Not even lunch and I feel I could use a beer.
So one of our users needs to gain access to one of our VMs now that we are all working remotely, No problem I figure, fire up the VPN client, log into the firewall and create a new user and download the OVPN file and included client. In the meantime our cloud admin reply's he's got this, cool I email him and the user with the files and login info, figure all is cool.
10 minutes or so go by and he says all is good, he whitelisted her Public IP at home, she can just RDP in. Wait, WHAT? (Not going to even get into the fact she has a dynamic public IP at home) We setup the VPN over a year ago so people that are offsite can VPN into our network and route from there so we only have 1 IP whitelisted (layers of security).
I get a hold of the said admin and let him know that he has the files in his inbox and I would highly recommend connecting that way (my title is just computer technician so I can't come down heavy handed).
After a few attempts the admin cannot get it to work, I do some googling and find a nice guide from a VPN website that goes over the install and import of OVPN file and which Client to use, forward this all to him. I figure, OK, we will be good now.
Buzz Buzz goes my phone, it's the third of the Lone Gunman IT dept. Hey man, he's tried and its not working, let just keep it the way it is, as she is able to connect. I respond to the group that while I don't want to step on any toes, I am willing to login and get the client running, my only concern is the security of the VM, but if you two feel its a non issue, I'll stand down.
So here I am, standing down. We will be reviewing our VM login process when we are back at the office.
I just think back to one of my dads sayings "If you don't have time to do it right, you'll have to make time to do it twice".
No comments:
Post a Comment