suzo10

When you say he set up a VPN, is he using the Edgerouter VPN, or another third party? I could see him having issues if he is trying to use some third party crap, but even then the firewall should pass the traffic.

First we need a resource group to put the Azure objects in, into which we create a new Virtual Network, and create two subnets inside. The first subnet “GatewaySubnet” is important, and must be named exactly that in order to work correctly. The other subnet (“AzureSubnet”) is where we will be attaching our VMs, and can be named anything you like. You can add additional subnets to the Virtual Network later to organise your Azure network.

Next we need to request a public IP address, get a reference to our GatewaySubnet, and use these to create a new Virtual Network Gateway IP Config. This is then used to create the Virtual Network Gateway. This step can take up to 20 mins to return a reference to the created object.

In this example I will work with the . The process for configure the VPN setup consists of the following steps:

Next we need to request a public IP address, get a reference to our GatewaySubnet, and use these to create a new Virtual Network Gateway IP Config. This is then used to create the Virtual edgemax vpn site to site Network Gateway. This step can take up to 20 mins to return a reference to the created object.

I have a Ubiquiti Edgerouter Lite set up as the router on a small 6 PC Windows Server 2012R2 Essentials network. The router is in default configuration and provides DHCP services to the network clients and little else.

Each campus has a public-facing firewall. When I need to VPN in to fix something, that's the entry point I use. But, what if the problem is the firewall itself? Or with the router or switch directly behind the firewall?

Robert - 99% of the time I agree with your thought process. However, I never ever open (or allow IMS to open) "back doors". We use a TON of SSL VPN and even allow staff on via BOVPN if they have a device that we will support in their home (we also have a process to install a WatchGuard device in a providers home - at their cost for the hardware).

A relative of the owner, who claims to be familiar with VPN connectivity, has managed to get a single VPN connection working, but he now complains that it doesn't appear to support multiple simultaneous connections. I find that hard to believe.

Part of the configuration is to determine what method is used for routing, you can choose between static routing and routing based on BGP. In this example I will configure BGP.

For us, it is easier to go the SSL route as it is simply a web page from about any device and then we just setup rules for the user to access their "stuff". Easy as each sub-specialty has their own subnet for the most part.

Enter Edge. Each campus has an Edge Lite connected to an ISP. The four of them form a mesh. If you VPN into one of them, you wind up on the management network for that campus. From there, I can L2 directly to all infrastructure devices - no router needed and it bypasses the entry switch.