Hello all,
First off happy 2024 to all!
I have an OPNsense firewall that sits behind an ISP's router. Currently the WAN side of my firewall is actually a private IP that is part of the IP range the ISP router gives out for wired connections. Then the ISP router will route traffic out to the Internet. I have the option of making the firewall a DMZ host, and then the ISP router plays no role in ports being open or closed. The ISP router is also setup for dynamic DNS, so the public IP can be referenced by a FQDN.
If I make the firewall a DMZ host do I lose the dynamic DNS that is setup on the ISP router? Do I need to move the dynamic DNS setup from the ISP router to the OPNsense firewall? I am trying to understand if making the OPNsense firewall a DMZ host is a good thing or should I just leave it behind the ISP router.
Thanks,
Steve
"DMZ host" typically just means the ISP router forwards all inbound connections to this host. This doesn't disable NAT, so OPNsense still has a private WAN address and DynDnS updates should be performed by the ISP router.
Cheers
Maurice
Quote from: Maurice on January 03, 2024, 01:38:37 AM
"DMZ host" typically just means the ISP router forwards all inbound connections to this host. This doesn't disable NAT, so OPNsense still has a private WAN address and DynDnS updates should be performed by the ISP router.
Cheers
Maurice
I figured as much...I just wanted to make sure.