Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Best way to Set this Up.

    Scheduled Pinned Locked Moved General pfSense Questions
    3 Posts 3 Posters 867 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      nambi
      last edited by

      Not sure If I should be asking this here or in a Microsoft Forum but here is my scenario looking for tips on how to set this up.

      We use pfsense, we have a network 192.168.1.*

      We are going to have an outside contractor customize our reports for us, we will need him to access 2 server here.  I have them virtualized and therefore I am not concerned about messing up the copy of this data, but I want to ensure security restrictions.

      I want him to access these servers outside of our 192.168.1.* network, also when I fire this copy of the virtual server I don't want them to conflict with my current network (same name, ip  etc)

      If I put them on a subnet of 192.168.2.* I think I can eliminate this issue, BUT how can I have the contractor remote into them via rdp? can he connect if they are on a different subnet connected to a gateway of 192.168.1.1?

      Anyone have any advice on how they would set this up?

      1 Reply Last reply Reply Quote 0
      • KOMK
        KOM
        last edited by

        Set up OpenVPN and have him VPN in, and add a firewall rule that restricts his access to just the server(s) you want via RDP port only.  You could also just port-forward the RDP ports for those servers and restrict access via firewall rule to just his external network, but that is less secure.

        1 Reply Last reply Reply Quote 0
        • johnpozJ
          johnpoz LAYER 8 Global Moderator
          last edited by

          if you want to put those servers on their own network, just create a vlan in pfsense and move them there.  Then you can firewall those servers and your normal 192.168.1.0/24 and as KOM already stated vpn into your network would be the best way, then have rules so he can only rdp to those 2 specific servers in pfsense firewall rules for you openvpn connection.

          An intelligent man is sometimes forced to be drunk to spend time with his fools
          If you get confused: Listen to the Music Play
          Please don't Chat/PM me for help, unless mod related
          SG-4860 24.11 | Lab VMs 2.7.2, 24.11

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.