How to make secure access from the Internet to several servers in the local network?

I

Igor2012-07-20 16:27:41

SSH

Igor, 2012-07-20 16:27:41

Task: There are several people who need to provide access to several company servers located on the local network. The servers are located at different local addresses. Moreover, ensure that the traffic from them to the company's network is encrypted.

Of course, just for such cases, you can use ssh tunneling:

The problem is that in this case:
1. Users need to issue some kind of limited account on the router. How to limit it correctly so that they don’t crawl on the server and can’t do anything?
2. Users will be able to access the entire local network (not just the desired web server), which is not desirable.

How to solve the problem? IP users from outside are unknown.

Reply

Answer the question

In order to leave comments, you need to log in

5 answer(s)

4

4dmonster, 2012-07-20
@4dmonster

Open VPN?

S

Sergey, 2012-07-20
@bondbig

Options:
1) any vpn solution, from open-source to proprietary
2) attach HTTPS and authorization to the site and simply forward the desired port (443 or any invented, if desired)

J

JDima, 2012-07-20
@JDima

What kind of router, what software? Is there an AAA server?

N

Nikolai Vasilchuk, 2012-07-20
@Anonym

Set up port forwarding on your router. For example, port 8022 will lead to the first server, 8122 to the second.

N

Nikolai Turnaviotov, 2012-07-21
@foxmuldercp

Rule 1 - move all servers to the DMZ, another subnet, another vlan.
set up forwarding subdomains/aliases to a specific natom server/service to the internal network