DMZ the IP of the router inside receiving 5G from CPE that's outside

ILoveGames

Active Member
Joined
Sep 8, 2017
Messages
54
I have a 5G CPE outside, but the wifi inside is crap. So I have got a router for inside it works well and all, but I want to know.. To make the UPNP, port forwarding and all that work the best it can, is it better and more efficient to DMZ the inside router on the CPE interface and enable the firewall, botnet protection and DDoS protection on the router inside?
 

irBosOtter

Expert Member
Joined
Feb 14, 2014
Messages
2,483
I would personally run the cable from the CPE lan port to a LAN port on the inside router, and not the WAN port. Disable DHCP on inside router. If your CPE internal IP is 10.0.0.1/24 make your inside router lan IP 10.0.0.2/24. (or whatever you want as long as it's not in use by any internal clients.)

Clients should then still be able to get DHCP via the CPE while connecting through your inside router

Some routers do have issues with this setup though....
 

ILoveGames

Active Member
Joined
Sep 8, 2017
Messages
54
I would personally run the cable from the CPE lan port to a LAN port on the inside router, and not the WAN port. Disable DHCP on inside router. If your CPE internal IP is 10.0.0.1/24 make your inside router lan IP 10.0.0.2/24. (or whatever you want as long as it's not in use by any internal clients.)

Clients should then still be able to get DHCP via the CPE while connecting through your inside router

Some routers do have issues with this setup though....
The issue with this is I was looking to get complete RAW open internet from the CPE, because the CPE cannot manage everything like the Asus Rapture does, speed limits, data transfered to each device, blocking sites on specific ports as well as specific day times. :(

Basically will it still be safe to DMZ the inside router's IP on the CPE outside?
 

powermzii

Expert Member
Joined
Jun 4, 2007
Messages
2,656
The issue with this is I was looking to get complete RAW open internet from the CPE, because the CPE cannot manage everything like the Asus Rapture does, speed limits, data transfered to each device, blocking sites on specific ports as well as specific day times. :(

Basically will it still be safe to DMZ the inside router's IP on the CPE outside?
Not on 5G but this is what i have done on my Telkom LTE. Huawei B618 is CPE but internal outer is a Mikrotik hAP, Mikrotik IP is DMZed on the Huawei and i run the firewall and bandwith limiting, dhcp etc on the Mikrotik.
 
Top