Best way to Set this Up.
-
Not sure If I should be asking this here or in a Microsoft Forum but here is my scenario looking for tips on how to set this up.
We use pfsense, we have a network 192.168.1.*
We are going to have an outside contractor customize our reports for us, we will need him to access 2 server here. I have them virtualized and therefore I am not concerned about messing up the copy of this data, but I want to ensure security restrictions.
I want him to access these servers outside of our 192.168.1.* network, also when I fire this copy of the virtual server I don't want them to conflict with my current network (same name, ip etc)
If I put them on a subnet of 192.168.2.* I think I can eliminate this issue, BUT how can I have the contractor remote into them via rdp? can he connect if they are on a different subnet connected to a gateway of 192.168.1.1?
Anyone have any advice on how they would set this up?
-
Set up OpenVPN and have him VPN in, and add a firewall rule that restricts his access to just the server(s) you want via RDP port only. You could also just port-forward the RDP ports for those servers and restrict access via firewall rule to just his external network, but that is less secure.
-
if you want to put those servers on their own network, just create a vlan in pfsense and move them there. Then you can firewall those servers and your normal 192.168.1.0/24 and as KOM already stated vpn into your network would be the best way, then have rules so he can only rdp to those 2 specific servers in pfsense firewall rules for you openvpn connection.
