(Apologies up front if this is not the correct subreddit, but I think it's OK...) Our company has employees and clients all over the place and we have used NeoRouter in the past to create two VPN subnets so that employees can access our servers (droplets, databases, anything we put on the VPN for them) and clients can access a narrower selection of the same things.
We are migrating from a baremetal host of yesteryear to DigitalOcean and I ran a speed test after setting up a simple OpenVPN server from my office in Central TX. OpenVPN was about 175-225 megabits; NeoRouter was 15-20 (I think due to the driver they use).
I spent all day delving into OpenVPN config files to figure out how to set up what I needed and while it's manageable, it's frankly a pain in the arse and I went looking for free or freemium solutions that would give me a GUI to say "issue a cert to this guy and give him access to this subnet but not that one" as well as see things like who is logged in right now. OpenVPN-AS is too expensive for us. I am a competent amateur in that I've been running our company's fairly simple networks for 15 years but it takes me a while to shift gears to work on this stuff and I'd prefer to eliminate it as something I have to spend a ton of time on (so yes, I know OpenVPN out of the box will do everything I want...dumb it down for me!)
I don't care about anonymity or routing all my traffic through our VPN. I just want to create a virtual network accessible to our company and some of our clients. Something that runs out of a Docker image like Google's Outline seems like it would fit the bill but it's intended for jouranlists and people who want to route all their traffic through it. I just want routes for our subnets.
What's the best bet here? A dedicate pfSense/OPNsense droplet? It doesn't have to be free but I'd rather pay up front than a per-user-per-month model.
Thank you!
No comments:
Post a Comment