Accessing XCP host outside of private network
-
Hi,
We have other priorities right now, but you should be able to build it yourself, everything is available. It won't be fully automated to deploy though
-
Have you considered mesh VPN like Tailscale?
-
@mauzilla We had all our servers on private 10 networks and were heavily firewalled plus used VPN to get in with fixed VPN individually assigned addresses that were the only ones allowed to access those hosts. It's not worth the security risk to leave your servers open to the world with public addresses.
-
@rRobbie would that run directly on the host or do you need to do a VM then have it loop back to the host kinda idea?
-
I studied all these possibilities, Tunnels, VPN etc.
The fastest, simplest, relatively safe, and very easy to implement was with wireguard, server to server.
I now have 2 networks connected via the internet using wireguard, completely transparent.
If you have any questions, I can help you.
-
@Finallf said in Accessing XCP host outside of private network:
I studied all these possibilities, Tunnels, VPN etc.
The fastest, simplest, relatively safe, and very easy to implement was with wireguard, server to server.
I now have 2 networks connected via the internet using wireguard, completely transparent.
If you have any questions, I can help you.
I forgot to mention that for this to work, you need to have 2 fixed real IPs.
At least one on each side -
@Finallf I'd love to hear about your setup. Are you installing wireguiard in dom0 or are you setting up an wireguard appliance as a domU VM?
-
@xcpnguser said in Accessing XCP host outside of private network:
@Finallf I'd love to hear about your setup. Are you installing wireguiard in dom0 or are you setting up an wireguard appliance as a domU VM?
I'm on a VM with debian12 minimal installation.
-
@johnd It would be great however when installed xcp doesn't see it a valid management interface
-
I'm using ZeroTier and access works, except for the console view.
