A while ago, I started a thread about switching one of my servers over to Debian Etch. The switch was successful, and its only use right now is as a SAMBA server.
However, I tried to set it up so that it can only be accessed internally. I'm looking for a critique. I can post a diagram later if anyone wants to see it.
There are three routers in the setup. One of them is a DSL router that is on the DMZ so I didn't have to bridge it. It connects to the WAN of a wireless router, which I tried to configure to allow VPN and SSH (for internal use ONLY). The router will connect via ethernet to the VPN server, which will have two NICs. The other NIC will be connected to a DMZed router, which will connect my SAMBA server and any other computer using that network.
Is this a good setup? What security implications should I worry about?