Hello!
My boss tasked me with creating the required infrastructure to work from home.
Now, my job has multiple locations that need to be connected, but, i also need to separate them so someone from location A can't connect to location B and vice-versa, also, there should be good security.
Now, we have a rack in a datacenter and badass internet, so, my plan is as follows:
Setup 2 VPN servers, one that does the client (VPN A), the other does the destination (VPN B), there's a username and password plus authorised MAC address and a certificate just to be on the safe side.
Everyone connects to VPN A, and based on the input data (user+pass+MAC+cert), it forwards the connection to VPN B that makes the final tunnel to the destination.
Because this is unplanned, i have to deal with the employee's home computers as most of them didn't get laptops, and i was thinking that VPN A would accept 3 protocols: L2TP, SSTP and OpenVPN. VPN B will connect to the location over OpenVPN. If you wonder, L2TP and SSTP is more for compatibility, as it has to deal with vastly different configurations and mobile phones.
As for volume, i expect about 250 people to use it at the same time, and about 5mb/s internet bandwidth per user should be enough, as they need just remote desktop, our network is fully capable to handle this ammount of traffic.
I know it might sound complicated, but having it centralized is an actual requirement.
My question is, how to bridge VPN's like that? I've never done it before.
No comments:
Post a Comment