Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
T
T
tobut2015-06-12 12:55:58
linux
tobut, 2015-06-12 12:55:58

How to configure access to internal resources through VPN?

There is a server on Linux. I want to raise a VPN server on it in order to give one site. That is, there was no access to the server's port 80 before the VPN connection was established. I've never raised a VPN server before, only a client, but I think I'll figure it out from a bunch of documentation. Which server is better to use here and how to restrict access to it from the Internet? I will be glad to any advice.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

6 answer(s)
Report
S
Saboteur, 2015-06-12
@saboteur_kiev

Judging by "I want to raise a VPN server on it to give one site."
"That is, there was no access to server port 80 before the VPN connection was established."
"Which server is better to use here and how to restrict access to it from the Internet?"
It is noticed that you don’t have a very good idea of ​​how exactly this works, and what you really want to do is probably not done using a VPN, but using the settings of the same web server.
Raise it not on port 80, but on some other one.
Make access only for certain IP addresses.
Set up HTTP authorization.
ALL, no additional servers needed.

Report
I
igorglushkov, 2015-06-15
@igorglushkov

I used OpenVPN for a long time at two sponsored organizations, both for client connections and for intersite communication. Now switched to SoftEther VPN. bribed the convenience and versatility of use.

Report
D
Dmitry Luponos, 2015-06-12
@Bessome

If I understand correctly, then you need to give the site only to those who have access via VPN
Therefore, you need to raise the VPN server, and raise the web server on its internal interface. Those who connected by ip will have access to the site

Report
S
Stanislav Makarov, 2015-06-12
@Nipheris

OpenVPN in multi-connection mode is fine. Any web server will do, you just need it to listen on the right interfaces, not all. If the server will listen on the internal interface, then there is no need to limit anything especially (except for the standard firewall settings). Of course, the OpenVPN daemon must listen on the outside interface.

Report
K
kompi, 2015-06-12
@kompi

The following scheme works for me:
(1) tincvpn is a central node on a virtual server (LEMP) with a white ip.
(2) tincvpn is a regular node on a work machine (LEMP) on the internal network.
In the nginx config (1) for the subdomain, a proxy pass is registered to the address of the working machine (2) + access is closed via http auth using nginx.
If there is no vpn connection between (1) and (2), then nginx returns an error, if there is, it requests authorization.

Report
A
Alexander, 2015-06-13
@Tilk

I here in a neighboring question on this topic muddied the answer: How to reach a machine in a VLAN network behind an OpenVPN server?
This will be, in fact, the minimum configuration for a free OpenVPN server.
How to tie TLS to this there is a lot of mana in RuNet. And how to set up from scratch, too, in fact.

Similar questions
J
jspie2017-08-23 14:20:00
How to get request response in Axios? 6Reply
W
wolfak2017-08-25 11:29:18
How to destroy side menu before transition (Swift)? 1Reply
A
alexandrnevajno12017-11-26 03:58:56
PHP - Is it correct to change the extension to .jpg when uploading an image? Why is this option better? 4Reply
I
Ivan2017-08-04 14:20:14
Values ​​​​fall off in zabbix, why? 1Reply
A
Alexander2015-08-30 12:38:19
How to access from the outside through double NAT to a home linux machine? 4Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question