I run a ASG120 UTM9 with a DMZ where my Synology DS411slim is attached to.
Via internet I can access photo album as well as owncloud via LAN everything.
So I set up a ALL>HTTPS>WAN to DS411slim>HTTPS which works fine. Now i like
to restrict the possible hacking via the internet by enabling the internal firewall.
The problem is that LAN as well as WAN is translated by NAT to 10.0.0.1. So the
DS411slim can´t differentiate which is a LAN and which WAN request.
Is there a way to give WAN and LAN two different IPs for NAT i.e. that a LAN request
is coming in the DMZ as 10.0.0.1 and the WAN as 10.0.0.2???
Or is there any option to use VLANs for that purpose? And how would I have
to setup these? I also thought about using my two NICs via a switch.
Means that NIC1 and NIC2 are going on a switch where the DS411slim is in.
Both NICs are DMZ and able to access the DS411slim - but with different IPs.
So I would be able to tell the DS411slim which IPs has which access to which services.
What do you guys think? Help is really appreciated. :-)
This thread was automatically locked due to age.
