SG-1100 OPT Port DMZ

jamesdav

Can the OPT port on an SG-1100 be used as a DMZ port where basically it's just a switch port with the WAN port? I don't want to assign it as an interface with an IP address. I need to be plug in a separate firewall/router that uses a second WAN IP address from the ISP. Would I just assign that port to the same VLAN as the WAN port?

The setup is for a network of IP enabled PLC controllers. The supplier requires this PLC network be on it's own network separate from the customer LAN. They require use of their own router which needs it's own WAN IP address.

If this scenario works, any idea if traffic between the WAN IP's would route between each other?

Derelict

@jamesdav It's just a switch. If you must use the switch built into the SG-1100 for this and not an actual external outside switch, you can modify this procedure:

https://docs.netgate.com/pfsense/en/latest/solutions/sg-1100/switch-overview.html

That puts two ports on the same LAN broadcast domain but it will work equally well for VLAN 4090 (WAN).