP modem has NO NAT router built in, xbox game consoles will work great with the XR router and NO DMZ is needed. My two game consoles work great behind my XR450.

You can use DMZ for devices like VOIP or microcells which are safe to use in the DMZ. Please DO NOT put any kind of NAS storage device into a DMZ or you'll get your files encrypted and be subject to randsomware. 🤑

Link to comment
Share on other sites
Sable

Sable

Posted
Posted
On 2/4/2020 at 5:29 AM, BIG__DOG said:

Any device that is placed in a routers DMZ has ALL ports open to it. This is a major security threat especially for pc's, laptops, tablets etc etc. It is less of a deal for consoles as their data is automatically encrypted but is still a risk. Port triggering in my opinion is a better option to take.

So is it a security threat to put the xr500 in DMZ?

Link to comment
Share on other sites
BIG__DOG

BIG__DOG

Posted
Posted
37 minutes ago, Sable said:

So is it a security threat to put the xr500 in DMZ?

it is a threat to put any device into a DMZ. It is not if you have a 2 router setup and it is configured correctly.

Link to comment
Share on other sites
Sable

Sable

Posted
Posted
1 hour ago, BIG__DOG said:

it is a threat to put any device into a DMZ. It is not if you have a 2 router setup and it is configured correctly.

What I mean is if I put the xr500 in dmz on my isp router, are all devices connected at risk? For example: Laptop, PS4 and phone?

Link to comment
Share on other sites
  • Administrators
Netduma Fraser

Netduma Fraser

Posted
  • Administrators
Posted
29 minutes ago, Sable said:

What I mean is if I put the xr500 in dmz on my isp router, are all devices connected at risk? For example: Laptop, PS4 and phone?

No because the XR500 has its own firewall that will protect your devices.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...