Sunday, April 18, 2010

2Wire Router DMZ-Plus Mode

Over the past few days, I have spent many hours trying to get IPv6 working again on my network and getting the Grooveshark VPN to work correctly. I finally got PPTP working after forwarding port 1723 to my computer and loading a few PPTP kernel modules.

Neither PPTP or IPv6 would work without first enabling DMZ-Plus on my 2Wire router to make sure everything passed through to my routers.

Here is how to setup your router in DMZ-Plus mode:
  1. Unplug all devices from the 2Wire router except for your router you want to be in DMZ. Also, unplug any TV boxes as they might through the 2Wire router.
  2. Reset your 2Wire router by unplugging, waiting 10 seconds and then plugging it back in.
  3. Login to the 2Wire and goto the Firewall settings. Then select Applications, Pinholes, and DMZ
  4. There should only be 1 device listed under "Select a Computer". Make sure it is selected and then Choose the radio button: Allow all applications (DMZplus mode).
  5. Hit Save. Now login to your router that is now under DMZ.
  6. Under setup, make sure the router is set to DHCP.
  7. Goto the Status page and click Release IP Address then wait 30 seconds and click Renew IP Address.
  8. The IP address listed should change from 192.168.x.x to your DSL/Cable IP Address. If it stayed at 192.168.x.x, go back to step 3. It might take a few times for your router to pickup the correct IP.
  9. Once your router has the external IP, everything is configured correctly.
Even if your router has the 192.168.x.x the router still appears to be in DMZ however, most obscure-protocols (GRE,IPv6-IPv4) still will not work. The router must have the external IP as its IP address for everything to work correctly.

James Hartig


Anonymous said...

Thanks James

Your description helped me to understand how DMZPlus works. I was thinking about switching to uverse to get better upload speeds but lack of bridge mode was great concern of mine.

Unknown said...

This is a good explanation of how to do this on the 2wire so it works. I have had my 2wire in dmz+ mode for over a year and after moving the dd-wrt router behind it the other day I spent several hours trying to get it to work again. It seemed like DMZ+ will 'revert' or 'not stick' if there is more than one device attached to it.

Aggravating when you are a 25 min drive from your server/routers.

Allen Miller said...

I am interested in using the Small Business Server VPN which I believe needs GRE protocol 47. I was wondering if DMZPlus mode would work for this but was not clear from your last paragraph if this should work or not. Can you clarify?

James Hartig said...

I no longer have the router but you must assign the external IP to the router behind the 2wire for it to work.

Unknown said...

DHCP can no longer be turned off on the 3801 used for Uverse. I don't suppose I can use the same subnet it's handing out to the TV devices as I am using on the LAN side of my Linksys router. That would probably cause an IP subnet conflict. Right?

James Hartig said...

Yes you can, just be sure to start the DHCP on the UWire at 2 and start it on the Linksys at say, 100 or even 200, just to be safe.

Anonymous said...

Thank you so much for this post! I have spent several days trying to get this to work with zero success. AT&T is of course no help whatsoever. It was the last step, renewing the DHCP lease that I needed.

Anonymous said...

Thanks for the howto. Unfortunately, it looks like the router is taken out of DMZplus mode the minute I try to use an alternative DNS server. I want to use OPENDNS as my DNS servers so I configure them in my router. DHCP is still on, so the router accepts the public IP from the 2wire. Now I have to manually configure OPENDNS on each workstation on my network. Not good.

Anonymous said...

Stupid. I can't believe I forgot to renew the address on the router :P

Thanks for the walk-through.

Greg said...

Thanks, same issue, had to renew on my internal router.
These 2Wire Routers are a nightmare how they try and protect you.