0

I am creating VPS solution and currently network policy for Virtual Machines provisioning provides each VM with one public IPv4 address from the reserved pool of 255 addresses. I will need to provide SSH access to these virtual machines. My SSH access creating scenario will configure each VM with SSH keys and e-mail users with required info.

I was told that it is not really recommended to provide each VM with public IP with direct SSH port opened. Instead I was advised to map all VMs to one public IP, and then open (I assume multiple) ports for SSH access to these.

How would I accomplish this? Firewall with port forwarding?

Kind Regards

azec-pdx
  • 205
  • 2
  • 5
  • 9
  • do all your machines need to be accessible in a public way, or could you think about securing them behind a VPN solution (which would be the best in my opinion)? – Danduk82 Feb 25 '15 at 22:55
  • Well, the user should have this as default kind of access after provisioning. Then if they want to do more secure configurations of their setups, we would configure virtual firewalls, put them behind IPS solution, provide VPN access, create VLANs etc. Of course we would charge this additionaly... – azec-pdx Feb 25 '15 at 23:27

1 Answers1

1

The feature you have to use is called NAT. As was stated before, depends on your needs. If you need a different external IP for each VM then go with pool, if not - use NAT and 1 external IP.

Viktor Balaban
  • 17
  • 3