Difference between revisions of "Multi-Tenant Road Warrior VPN Howto"

From VyOS Wiki
Jump to: navigation, search
(Multi-Tenant Road Warrior VPN Setup and Configuration)
Line 5: Line 5:
 
=== Business Issue/Problem Overview ===
 
=== Business Issue/Problem Overview ===
  
QNT Cleaning Corp. is based in New York City. They operate multiple businesses out of their office: QNT Cleaning, DNT Security and rent spare offices to two other independent companies. For legal purposes the operations of QNT Cleaning and DNT Security must be separate. The CEO wants key employees of both companies to be able to access local network resources remotely for productivity and business continuity purposes.
+
QCN Cleaning Corp. is based in New York City. They operate multiple businesses out of their office: QNT Cleaning, DNT Security and rent spare offices to two other independent companies. For legal purposes the operations of QNT Cleaning and DNT Security must be separate. The CEO wants key employees of both companies to be able to access local network resources remotely for productivity and business continuity purposes.
  
 
=== Recommended Solution ===
 
=== Recommended Solution ===
Line 22: Line 22:
 
== Multi-Tenant Road Warrior VPN Setup and Configuration ==
 
== Multi-Tenant Road Warrior VPN Setup and Configuration ==
  
This HowTo will asssume that you have already installed VyOS on hardware or in a virtual machine and have configured your network switches to implement vlans. For this example the network is configured as:
+
This HowTo will asssume that you have already installed VyOS on hardware or in a virtual machine and have configured your network switches to implement vlans.
  
* QCT Cleaning - 10.88.88.0/24
+
=== Network Environment ===
*
+
 
 +
{| class="wikitable"
 +
!colspan="3"|Network Environment
 +
|- style="font-weight: bold;"
 +
|Company
 +
|Network
 +
|vlan
 +
|-
 +
|QCN Cleaning
 +
|10.88.1.0/24
 +
|88
 +
|-
 +
|DNT Security
 +
|10.89.1.0/24
 +
|89
 +
|-
 +
|Tentants
 +
|10.40.1.0/24
 +
|40
 +
|}

Revision as of 10:44, 7 July 2017

Executive Summary

This HowTo describes the process of building a multi-tenant VPN using VYOS. The concepts covered are OpenVPN, Vlans and OpenVPN GUI client for windows

Business Issue/Problem Overview

QCN Cleaning Corp. is based in New York City. They operate multiple businesses out of their office: QNT Cleaning, DNT Security and rent spare offices to two other independent companies. For legal purposes the operations of QNT Cleaning and DNT Security must be separate. The CEO wants key employees of both companies to be able to access local network resources remotely for productivity and business continuity purposes.

Recommended Solution

  1. Configure a VyOS router to provide OpenVPN roadwarrior access to all entities. VyOS OpenVPN is compatible with Windows, Mac and Linux end points

Benefits

  • Affordable
    • VyOS OpenVPN server can be run on commodity hardware or even a modest virtual machine.
    • VyOS is available for free and is open source.
    • OpenVPN client software is free and open source.
  • Easy to use
    • Minimal training required for end users

Multi-Tenant Road Warrior VPN Setup and Configuration

This HowTo will asssume that you have already installed VyOS on hardware or in a virtual machine and have configured your network switches to implement vlans.

Network Environment

Network Environment
Company Network vlan
QCN Cleaning 10.88.1.0/24 88
DNT Security 10.89.1.0/24 89
Tentants 10.40.1.0/24 40