![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
Hey guys...
Here's my situation. I'm not a networking pro...but I'm a chronic tinkerer. I have Astaro UTM running on an old computer as my only firewall right now. The Astaro also serves as my DHCP server. My Wifi is provided by a Linksys E3000 running DD-WRT software. NAT/SPI are disabled on the E3000, and it forwards DHCP requests to the Astaro. All my network clients connect via wifi/ethernet to the E3000.
All clients --> E3000 (no firewall) --> Astaro --> www
I am considering setting up my own personal cloud server using a Synology NAS that I can access remotely. I would also like to remotely access my Surveillance DVR. I would like to access them via VPN or portforwarding. I do not want to use DMZ.
I would like to utilize the SPI firewall on the E3000 to provide an extra layer of defense. I would like the NAS and the DVR to be on an external LAN between the Astaro and the E3000...and all other clients being on an internal LAN behind the E3000. I have the necessary switches/cables to make this work.
My question is...How do I configure the E3000? Can I have both the internal and external LANs on the same subnet? Do I have to use the NAT on the E3000? I'd rather not...since that will render the Astaro's reporting functions rather worthless.
I would like the Astaro to remain the only DHCP server. I would like all internal LAN clients to be able to reach out to the external LAN/WAN...but the external LAN should not be able to reach into the Internal.
How do I go about doing this? Thanks in advance for any help.
Here's my situation. I'm not a networking pro...but I'm a chronic tinkerer. I have Astaro UTM running on an old computer as my only firewall right now. The Astaro also serves as my DHCP server. My Wifi is provided by a Linksys E3000 running DD-WRT software. NAT/SPI are disabled on the E3000, and it forwards DHCP requests to the Astaro. All my network clients connect via wifi/ethernet to the E3000.
All clients --> E3000 (no firewall) --> Astaro --> www
I am considering setting up my own personal cloud server using a Synology NAS that I can access remotely. I would also like to remotely access my Surveillance DVR. I would like to access them via VPN or portforwarding. I do not want to use DMZ.
I would like to utilize the SPI firewall on the E3000 to provide an extra layer of defense. I would like the NAS and the DVR to be on an external LAN between the Astaro and the E3000...and all other clients being on an internal LAN behind the E3000. I have the necessary switches/cables to make this work.
My question is...How do I configure the E3000? Can I have both the internal and external LANs on the same subnet? Do I have to use the NAT on the E3000? I'd rather not...since that will render the Astaro's reporting functions rather worthless.
I would like the Astaro to remain the only DHCP server. I would like all internal LAN clients to be able to reach out to the external LAN/WAN...but the external LAN should not be able to reach into the Internal.
How do I go about doing this? Thanks in advance for any help.