Best way to Set this Up.
Not sure If I should be asking this here or in a Microsoft Forum but here is my scenario looking for tips on how to set this up.
We use pfsense, we have a network 192.168.1.*
We are going to have an outside contractor customize our reports for us, we will need him to access 2 server here. I have them virtualized and therefore I am not concerned about messing up the copy of this data, but I want to ensure security restrictions.
I want him to access these servers outside of our 192.168.1.* network, also when I fire this copy of the virtual server I don't want them to conflict with my current network (same name, ip etc)
If I put them on a subnet of 192.168.2.* I think I can eliminate this issue, BUT how can I have the contractor remote into them via rdp? can he connect if they are on a different subnet connected to a gateway of 192.168.1.1?
Anyone have any advice on how they would set this up?
Set up OpenVPN and have him VPN in, and add a firewall rule that restricts his access to just the server(s) you want via RDP port only. You could also just port-forward the RDP ports for those servers and restrict access via firewall rule to just his external network, but that is less secure.
if you want to put those servers on their own network, just create a vlan in pfsense and move them there. Then you can firewall those servers and your normal 192.168.1.0/24 and as KOM already stated vpn into your network would be the best way, then have rules so he can only rdp to those 2 specific servers in pfsense firewall rules for you openvpn connection.