Seeking advice/best practice - VPN and Re-IP'ing EVE MGMT
Posted: Wed Jan 22, 2020 5:10 pm
Hi All,
Not really sure where this query goes...
Essentially at home i've got a flat network, just the ISP provided router ( I know, I know..
) with a 192.168.1.x LAN, from there I have an esxi server running EVE-NG bridged using the mgmt vswitch. Initially I was going to port forward https directly to EVE for remote connectivity (Only have anyconnect available and can't install software on the corporate laptop), but I decided it's probably not the best move. Then I was considering setting up a firewall (Checkpoint) on the esxi server for a webvpn as I don't believe the throughput is restricted *Or the requirement to purchase a VPN licence (outside being 192.168.1.x and inside being 10.1.1.x), create a secondary vswitch for the inside and move EVE-NG onto there, but if I move EVE, is it just a case of issuing the "rm -f /opt/ovf/.configured" followed by "su -" to run through the MGMT IP process again? Or would I need to update any other interfaces..
Also I guess just looking for some advice from some networking professionals on best practice to achieve remote connectivity using clientless VPN. Would the above suffice?
Thanks in advance!
Kind Regards,
Froob
Not really sure where this query goes...
Essentially at home i've got a flat network, just the ISP provided router ( I know, I know..
) with a 192.168.1.x LAN, from there I have an esxi server running EVE-NG bridged using the mgmt vswitch. Initially I was going to port forward https directly to EVE for remote connectivity (Only have anyconnect available and can't install software on the corporate laptop), but I decided it's probably not the best move. Then I was considering setting up a firewall (Checkpoint) on the esxi server for a webvpn as I don't believe the throughput is restricted *Or the requirement to purchase a VPN licence (outside being 192.168.1.x and inside being 10.1.1.x), create a secondary vswitch for the inside and move EVE-NG onto there, but if I move EVE, is it just a case of issuing the "rm -f /opt/ovf/.configured" followed by "su -" to run through the MGMT IP process again? Or would I need to update any other interfaces..Also I guess just looking for some advice from some networking professionals on best practice to achieve remote connectivity using clientless VPN. Would the above suffice?
Thanks in advance!
Kind Regards,
Froob