Say I have a public server with a service (email, web server, etc) that’s accessible through https://myservice.example.com, and I would like to restrict that service with a VPN. How do I do that?

I know how to setup a VPN. I know how to use some of the services through that VPN. But see, if I want to use that VPN, I connect my client to that VPN, then I get the subnet of that VPN, say 10.10.100.0, through which I can access the devices by address.

But I see some services offer things like https://myservice.example.com, and they only work when that VPN is connected. How does that work? Is it just some DNS setting at the domain level or there’s more to it?

  • Snowplow8861
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    100%.Or set host file entries on each endpoint to resolve the mail.domain.com to your internal ip that’s available only over vpn. Not going to be easy on mobiles.

    There is an assumption though that the mail server has an internal IP address wherever you are hosting. That might not be true. I would always put the public IP on the firewall and then NAT with specific port 25 in to the private IP of the server, but who knows what this particular OP has done.