best network configuration for lan and vpn, 1 static Ip + Router + Firewall
Posted on 2008-10-26
hello people,please help me with this network configuration...
I have to setup a small lan with one kind of vpn connection.
1 ip static address from my Isp
1 router dlink DI624 (only to establish connection)
1 firewall Zyxel Usg 100 (to manage vpn, web auth, backup line...and so on)
1 dhcp and dns server (on internal hp server ,Dc with Windows 2003R2)
I cannot establish an l2tp connection from outside (on Zyxel),and i cannot use dlink wer femote interface (on Dlink).
Now router has on wan interface the isp ip information 82.xxx.yyy.zzz
and on the lan side 192.168.0.254 address.
On dmz i put 192.168.0.200.
So firewall has on the wan interface address 192.168.0.200 (this to obtain vpn and firewall administration remoting) and on the lan side 192.168.1.200 (inner 10 clients and 2 servers on this network)
But something miss...maybe static router or port forwarding between router and firewall.
These are the question.
1)i suppose i can put dlink like a bridge instead of using a dmz, and firewall in this condition has on wan side the Isp Ip.
This is better than use dlink with dmz, like above?Can u explain in that way?
2)Why i cannot see from outside the firewall? dlink needs static route to route traffic to firewall?dmz is not enough?
3)remote http management of dlink.it's enabled , wit " * " in the ip field, on 8080 port. but from outside it doesn't work.because of Dmz?
I would information to configuring router+firewall in the best way,using some of the zyxell ability (first of all, a reliable vpn.I was talking of 2lpt cause of Ssl has only 2 license)
Ask me for details, i have router and firewall manual available.