XCP-ng
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Accessing XCP host outside of private network

    Scheduled Pinned Locked Moved Xen Orchestra
    13 Posts 9 Posters 2.7k Views 8 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • olivierlambertO Online
      olivierlambert Vates 🪐 Co-Founder CEO
      last edited by

      Hi,

      Don't do that if you don't have a tunnel in the first place. Alternatively you should use XO Proxies, that's exactly the use case if you don't have a VPN/tunnel and so on https://xen-orchestra.com/blog/xo-proxy-a-concrete-guide/

      J 1 Reply Last reply Reply Quote 2
      • J Offline
        johnd @olivierlambert
        last edited by

        @olivierlambert when will there be any information on doing this via from the source?

        1 Reply Last reply Reply Quote 0
        • olivierlambertO Online
          olivierlambert Vates 🪐 Co-Founder CEO
          last edited by

          Hi,

          We have other priorities right now, but you should be able to build it yourself, everything is available. It won't be fully automated to deploy though 🙂

          1 Reply Last reply Reply Quote 0
          • R Offline
            rRobbie @mauzilla
            last edited by

            @mauzilla

            Have you considered mesh VPN like Tailscale?

            J 1 Reply Last reply Reply Quote 1
            • tjkreidlT Offline
              tjkreidl Ambassador @mauzilla
              last edited by

              @mauzilla We had all our servers on private 10 networks and were heavily firewalled plus used VPN to get in with fixed VPN individually assigned addresses that were the only ones allowed to access those hosts. It's not worth the security risk to leave your servers open to the world with public addresses.

              1 Reply Last reply Reply Quote 0
              • J Offline
                johnd @rRobbie
                last edited by

                @rRobbie would that run directly on the host or do you need to do a VM then have it loop back to the host kinda idea?

                T 1 Reply Last reply Reply Quote 0
                • FinallfF Offline
                  Finallf
                  last edited by

                  I studied all these possibilities, Tunnels, VPN etc.

                  The fastest, simplest, relatively safe, and very easy to implement was with wireguard, server to server.

                  I now have 2 networks connected via the internet using wireguard, completely transparent.

                  If you have any questions, I can help you.

                  FinallfF X 2 Replies Last reply Reply Quote 0
                  • FinallfF Offline
                    Finallf @Finallf
                    last edited by Finallf

                    @Finallf said in Accessing XCP host outside of private network:

                    I studied all these possibilities, Tunnels, VPN etc.

                    The fastest, simplest, relatively safe, and very easy to implement was with wireguard, server to server.

                    I now have 2 networks connected via the internet using wireguard, completely transparent.

                    If you have any questions, I can help you.

                    I forgot to mention that for this to work, you need to have 2 fixed real IPs.
                    At least one on each side

                    1 Reply Last reply Reply Quote 0
                    • X Offline
                      xcpnguser @Finallf
                      last edited by

                      @Finallf I'd love to hear about your setup. Are you installing wireguiard in dom0 or are you setting up an wireguard appliance as a domU VM?

                      FinallfF 1 Reply Last reply Reply Quote -1
                      • FinallfF Offline
                        Finallf @xcpnguser
                        last edited by

                        @xcpnguser said in Accessing XCP host outside of private network:

                        @Finallf I'd love to hear about your setup. Are you installing wireguiard in dom0 or are you setting up an wireguard appliance as a domU VM?

                        I'm on a VM with debian12 minimal installation.

                        1 Reply Last reply Reply Quote 0
                        • T Offline
                          timboau @johnd
                          last edited by

                          @johnd It would be great however when installed xcp doesn't see it a valid management interface

                          1 Reply Last reply Reply Quote 0
                          • U Offline
                            uwood
                            last edited by

                            I'm using ZeroTier and access works, except for the console view.

                            1 Reply Last reply Reply Quote 0
                            • First post
                              Last post