I'm reasonably new to Draytek routers, and I wanted to check that I'm heading off in the correct direction when setting up a webserver on a LAN.
I've inherited an existing WAN/LAN setup that used to use a Netgear router and a BT ADSL connection. We've now moved to a virgin cable ADSL line, and purchased a second office site that we want to connect to via a VPN. Our idea is to install Draytek routers at both sites to maintain the VPN.
I have connected the Virgin Cable modem to the WAN2 port on my router.
I would like to have a webserver that is accessable from the internet on a separate IP Subnet on my LAN. (DMZ?) Currently this has a LAN address of 192.168.111.101
I would like to have a second server that sits within my LAN that can exchange data with my Webserver, and also LAN workstations. Currently this has a LAN address of 151.59.100.201
I will also have a 3rd SBS box that will act as my domain controller, and DHCP server. This also sits on the 151.59.100.x subnet
My initial thought was to use the True DMZ feature to route most of the traffic to tthe webserver, and to port forward some of the other ports to the SBS box to allow for Outlook web access etc., but I've seen a couple of posts here that suggests that might not work too well.
I was also looking at setting up VLAN's to keep the subnets separate, and allowing inter-lan traffic, but if I do that, I'm not convinced that I'm actually going to keep the webserver sufficiently isolated from my LAN. The old Netgear router had a static route configured to route traffic between the webserver and server1??
What are peoples thoughts, and experiences.
Any suggestions would be very welcome.
Regards,
Neil.
