Yes, you sure can, but it would be MUCH better if you'd put the Astaro on the perimeter and move that Netgear wireless router to the inside of your network.
Yes, but it is a pain. You have to create port forwarding entries on the router for every port on the ASL box that you want to have available to the external world. I ran ASL in behind a Linksys router for the first 6 weeks back when I first installed ASL. After that, I got rid of the router. Now I have another router, with 802.11b, which I use as my WiFi access point. That one is connected to the DMZ network on my ASL box, so that I have to run a VPN over my WiFi link to access my internal net.
I would suggest that you connect your ASL box directly to the broadeband modem, and connect the WAN side of your WiFi router to a DMZ interface on your ASL box. Don't put your WiFi access point in on the Internal network, as that is not a very secure approach.
[ QUOTE ] ok thanks, unfortuantely Im stuck with using that router, although the wireless side is disabled.
[/ QUOTE ]
If that's the case, then I'd suggest you find a way to create a rule in the Netgear box that passes everything forward to the Astaro unfiltered. Just use it for routing purposes, and then do all the dirty work in the Astaro box.
[ QUOTE ] Now I have another router, with 802.11b, which I use as my WiFi access point. That one is connected to the DMZ network on my ASL box, so that I have to run a VPN over my WiFi link to access my internal net.
I would suggest that you connect your ASL box directly to the broadeband modem, and connect the WAN side of your WiFi router to a DMZ interface on your ASL box. Don't put your WiFi access point in on the Internal network, as that is not a very secure approach.
[/ QUOTE ]
I never quite figured out when to use the Wan port and when to use the Lan port(s). I have the AP on the internal network using a Lan port, leaving the Wan port unused (couldn't get the wan port to work to be honest). This seems to work fine. Should I do it differently?
Also I'm using the access point on the internal network. Should I move it to the DMZ? Wireless users should be able to reach the internal network and the internet. How do I set that up with the AP on the DMZ?
I keep my WiFi access point on the DMZ network for security reasons. WEP encryption is too easy to crack, so I don't want to have my WiFi access point directly on my Internal network.
I use PPTP over the wireless connection. This gives me a VPN from my wireless laptop back to the ASL box, which provides the connection to the Internal network. This has worked great from day one when I first connected my WiFi access point.
