I have a 2820n serving LAN PC's, one of which hosts webcam security software, accessible from the WAN via an open port rule..... So I only have one inbound NAT port rule, which all works fine.
Recently I configured a linux SMTP email server (firewalled with iptables), which I need accessible from the WAN, on the WAN IP, but isolated from the LAN... so I naturally configured the Linux server using Draytek True DMZ.
The Linux server adopted my ISP WAN IP via its DHCP client as expected, and SMTP functionality is working OK. However, I notice now that previously working NAT open port rule has stopped working.
According to the Draytek KB article here: "
http://www.draytek.co.uk/support/kb_vigor_portforwarding.html#difference", the router is able to operate NAT and DMZ simultaneously, using a priority rule base for incoming WAN packets, as described in the KB:
When using combinations of (port redirection, open ports and DMZ host), there is a priority structure; i.e. if a rule in one method co-incides with a rule in another method, then there is strict precedence, so that the result should be predictable. The precedence is as follows : Port Redirection > Open Ports > DMZ"
For example, if an incoming packet's port number matches a rule in both 'Port Redirection' and 'Open Ports' then the packet will be forwarded onto the local address defined in 'Port Redirection'.
Have I missed something fundamental, or maybe done something wrong, as clearly this is not working as described.
Anyone else successfully running True DMZ and inbound NAT port rules?
