What's new

DMZ setup, work VPN, port forwarding and double-NAT questions

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!


Senior Member
I'm having issues with pass-through on my verizon 5g home gateway. I'm trying to use DMZ but wondering if I set it up, I would get double-NATing. Would it be a problem with VPN and/or port-forwarding( my son has a server setup for Minecraft)? I also run 2016 Windows server essentials for home PCs backup. Will there be an issue?

Any help would be much appreciated.

The use or presence of the DMZ doesn't determine whether you are or are NOT double NAT'd. As soon as you daisy-chain your own router behind the primary router (presumably from the ISP), WAN to LAN respectively, you're double NAT'd, by definition.

The point of the DMZ is simply for convenience when it comes to port forwarding. For those things not already port forwarded to, or otherwise directed at, the primary router, that traffic is passed to the IP of the device in the DMZ of the primary router, presumably in this case your ASUS router. That means you only have to concern yourself w/ the ASUS when it comes to port forwarding or remote access to the ASUS's own services.

But regardless, whatever other issues may arise due to being double NAT'd, they remain. For example, devices behind a double NAT are sometimes known to be problematic (e.g., VOIP).
Last edited:
I do have Ooam attached to the Asus router. Will it still work with DMZ?
So just I learn something today, you are saying that DMZ and pass-through are almost the same except where the public IP gets "stored". Pass-through has it in Asus and DMZ still has it on Verizon GW. I was thinking to disable wifi on GW. Do I want to disable DHCP on GW? This way, let's say, --> would only route.

Again, the DMZ is nothing more than a means to tell the primary router to pass incoming connection attempts over the WAN to your ASUS router. That's it. It's expected your ASUS router will handle it, just as if it was the primary router. The idea is to avoiding have to port forward TWICE, both on the primary router, and the ASUS. That's why the DMZ is just a convenience. Whether you use it or NOT has no impact on whether some devices might not work well in a double NAT situation. That's a completely different discussion.

I'm not sure what YOU mean by pass-through, but I'm going to take a guess you're talking about (for lack of a better term) advanced/enhanced DMZ, were certain routers can pass the public IP on the primary router to the WAN of the secondary router, presumably to mitigate a double NAT situation. You may see this in cases where the ISP's router doesn't support bridge mode. How well these devices work, I have no idea. I've never had to deal w/ that particular situation. Either the ISP has provided a pure modem, or I'm using a combo modem+router in bridge mode.

How any of this relates to GW or DHCP, you lost me.
So, A little bit of back story. I got Verizon 5g home internet( aka GW-gateway). Verizon is providing arc-xci55ax all-in-one modem/wifi router. I have my own Asus ax3000 and Asus ac68 mesh and want to use them. arc-xci55ax does have both pass-through and DMZ options. Pass-through is when Asus AX3000( primary router) gets WAN IP as public IP. It seems to have issues for some reason and it kills internet connectivity a couple of times a day. I rolled out AX3000 by trying to use my old Netgear R7000 router. It has the same issue as AX3000. I posted those issues on the Verizon forum but I'm not holding my breath for them to fix them soon. One suggestion was to use DMZ on arc-xci55ax instead of Pass-Through. There is no true bridge mode on arc-xci55ax. I thought that if I use DMZ then arc-xci55ax will still have Wifi enabled and can serve the clients if it needs to be. I also believe that DHCP will still be running on arc-xci55ax.

Am I wrong for both( wifi and DHCP?

All of my LAN ports are used on AX3000(Ooma, Windows server, Printer and Work PC). I want AX3000's DHCP to assign IPs to all my wired and wifi clients.
On a separate note, arc-xci55ax has a separate IoT devices wifi network. Will the devices connected to AX3000 see IoT devices if they are connected to arc-xci55ax wifi?

Thanks for your help. It is much appreciated.

Similar threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!