DMZ/INternet Port on Cisco RV042

Posted on 2011-09-26
Last Modified: 2012-09-28
Hey all
Ok, I think this one will be an easy A for the Cisco people.  :-)

Here is what I have.  
4 Servers behind a Cisco RV042 router in a datacenter.  These are private servers with no one using them but exclusive customers.
Server number 5 will be a webserver.  I want it to sit on the DMZ/Internet Port and be accessible by most anyone.  The datacenter has given me a nice block of IP addresses to use.  Here they are: - .94 is the gateway address.  The router is using .94
The operating system for the webserver is CentOS and the Control Panel is CPanel/WHM.  If I plug the cable into the switch (not the RV042) and give it an internal IP address with one-to-one NAT with IP address of .92 the server can get to the Internet with no issues at all.  But it can also get to the other servers on the network: not good.  And another little drawback is that I kept getting emails from the CPanel saying that "the FQDN resolves to but it is supposed to resolve to" (these are the exact words of the email)
So, here is what I need to know.

The RV042 has two WAN ports, one labeled Internet and the other labeled DMZ/Internet.  From what I understand I should be able to turn on the second WAN port and make it a DMZ. The firmware version of the Router is
On the setup page of the router is has a check box to enable DMZ.  If I check that it gives me a configuration page and on this page is has a circle for Subnet or Range (DMZ & WAN within same subnet).  If I check the subnet it gives me two boxes to fill in.  Box one is Specify DMZ IP Address and the other is Subnet Mask.  If I check the Range it gives me two boxes.  IP Range for DMZ Port and the two boxes have a "to" in between them.

Here is the main question with a small "what if" thrown in for good measure.

which one do I choose and what do I type in on the router and what IP address (with subnet and GW of course) do I put on the Webserver.  I really think it needs to be a public IP address to make it work right.
And now for the caveat.  If I want to add another webserver in the near future, can I connect a Switch to the DMZ Port and connect the two webserver to it?

Thanks and please ask for clarification if you need it.
Question by:jonmenefee
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2

Accepted Solution

jonmenefee earned 0 total points
ID: 36819182
Wow, not one response in 3 days.  well, fortunately I found the answer to this question and wil post it here for other people.

When you choose to activate the DMZ Port (not the DMZ host) on an RV042 Router you should choose the Range option.  Then you would put in the Public IP addresses of the different servers that will be using those IP addresses.  In my case I used 74.x.x.91 to 74.x.x.92.  Then, on the server you would put in the IP address that it will be (public one that you entered above), for the subnet mask you would use what your DataCenter gave you.. In my case it was and for the Gateway you would put the same IP that the datacenter gave you.  In my case it was 74.x.x.81 (my usable IPs were 74.x.x.82 - 94.
The next thing you do, if it doesnt work is make sure that if the datacenter uses ARP caching to ask them to flush the cache :-)

I hope this helps and have a great day everyone!!

Author Closing Comment

ID: 36819234
I think that my solution is the correct one because it worked and since no one else was willing to step up and help, I had to find the answers myself

Featured Post

Space-Age Communications Transitions to DevOps

ViaSat, a global provider of satellite and wireless communications, securely connects businesses, governments, and organizations to the Internet. Learn how ViaSat’s Network Solutions Engineer, drove the transition from a traditional network support to a DevOps-centric model.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

New Server  was moved from behind Router R2 f0/1 to behind router R1 int f/01 and has now address But we want users still to be able to connected to it by old IP. How to do it ? We can used destination NAT (DNAT).  In DNAT…
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question