Hi,
I don't know if it's the proper sub for this question, but I have a question about an idea of something I want to try.
First, we are a small business who do contract with other small business. In one of the product that we offer that's imply that we need to be able to use their application they use to manage their customer. It's normally an application installed on server on their network so to access the VPN connection we usually need a VPN connection.
We have around 150 different VPN connection and 200 if I count the client that we are not doing any business with them for now.
We have a call center where one or few agent connect with the VPN provided by a client so they can work in their application.
To manage these, all VPN connection are in our database and I have a powershell script that try to load the proper VPN with the information in the database. I can't always to do it that way so they have to connect manually and start the proper application after.
I don't have site to site VPN and it would be difficult to implement since a lot of customer have the same subnet.
One thing I was thinking was to try remove the VPN from their desktop and run multiple instance of a server like PFsense/Ubuntu Server to connect the VPN on it and provide another VM where the application is already loaded. The gateway of this VM will point to the other.
My biggest issue is the number of VPN client. I almost have all the one available on the market : - anyconnect - Cisco VPN(the legacy one) - OpenVPN based client(whatchguard, Sophos, etc) - Sonicwall - Barracuda - Shrewsoft VPN - Forticlient
Do you think it's something possible? My goal it's to remove that part from our call center because it's too complicated for them.
Contacting all client to ask for s2s VPN would be much time consuming since they are hard to reach(they usually do business with us because they are bad on service...). Plus some of them their network is managed by the software manufacturer. They would ask for an absurd amount of money.
To give more insight about what I want to do, some of agent have a VM on their desktop with VMware workstation. If I switch their network interface for NAT instead of bridge and the host have a VPN connected, all the traffic is now going through the VPN.
So I would to use this concept but instead of using VMware workstation I would use a Linux server and get them use this server as their gateway.
No comments:
Post a Comment