1. main@DVSwitch.groups.io

Re: Deployment Question for the group

Ben Fogt
 

This should work. Essentially the VPN will be an extension of your network where people would connect inbound. I will use a cloud server as an example

INTERNET <-> Cloud server <-> VPN <-> Hospital site
On your cloud server you can manually add static routes to the VPN network so when traffic comes in on X port, it routes to the VPN network. This will be much simpler I think, using a router or a gateway device as you can simply configure all your routes in there to immediately forward to the VPNs first hop address.

INTERNET <-> Gateway/Router <-> LAN <-> VPN Server <-> Hospital device
                                       |                                          |
                                       |-----------------------------------|
                                             Static route to VPN

pseudo routes/port forward would look like:

UDP port 62031 forwards to 10.0.1.13 (IP of device at hosp)
UDP port 10100 forwards to 10.0.1.13 (IP of device at hosp)
etc etc etc ....
10.0.1.0/24 routes to 172.16.32.1 (VPN IP local on your side, aka next hop)

This is rough, but hopefully it gives you an idea. 




On Tue, Jan 29, 2019 at 6:56 PM Mike AE4ML <mike.lussier@...> wrote:
I have a site at a local hospital. I have recently obtained a wired internet connection for the Quantar and RMS Gateway on their guest network. Because of hipa and other issues I found that I can pass traffic out to the talkgroups but nothing is making it back to me.
Q1. Has anyone run into this before and what was the solution ?
Q2. has anyone attempted to run a VPN tunnel on the pi that is handling QB, MMDVM & P25gateway ? 
I don't even know if I can establish a VPN over this network. I decided its worth a try.

Mike



--
Ben Fogt
N5AMD
Join main@DVSwitch.groups.io to automatically receive all group messages.