Internetbox 3, DMZ, no hyperbackup on Synology, no audio on SIP (Fritzbox)

    • Hello everyone,

    I have an Internetbox 3 with 10GB fiber optic connection, IB3 switched to DMZ and this to a Unifi Dream Machine pro (used as a router). Port forwarding on Synology is created on UDM pro (I need it for Hyperbackup from Synology in the company). For VoIP SIP I use a Fritzbox 7590 because of the answering machine with email forwarding and various DECT functions that are better with a Fritzbox than with the IB3.

    If I use the IB3 on the WAN Anschluss of the UDM pro, I have no connection to Synology, and no audio when a connection with VoIP SIP is established.

    However, if I use my UPC Connect box (set to bridge mode) on the WAN Anschluss of the UDM pro, Hyperbackup works on Synology as well as audio on VoIP SIP, even though I haven’t changed anything else.

    From the looks of it, the IB3 is the culprit. (As mentioned, I set DMZ and disabled firewall)

    Does anyone have an idea how I could use the Swisscom Anschluss?

    Thank you very much for your help.

    Greeting:

    Colossus CH

    Show original language (German)

      • Werner

      • Solutionselected by EneaN

      @ColossusCH

      The DMZ mode of the Internet boxes is not bridge mode, but the IB3 still has its own network and also routes.

      An Internet box also does not pass on the public IP address to downstream devices, because the DMZ mode only causes (almost) all ports to be forwarded in bundles to the assigned device.

      If you connect another router behind it, the result will definitely be a router cascade with double NAT and the need to ensure that the IP addresses do not overlap.

      What networks have you configured for your own devices?

    @ColossusCH

    The DMZ mode of the Internet boxes is not bridge mode, but the IB3 still has its own network and also routes.

    An Internet box also does not pass on the public IP address to downstream devices, because the DMZ mode only causes (almost) all ports to be forwarded in bundles to the assigned device.

    If you connect another router behind it, the result will definitely be a router cascade with double NAT and the need to ensure that the IP addresses do not overlap.

    What networks have you configured for your own devices?

    Show original language (German)

    Hobby-Nerd ohne wirtschaftliche Abhängigkeiten zur Swisscom

    Hello Werner,

    First of all, thank you very much for your help.

    IP3-Public IP (IPv6 disabled); IB3 address=172.16.1.1 (Sub 255.255.0.0), application part 172.16.1.254; IP address distribution 172.16.10.2 to 176.10.254; Static IP to UDM pro: 172.16.10.255; DMZ to UDM per 172.16.10.255.

    UDM per WAN 172.16.10.255; LAN UDM per 192.168.1.1; DHCP 192.168.1.10-192.168.1.255

    Greeting:

    Colossus CH

    Show original language (German)

    @ColossusCH

    So if you don’t have any misprints in the IP addresses, I don’t really understand your desired network concept.

    What strikes me at first glance:

    - Changing the subnet mask in the IB network (why?)

    - IB3 should assign IP addresses outside of its own network?

    - Using the 255 address (which serves as a broadcast address in every IP network) as a static assignment for your cascaded router?

    Can you even access the Internet with UDM Pro with this setup?

    Show original language (German)

    Hobby-Nerd ohne wirtschaftliche Abhängigkeiten zur Swisscom

    Hello Werner,

    I think I messed up a little here.

    I actually wanted to follow @BurningRoli’s suggestions:

    Quote:

    IB2:

    - IP 172.16.1.1/24 //I explicitly use a B class, my internal networks are C classes

    - DHCP static IP for USG on 172.16.1.254 //this is the WAN address for the USG (purely cosmetic)

    - Set DMZ to USG

    - Activate DDNS from SC //so the system can be reached from outside via DNS

    USG:

    - Set WAN to DHCP

    End of quote.

    I don’t know why I changed the subnet and accidentally moved to the “172.16.10.xx” area. 😉

    Greetings and thanks:

    Colossus CH

    Show original language (German)

    @ColossusCH

    My suggestion would be to make it as simple as possible.

    The only problems you have to solve for sure are the router cascade and the double NAT.

    You’re unlucky in that both the IB3 and the UDM use the same default network, so you’ll probably have to change one of them manually.

    I.e. On one of the two routers you simply change the default network from 192.168.1.0 to 192.168.2.0, i.e. one router then has the address 192.168.1.1 and the other router then has the address 192.168.2.1.

    If possible, leave everything else as default.

    In order not to have to forward individual ports, if you need any incoming open ports at all, there is the shortcut via DMZ mode, which instead of forwarding individual ports (almost) all of them to the network device lower in the hierarchy.

    And that was it, less than 5 minutes of work, restart everything and the network should work.

    If you would also need DynDNS in the inner network, that would be a separate issue, but one that can be addressed if the network is basically running.

    Show original language (German)

    Hobby-Nerd ohne wirtschaftliche Abhängigkeiten zur Swisscom