[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

[Openvpn-users] Need recommendations for where to place OpenVPN server

  • Subject: [Openvpn-users] Need recommendations for where to place OpenVPN server
  • From: "Steven Truong" <midair77@xxxxxxxxx>
  • Date: Thu, 16 Aug 2007 18:54:05 -0700

Hi, all. I am debating where should I put my OpenVPN server (Linux) so
that my users can connect to it and then access a second server. These
two servers can be on the same box or with some virtualization like
VMware of OpenVZ. I have a few possible places that I might place my

1. Both servers in the DMZ between my non-Linux firewall servers.
These servers can communicate with some limitations with other servers
on DMZ.
2. On a seperate zone or buying a decent hardware firewall and place
OpenVpn server and the other server behind it.  These servers can not
communicate with DMZ and LAN.
3.  Turn 1st server into VPN and firewall (shorewall or ipcop or
etc...), put the second server behind this server. These servers can
not communicate DMZ and LAN.
4.  In side my LAN (with possible bridged firewall isolating these two servers).

Could some experts here recommend which setup is best in term of
security since my users only need to access the second server?

I have always interested in some talks about where are the best places
of putting VPN servers.  I have read that it is best to have your
firewall also act as the VPN server.  Could someone share your
thoughts on this idea?

Could OpenVPN users share some information on where you place your
OpenVPN servers and why?
OpenVPN mailing lists