Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!
Set up a VPN tunnel between an AWS Windows server instance and a remote WiFi access point?
I need to set up a remote access point, inside my customer's LAN and firewall, with transparent (no NAT, etc) WiFi access to a WIndows Server instance on Amazon Web Services. The only outbound connection allowable from the access point is to the Amazon instance. No inbound connections from the internet to the access point will be possible, as the access point will be on a NATed address inside the customer LAN.
Traffic from the WiFi clients must all be confined to the IPSEC tunnel between the access point and the Amazon instance.
I prefer that the remote WiFi clients have access to only specific ports on the Windows server (but that is not an absolute requirement). The WiFi access point will be unreachable from the internet, and must therefore initiate the connection to the AWS server. The server will have an IPv4 address on the internet.
Do more with
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Recommendations for hardware are very welcome! Hoping to keep the price per access point (or access point+gateway) in the $400 range. Should be no more than five or six WiFi clients at any one time. WiFi clients are fixed-IP embedded 8/16 bit processors with no operating system - so no chance of running any commercial client-side VPN application software.
I see by the lack of quick answers that I may be asking for something unusual (or impossible). It's very important to me to figure this out, including figuring out that it cannot be done if that's the case.
Therefore, I will give credit for any advice that helps me figure out what to do. I will also ask additional max-point questions about multiple components of a solution as needed.
I just paid for a one-year unlimited membership just to ask this one question.
Thanks in advance for any help or advice!
Therefore, I will give credit for any advice that helps me figure out what to do. I will also ask additional max-point questions about multiple components of a solution as needed.
I just paid for a one-year unlimited membership just to ask this one question.
Thanks in advance for any help or advice!
I'm sorry that I can't help but if you need immediate help you can click on the 'request attention" button that way they can notify experts in this area to come take a look
Scouring the internet, I've learned that the configuration I seek is the second definition of a VLAN, (Virtual LAN). The primary definition refers to a method (other than running different subnets) for isolating groups of machines on a single LAN, under the 802.1Q specification, with slightly different packet structure. That is not the type of VLAN I need. I need a virtual LAN where the geographically remote LAN acts as if it were local to the "home office" LAN.
i build this with sophos UTM (Firewall) at AWS and RED-Device + AccessPoint at the Office ...
Some new RED devices should contain WLAN
https://www.sophos.com/en-us/products/unified-threat-management/add-ons.aspx#red
this build a Tunnel between UTM-firewall and RED and the WLAN traffic is tunneled to UTM at AWS.
Some new RED devices should contain WLAN
https://www.sophos.com/en-us/products/unified-threat-management/add-ons.aspx#red
this build a Tunnel between UTM-firewall and RED and the WLAN traffic is tunneled to UTM at AWS.
dkotte:
OK, that's a great start, and it sounds like you know the solution. Could you fill me in a bit on the UTM at Amazon? My knowledge of that is almost precisely zero, other than knowing that for which the initials stand, "Unified Threat Management." I've had no need to bother with learning anything about UTM because I'm running a single application, a completely custom web server which I personally authored, and it's threat-immune. (It's been running on the internet since the late 1990's, with no firewall, no nothing, and all it does with exploit attempts is log them for entertainment reading).
OK, that's a great start, and it sounds like you know the solution. Could you fill me in a bit on the UTM at Amazon? My knowledge of that is almost precisely zero, other than knowing that for which the initials stand, "Unified Threat Management." I've had no need to bother with learning anything about UTM because I'm running a single application, a completely custom web server which I personally authored, and it's threat-immune. (It's been running on the internet since the late 1990's, with no firewall, no nothing, and all it does with exploit attempts is log them for entertainment reading).
sophos UTM is available as pre-build virtual appliance at AWS,
if you don´t need firewall features, you are free to not use these features.
Do you build your own operating system and your own web-service? great.
every OS or App i know has some bugs at their lifetime. and sometimes the fixes came to late.
Different security features hide these bugs.
if you don´t need firewall features, you are free to not use these features.
Do you build your own operating system and your own web-service? great.
every OS or App i know has some bugs at their lifetime. and sometimes the fixes came to late.
Different security features hide these bugs.
Premium Content
You need an Expert Office subscription to comment.Start Free Trial