I am have set up a vpn server (openvpn) and I have a client too. I want to set it up so that a second server can only be access from the vpn server over SSH. How can I do this?
Asked
Active
Viewed 71 times
1 Answers
1
Add a firewall rule on the second server so it only accepts ssh traffic that comes from one of the addresses that the (Open)VPN server hands out.
If VPN traffic comes in on server 2 on a special interface you can also configure sshd to only listen on that.
Henrik supports the community
- 318
- 2
- 10
-
I was expecting there to be more to it than just a firewall change. So would IP tables work for this instead of using something like `ufw`? – Josh Kirby Jun 25 '18 at 13:27
-
`ufw` is just a frontend for (the same system, called `netfilter`, as) `iptables`, so `iptables` could be used. – Henrik supports the community Jun 25 '18 at 14:28