My present setup works good, but I believe, not secured:
Needed ports are opened in the firewall rules, eg:
- 80 and 443 going to Nginx Proxy Manager VM
- 9091 to Transmission
Problem of this setup, is that it prevents me to have 80 and 443 going to another VM (for let’s encrypt purpose for exemple)
Do you think the below setup could solve my issues:
my questions are:
- using DMZ, do I need to forward 80 and 443 to a single machine? or is it for the whole ORANGE?
- Do I need Nginx Proxy Manager on my GREEN?
- Is this setup more secured? Keeping in mind that all VM are Fail2ban protected, and not listening to port 22
Any comment / help are welcome.