› Forums › Network Management › ZeroShell › My 1st installation of ZEROSHELL – Need help please… › Reply To: My 1st installation of ZEROSHELL – Need help please…
For management interface I don’t think there is right or wrong, however I would put it on the interface that is the least exposed to a potential attack.
You network diagram is kind of weird. I would do it a bit different.
Fiber and MPLS would go into Zeroshell using ETH00 and ETH01.
Ofiice network would g on a different interface, ex ETH02.
You still can achieve your goals with your setup but might be a bit more complicated. You have 2 local networks + internet. Keep in mind that anything that is not local will go the gateway (supplied by DHCP).
When you say that you want your laptop to see Office network, there are 2 scenarios, your laptop may see only one computer or it can see all computers. If you want to see only 1 computer then NAT + DMZ might be an easy route. If you want to see all computers, you have scenarios with 2 gateways, for example:
Laptop -> Office GW= ZH (192.168.1.254)
Laptop -> Internet GW 192.168.1.1
For this you might need to add a new route on fiber device. In this way a request for 10.0.0.10 will be routed to ZH.
You also can try to supply computers with ZH as gateway and then setup ZH gateway as 192.168.1.1. and add a rute for 10.x.x.x
I hope this helps.