Exposing 2 devices to the internet (like DMZ x2 for example)

[Rob Q]

Is there anyway that I can exposing my 2 Roku streaming sticks (802.11n) directly to the internet (bypassing Diversion and Skynet)?
They only wouldn't have much sensitive information coming out of the sticks, maybe just the account log in information.
I don't want to get a total security breach though.

 

[skeal]

Is there anyway that I can exposing my 2 Roku streaming sticks (802.11n) directly to the internet (bypassing Diversion and Skynet)?
They only wouldn't have much sensitive information coming out of the sticks, maybe just the account log in information.
I don't want to get a total security breach though.

Then don't do it. Those kind of devices should be behind a firewall.

 

[Rob Q]

Oh, good call! Thanks!

 

[sfx2000]

I don't want to get a total security breach though.

You probably shouldn't - who know how security is done with the Roku sticks - if they're in the DMZ, that also means they're inside your internal trusted network.

 

[Zonkd]

What’s the reason for wanting them in DMZ to bypass firewall? Bad idea exposing them directly to internet... if theres a problem you can find another solution.

 

[Zonkd]

Never mind, I just noticed your other thread about the Netflix being blocked issue. Dont use DMZ to fix that, it’s unsafe.

 

[ColinTaylor]

What’s the reason for wanting them in DMZ to bypass firewall? Bad idea exposing them directly to internet... if theres a problem you can find another solution.

TBH I think his question and thread title are just poorly phrased. AFAICT he only wants to isolate the Roku's from his main LAN. The references to DMZ, Diversion and Skynet are not really relevant.

As the Roku's are wireless he just needs to setup a separate "Roku-only" guest network and connect them to that. Job done.

EDIT: Just seen Zonkd's comment about Netflix being blocked? I don't know the details but it sounds like you could use DNSFilter to fix that if Diversion/Skynet are messing up the Roku's.

 

[Zonkd]

TBH I think his question and thread title are just poorly phrased. AFAICT he only wants to isolate the Roku's from his main LAN. The references to DMZ, Diversion and Skynet are not really relevant.

As the Roku's are wireless he just needs to setup a separate "Roku-only" guest network and connect them to that. Job done.

EDIT: Just seen Zonkd's comment about Netflix being blocked? I don't know the details but it sounds like you could use DNSFilter to fix that if Diversion/Skynet are messing up the Roku's.

In the other thread he said Netflix isn’t working on his sticks. He thinks diversion and skynet are blocking it and couldn’t figure out how or what to whitelist. I think he was just considering DMZ as a ways to make his sticks bypass the filtering altogether. Afaik you cannot make a device circumvent Skynet or Diversion with DNSFilter or by guest network. And dmz is unsafe. He needs to put effort into troubleshooting then whitelisting as described in my post in the other thread. Or if it’s too difficult he could just uninstall and not use diversion and/or skynet.

 

[ColinTaylor]

In the other thread he said Netflix isn’t working on his sticks. He thinks diversion and skynet are blocking it and couldn’t figure out how or what to whitelist. I think he was just considering DMZ as a ways to make his sticks bypass the filtering altogether. Afaik you cannot make a device circumvent Skynet or Diversion with DNSFilter or by guest network. And dmz is unsafe. He needs to put effort into troubleshooting then whitelisting as described in my post in the other thread. Or if it’s too difficult he could just uninstall and not use diversion and/or skynet.

The purpose of DNSFilter is to override all other DNS settings, be that dnsmasq or Diversion. But from what you've said it sounds like he has other issues.

 

[martinr]

In the other thread he said Netflix isn’t working on his sticks. He thinks diversion and skynet are blocking it and couldn’t figure out how or what to whitelist. I think he was just considering DMZ as a ways to make his sticks bypass the filtering altogether. Afaik you cannot make a device circumvent Skynet or Diversion with DNSFilter or by guest network. And dmz is unsafe. He needs to put effort into troubleshooting then whitelisting as described in my post in the other thread. Or if it’s too difficult he could just uninstall and not use diversion and/or skynet.

Could you link the other thread here? Thanks.

 

[Zonkd]

Could you link the other thread here? Thanks.

https://www.snbforums.com/threads/a-few-concerns.54278/

 

[Zonkd]

The purpose of DNSFilter is to override all other DNS settings, be that dnsmasq or Diversion. But from what you've said it sounds like he has other issues.

Can DNSFilter circumvent Skynet too? :S

 

[ColinTaylor]

Can DNSFilter circumvent Skynet too? :S

I don't know anything about Skynet or how it works.

 

[Adamm]

Can DNSFilter circumvent Skynet too? :S

No, Skynet uses IPTables to filter traffic.

As previously suggested, OP just needs to spend the 30 seconds debugging using the appropriate built-in functions in the respective scripts. No need to reinvent the wheel for such a simple issue.