Search This Blog

Tuesday, May 21, 2019

Point to Site VPN Scenario Using Veeam PN v2

In this post, we are going to look point to site vpn scenario using Veeam PN ver2 [released May 2019]. My scenario consists of two sites
a) Primary Site
b) Remote Site - with only a server which require backup data to store at primary site. This site do not have firewall to configure site to site vpn. In order for us to transfer backup data back to primary site, we will use Veeam PN.

Veeam® PN (Powered Network) is a FREE, easy-to-use, lightweight software defined networking (SDN) tool designed to simplify and orchestrate VPN networking and configuration tasks, eliminating manual networking connectivity and complicated VPN installation procedures.

Administrators can create, configure and connect site-to-site or point-to-site VPN tunnels through an intuitive UI within a few clicks.


[Environment]
1. Primary site

  • Veeam Backup Server & Repository roles
  • Veeam PN deployed on Vmware platform. Download from here. Import the ovf.
  • Use browser to access Veeam PN. Make sure, you've dhcp in your environment. To check your ip, login to veeamPN from vmware console.
  • Default authentication:
    • root
    • VeeamPN



2. Remote Site
A windows Server installed with Open VPN Client

[Configuration Veeam PN]

The first step is configure network hub. The network hub is the core component in the VPN infrastructure that provides VPN connections and services to remote sites and users. All traffic in the VPN is routed through the network hub.


Veeam PN uses a self-signed SSL certificate to ensure secure data communication in the VPN. Specify the certificate key length.

Self signed certificate has been created


Enter the network hub public ip and enable type of VPN configuration. We enabled Site to site vpn and point to site VPN. Take note on the UDP port 1194 and 6179. This port require to open from firewall.

In this lab, we are using dynamic DNS to map to our public ip address


Once complete the initial configuration.
Let start by add a new client.


Since we are testing point to site VPN and only have one remote computer. Let select Standalone computer.


After done on add a client, download openvpn client & import the configuration file


[Primary Site Firewall]

On firewall, enable port forwarding to open port UDP 1194 and 6179


[On Remote Site- Computer]

Configuration imported, you can connect using OpenVPN



[Check result]

From VeeamPN UI, client is connected



Client able to ping primary site Veeam Repository Server.
Configure backup and point backup data to Veeam Repository Server @ Primary Site

Below is the result of successful backup


VeeamPN able to view data transmitted using VPN tunnel.


That's concluded our simple test without require to setup complex VPN tunnel for two different sites.




3 comments:

  1. Useful article, thank you for sharing the article!!!

    Website: blogcothebanchuabiet.com chia sẻ những câu nói mỉa mai người khác hay stt một mình vẫn ổn và giải thích hiện tượng chim sẻ bay vào nhà là điềm gì.

    ReplyDelete
  2. I can set up my new idea from this post. It gives in depth information. Thanks for this valuable information for all,.. Hotspot Shield Elite APK

    ReplyDelete
  3. Originally introduced in 1972 and best replica watchesdesigned by Gerald Genta. replica royal oak watchesThe AP Royal Oak stands as the first luxury sports watch to be constructed from stainless steel, the Royal Oak collection has achieved iconic status and is now considered to be Audemars Piguet's flagship model. The watches have unique aesthetic appeal, thanks to their unmistakable octagonal bezels, while the dials each feature a trademark “tapisserie” pattern, adding to the pure visual appeal. Today, many variants of the watch are available, with their own unique features. These models include the Royal Oak Chronograph, which offers three different counters, as well as date display, and is water resistant for up to 50 meters.

    ReplyDelete