OpenVPN Router (as a client) behind NSG

MarkSLMarkSL Member Posts: 13
edited July 31, 2020 2:47AM in Nebula Security Gateway
We have a client that needs access to a hosted server within AWS. We do not manage that server. Their solution for server access via RDP is using an OpenVPN router (Router with built-in OpenVPN client) behind whatever primary router is in place. They suggest Sonicwall if the client does not have a business class router. We are trying to stay with the NSG already in place.

Has anyone used a setup like this with an NSG and if so, what is the basic configuration you have in place for this to work?

Thanks in advance for any information.

All Replies

  • Nebula_ChrisNebula_Chris Zyxel Official Agent Posts: 287  mod
    Hello @MarkSL
    If their OpenVPN router is located behind the NSG as the initiator role then I don't think NSG need the additional setting.

    Chris
  • MarkSLMarkSL Member Posts: 13
    Chris,

    The primary firewall runs the primary subnet for the network that all users and devices are on. The OpenVPN router is just connected so traffic can be routed through it.
  • MarkSLMarkSL Member Posts: 13
    I would really like to work with support to see if we can duplicate the setup that the client is using in their network. If not, this client will be getting a new Sonicwall. I have test hardware in place that we can share access with to show how this is working.

    Thanks
  • Nebula_ChrisNebula_Chris Zyxel Official Agent Posts: 287  mod
    I assume the OpenVPN router is using site2site VPN? If it is the case then please also configure the port forwarding in virtual server, UDP500 and 4500.

    If still not work, then please enable the support request in Nebula, Help and provide the org. and site name for me. :)

    Chris
  • MarkSLMarkSL Member Posts: 13
    I am not sure I am explaining this right from your response. We may have already wasted to much time and lost that sale.
  • Nebula_ChrisNebula_Chris Zyxel Official Agent Posts: 287  mod
    Sorry to hear that, what I mean in previous message is if both sites (OpenVPN router and AWS) are using site2site VPN, since OpenVPN router is located behind the NSG should configure the port forwarding on it then can redirect the AWS. Like following screenshot.

    Please private message me if still has the chance on this case and I will suggest to go on the ticket channel in Nebula if have the similar case in future.

    Chris
Sign In to comment.