Hey folks,
not exactly sure on where to put this topic of mine, but I suppose that this might be the closest section of all of them; if not, then I would ask the occasional mod to move this thread elsewhere appropriately.
What I have:
- DELL PowerEdge R720 server (2x Xeon E5-2697 v2, 128 GB RAM, 4x 1 Gbps NIC, iDRAC 7 with Enterprise license, 2x SSD Samsung 840 Pro 256 GB, 6x Seagate IronWolf 4 TB)
- Managed switch DELL PowerConnect 2848 (overkill for my needs, but it was almost for free ...)
- Non-managed 1 Gbps switch from ASUS (5 port)
- Router ASUS RT-AC1200G+
- Dedicated firewall DELL SonicWall TZ300
- Running ESXi 6.7 on PE R720
- All necessary licenses for Windows Server 2016
- Public IP from my ISP
The overall plan is:
- set up SonicWall TZ300 as primary gateway / firewall device with VPN server
- set up local Active Directory domain (I do own necessary licences for Windows Server 2016; not the issue of this topic) with few additional services (WSUS, etc.)
- have both primary domain website and subdomain website and service available from the internet and also on the LAN network
a) On primary domain is only simple phpBB forums website
b) On subdomain I have running Nextcloud service; would be nice if I could also set it up so that I would be using LAN speed while on LAN
What I have managed so far:
- set up local AD domain with almost all services I wanted; the last one is to make private domain mail server
- have both sites available via internet (however, without TZ300 connected in, so only half-victory there)
What I did not managed to do / have issues with:
- Setting up TZ300 as my default gateway / firewall, did not bothered with VPN on TZ300 so far
- With TZ300 in place I can access only primary domain website; subdomain and service running on it are not accessible when TZ300 in place. Played with firewall settings for very long time, did not managed to find workaround.
So the issue with websites seems to come down to the fact, that both are being hosted on one VM with Rocky Linux with Nginx. From what I understood from tech support on SonicWall community site, this behaviour is to be expected.
Now, the question is - how do I get both those sites (and service) running with all that I have available (listed above)?
My thinking was - create another VM just for Nextcloud, portforward my internal DNS server on VM that is running Active Directory to the internet and add entries for that separate VM into DNS settings for subdomain. Thus I would have one VM running primary domain and second VM running with subdomain. Would this be going into a right direction? Or am I overthinking this and there are much simpler solutions available for me?
Also, because I need to add more drive space for that VM running Nextcloud anyway, I would not mind running separate VM.
Thank you guys in advance for any relevant advices!
not exactly sure on where to put this topic of mine, but I suppose that this might be the closest section of all of them; if not, then I would ask the occasional mod to move this thread elsewhere appropriately.
What I have:
- DELL PowerEdge R720 server (2x Xeon E5-2697 v2, 128 GB RAM, 4x 1 Gbps NIC, iDRAC 7 with Enterprise license, 2x SSD Samsung 840 Pro 256 GB, 6x Seagate IronWolf 4 TB)
- Managed switch DELL PowerConnect 2848 (overkill for my needs, but it was almost for free ...)
- Non-managed 1 Gbps switch from ASUS (5 port)
- Router ASUS RT-AC1200G+
- Dedicated firewall DELL SonicWall TZ300
- Running ESXi 6.7 on PE R720
- All necessary licenses for Windows Server 2016
- Public IP from my ISP
The overall plan is:
- set up SonicWall TZ300 as primary gateway / firewall device with VPN server
- set up local Active Directory domain (I do own necessary licences for Windows Server 2016; not the issue of this topic) with few additional services (WSUS, etc.)
- have both primary domain website and subdomain website and service available from the internet and also on the LAN network
a) On primary domain is only simple phpBB forums website
b) On subdomain I have running Nextcloud service; would be nice if I could also set it up so that I would be using LAN speed while on LAN
What I have managed so far:
- set up local AD domain with almost all services I wanted; the last one is to make private domain mail server
- have both sites available via internet (however, without TZ300 connected in, so only half-victory there)
What I did not managed to do / have issues with:
- Setting up TZ300 as my default gateway / firewall, did not bothered with VPN on TZ300 so far
- With TZ300 in place I can access only primary domain website; subdomain and service running on it are not accessible when TZ300 in place. Played with firewall settings for very long time, did not managed to find workaround.
So the issue with websites seems to come down to the fact, that both are being hosted on one VM with Rocky Linux with Nginx. From what I understood from tech support on SonicWall community site, this behaviour is to be expected.
Now, the question is - how do I get both those sites (and service) running with all that I have available (listed above)?
My thinking was - create another VM just for Nextcloud, portforward my internal DNS server on VM that is running Active Directory to the internet and add entries for that separate VM into DNS settings for subdomain. Thus I would have one VM running primary domain and second VM running with subdomain. Would this be going into a right direction? Or am I overthinking this and there are much simpler solutions available for me?
Also, because I need to add more drive space for that VM running Nextcloud anyway, I would not mind running separate VM.
Thank you guys in advance for any relevant advices!
