Open vpn webmin9/20/2023 ![]() ![]() 1 SSL VPN used by in-house developers only.So theoretically, once setup and deployed, I could leave it be until the end of time, unless we add an extra EC2 instance for that specific client. ![]() There shouldn't be any changes on the customer site, SSL VPN will only be used to EC2 instances connectivity to client site. Traffic routing allowed only between those 2. 1 P2P and 1 SSL VPN per permanent installations.No traffic routing to other p2p or SSL VPNs. 1 SSL Remote access VPN for event devices.Site-to-Site VPN between OpenVPN on cloud and remote sites (1 for each permanent installations, no routing to other p2p or remote network - that I like).1 SSL Remote access VPN for event devices, AWS EC2 servers and remote developers, with routing to every other p2p tunnels (permanent and events - I don't like those being on the same VPN where they can communicate with each others, huge security breach).So far the following had been done before I got hired Main office connectivity to all above environment (bear in mind we manage customers network).Developers both in and out of office requiring access to all resources.Separate VPN environment for Events vs Permanent installations.Customers On-Site servers and devices requiring access to AWS instances (sensitive data).Multiple AWS instances (EKS,EC2,RDS) through various zone behind multiple VPCs (different customers).The environment connectivity needs look like the following: Multiple Site-to-Site VPN tunnels and SSL Client VPN.Remote sites (main office, client sites, employee's home network).Multiple RFID gates and devices used for events (temporary installations, reusable equipment).I can't find for the love of god a way to do this on a single port other than forcing all traffic through the client, which is not ideal for my current setup. I've been playing around with OpenVPN on PFsense in the last few days and I've been trying to force client traffic when trying to connect to a SQL DB to go through the tunnel (port 3306). ![]()
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |