How To Configure DMZ In Mikrotik Router?

DMZ is the short form of Demilitarized Zone. The DMZ keeps the internal network safe from any external network and hence it creates its web servers (HTTP), email servers (SMTP), FTP servers, and DNS servers for this purpose. You can create and configure DMZ on a Mikrotik router and here we are going to create a Linux firewall with three Ethernet ports. Carry out the steps to know how to configure DMZ in Mikrotik router.

Configure Your DMZ In Mikrotik Router

how to configure DMZ in Mikrotik router

For our purpose, let us assume the following:

Use Winbox, a remote GUI, to configure the Mikrotik router. Now, continue reading to know how to configure DMZ in Mikrotik router.

  • Once the remote requests are activated, the router will respond to TCP and UDP DNS requests on the port 53.
  • Following that, create DHCP for eth3 using the network space ‘192.168.1.0/24’ on the EEPIS DNS server, which is already set along with the ‘192.168.1.1’ gateway.
  • ip dhcp-server setup
  • Now, you will be prompted to select the dhcp server interface. Here you have to input ether3.
  • Next, assign IP ‘192.168.2.1’ for the eth2.
  • ip address add address=192.168.2.1/24 interface=ether2
  • Add the NAT or srcnat sources. The IP address and port of the data changes while routing from the network ‘192.168.1.0/24’ to ‘10.255.108.114’ of the router.
  • ip firewall nat add chain=scrnat action=masquerade out-interface
  • To all the sources of destination IP ’10.252.108.14’ on TCP to the ‘192.168.2.2.80’ on port 80, add destination NAT or dstnat to prepare the web service.
  • ip firewall nat add chain=dstnat src-address=0.0.0.0/0 dat-address=10.252.108.14 protocol=tcp port=80 action=dst-nat tc-addresses=192.168.2.2 to-ports=80 And finally you will know how to configure DMZ in Mikrotik router.