Question

Site to site or client to site VPN

Is there a way to setup a single VPN contact point that will provide access to multiple servers behind it. The equivalent of doing a site to site VPN between to physical firewalls - or a single VPN IP that a client can connect to to have access to multiple servers? Thanks


Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Hello,

A quick way to achieve this would be to:

  • Setup a VPN using any service that you like. For example you can install OpenVPN with 1 click as described here:

https://marketplace.digitalocean.com/apps/openvpn-access-server

  • Then get your VPN Droplet’s IP address
  • After that using a firewall like CSF, UFW or a Cloud Firewall, lockdown all of your backend servers and allow only the VPN IP

That way users could connect to the VPN you’ve created and they would have access to the backend servers.

This is a convenient way of doing it as you will not have to do any server or network configuration on the backend servers themselves besides locking them down via a firewall.

Hope that this helps.

Best,

Bobby