[NEBULA] Can I isolate external VPN L2TP connections to port group 2 only?

GadgetryTech
GadgetryTech Posts: 6  Freshman Member
Ideas master First Comment Friend Collector
edited April 2021 in Nebula
I have a secure box on my network that other developers need to remotely access.  I do not want them to be able to see anything on my home network.  If they were using the Nebula VPN feature on my NSG 100,  can I make it so they only see the server(s) on an isolated network?

I know other options are bypassing the Nebula VPN service and just open a single port, then deploy a VM running a VPN service on it's own subnet.  I just like the hardware feature built in to the NSG and its performance.  Thanks!

Accepted Solution

All Replies

  • RUnglaube
    RUnglaube Posts: 135  Ally Member
    5 Answers First Comment Friend Collector Third Anniversary
    I believe using the outbound rules will do just fine, but I guess you first need to create a rule that allows access from the VPN network to servers network, and then another rule bellow that blocks other traffic from the VPN network to any.
    "You will never walk along"
  • GadgetryTech
    GadgetryTech Posts: 6  Freshman Member
    Ideas master First Comment Friend Collector
    Thanks Chris!  Finally got around to testing this out.  VPN traffic is isolated to Port group 2 on the gateway.  Any traffic on port group 2 cannot hit my local/home network, but I can still establish sessions from my home network to VMs on port group 2 without any issues.  Works like a charm!  

Categories

Nebula Tips & Tricks


    Read more

    Nebula Help Center

    EnglishTiếng ViệtРусскийไทย中文(台灣)