|
|
Hi, all. I am debating where should I put my OpenVPN server (Linux) so that my users can connect to it and then access a second server. These two servers can be on the same box or with some virtualization like VMware of OpenVZ. I have a few possible places that I might place my servers: 1. Both servers in the DMZ between my non-Linux firewall servers. These servers can communicate with some limitations with other servers on DMZ. 2. On a seperate zone or buying a decent hardware firewall and place OpenVpn server and the other server behind it. These servers can not communicate with DMZ and LAN. 3. Turn 1st server into VPN and firewall (shorewall or ipcop or etc...), put the second server behind this server. These servers can not communicate DMZ and LAN. 4. In side my LAN (with possible bridged firewall isolating these two servers). Could some experts here recommend which setup is best in term of security since my users only need to access the second server? I have always interested in some talks about where are the best places of putting VPN servers. I have read that it is best to have your firewall also act as the VPN server. Could someone share your thoughts on this idea? Could OpenVPN users share some information on where you place your OpenVPN servers and why? ______________________ OpenVPN mailing lists https://lists.sourceforge.net/lists/listinfo/openvpn-users |