1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

Exposing 2 devices to the internet (like DMZ x2 for example)

Discussion in 'Asuswrt-Merlin' started by Rob Q, Jan 11, 2019.

  1. Rob Q

    Rob Q Regular Contributor

    Joined:
    Mar 24, 2018
    Messages:
    123
    Is there anyway that I can exposing my 2 Roku streaming sticks (802.11n) directly to the internet (bypassing Diversion and Skynet)?
    They only wouldn't have much sensitive information coming out of the sticks, maybe just the account log in information.
    I don't want to get a total security breach though.
     
  2. skeal

    skeal Part of the Furniture

    Joined:
    Apr 30, 2016
    Messages:
    3,176
    Location:
    /etc
    Then don't do it. Those kind of devices should be behind a firewall.:rolleyes:
     
    martinr and Rob Q like this.
  3. Rob Q

    Rob Q Regular Contributor

    Joined:
    Mar 24, 2018
    Messages:
    123
    Oh, good call! Thanks! :)
     
  4. sfx2000

    sfx2000 Part of the Furniture

    Joined:
    Aug 11, 2011
    Messages:
    14,025
    Location:
    San Diego, CA
    You probably shouldn't - who know how security is done with the Roku sticks - if they're in the DMZ, that also means they're inside your internal trusted network.
     
    martinr likes this.
  5. Zonkd

    Zonkd Senior Member

    Joined:
    Oct 19, 2014
    Messages:
    466
    What’s the reason for wanting them in DMZ to bypass firewall? Bad idea exposing them directly to internet... if theres a problem you can find another solution.
     
  6. Zonkd

    Zonkd Senior Member

    Joined:
    Oct 19, 2014
    Messages:
    466
    Never mind, I just noticed your other thread about the Netflix being blocked issue. Dont use DMZ to fix that, it’s unsafe.
     
  7. ColinTaylor

    ColinTaylor Part of the Furniture

    Joined:
    Mar 31, 2014
    Messages:
    8,578
    Location:
    UK
    TBH I think his question and thread title are just poorly phrased. AFAICT he only wants to isolate the Roku's from his main LAN. The references to DMZ, Diversion and Skynet are not really relevant.

    As the Roku's are wireless he just needs to setup a separate "Roku-only" guest network and connect them to that. Job done.

    EDIT: Just seen Zonkd's comment about Netflix being blocked? I don't know the details but it sounds like you could use DNSFilter to fix that if Diversion/Skynet are messing up the Roku's.
     
    martinr likes this.
  8. Zonkd

    Zonkd Senior Member

    Joined:
    Oct 19, 2014
    Messages:
    466
    In the other thread he said Netflix isn’t working on his sticks. He thinks diversion and skynet are blocking it and couldn’t figure out how or what to whitelist. I think he was just considering DMZ as a ways to make his sticks bypass the filtering altogether. Afaik you cannot make a device circumvent Skynet or Diversion with DNSFilter or by guest network. And dmz is unsafe. He needs to put effort into troubleshooting then whitelisting as described in my post in the other thread. Or if it’s too difficult he could just uninstall and not use diversion and/or skynet.
     
    Last edited: Jan 12, 2019
    Rob Q and martinr like this.
  9. ColinTaylor

    ColinTaylor Part of the Furniture

    Joined:
    Mar 31, 2014
    Messages:
    8,578
    Location:
    UK
    The purpose of DNSFilter is to override all other DNS settings, be that dnsmasq or Diversion. But from what you've said it sounds like he has other issues.
     
  10. martinr

    martinr Very Senior Member

    Joined:
    Nov 27, 2014
    Messages:
    1,972
    Location:
    United Kingdom
    Could you link the other thread here? Thanks.
     
  11. Zonkd

    Zonkd Senior Member

    Joined:
    Oct 19, 2014
    Messages:
    466
    martinr likes this.
  12. Zonkd

    Zonkd Senior Member

    Joined:
    Oct 19, 2014
    Messages:
    466
    Can DNSFilter circumvent Skynet too? :S
     
  13. ColinTaylor

    ColinTaylor Part of the Furniture

    Joined:
    Mar 31, 2014
    Messages:
    8,578
    Location:
    UK
    I don't know anything about Skynet or how it works.
     
  14. Adamm

    Adamm Part of the Furniture

    Joined:
    Mar 26, 2013
    Messages:
    2,141
    No, Skynet uses IPTables to filter traffic.

    As previously suggested, OP just needs to spend the 30 seconds debugging using the appropriate built-in functions in the respective scripts. No need to reinvent the wheel for such a simple issue.