hosting website behind vpn for limited access?

pastic

Hi,

Before starting to read up on if/how it could be done, I would like to ask for confirmation that I am not barking up the wrong tree here.

Is it a feasible idea to host a limited access website behind pfsense that can only be accessed via vpn credentials?

I'm a part-time web developer. I stage websites for clients so they can see work in progress before the final site is installed on their chosen site. Until now I moved such sites from my Truenas development server to shared webhosting online that I pay for. It would be easier and cheaper to have clients access their sites under development on my dev server, but I don't want to open my LAN up to the world. I have a pfsense device blocking all incoming traffic. So I was thinking maybe I could leverage pfsense+openvpn to create a tunnel that allows people with credentials to pass through and view their respective sites on my LAN's internal 10.0.0.xx address? Is that a feasible idea?

My external IP is more or less stable over time and it would not be a problem to update clients in the off-chance that there is an IP-change.

viragomann

@pastic
Of course you can control access by a VPN server.
But consider that you can only control the traffic by source and destination IPs and ports. So if user A should not see the website of user B you have to put them on different IPs or at least different ports and you have to set up client specific overrides for all users to separate them on the VPN server.

I think, it would be simpler to do that by a reverse proxy.