Search This Blog

Tuesday, May 21, 2019

Point to Site VPN Scenario Using Veeam PN v2

In this post, we are going to look point to site vpn scenario using Veeam PN ver2 [released May 2019]. My scenario consists of two sites
a) Primary Site
b) Remote Site - with only a server which require backup data to store at primary site. This site do not have firewall to configure site to site vpn. In order for us to transfer backup data back to primary site, we will use Veeam PN.

Veeam® PN (Powered Network) is a FREE, easy-to-use, lightweight software defined networking (SDN) tool designed to simplify and orchestrate VPN networking and configuration tasks, eliminating manual networking connectivity and complicated VPN installation procedures.

Administrators can create, configure and connect site-to-site or point-to-site VPN tunnels through an intuitive UI within a few clicks.

1. Primary site

  • Veeam Backup Server & Repository roles
  • Veeam PN deployed on Vmware platform. Download from here. Import the ovf.
  • Use browser to access Veeam PN. Make sure, you've dhcp in your environment. To check your ip, login to veeamPN from vmware console.
  • Default authentication:
    • root
    • VeeamPN

2. Remote Site
A windows Server installed with Open VPN Client

[Configuration Veeam PN]

The first step is configure network hub. The network hub is the core component in the VPN infrastructure that provides VPN connections and services to remote sites and users. All traffic in the VPN is routed through the network hub.

Veeam PN uses a self-signed SSL certificate to ensure secure data communication in the VPN. Specify the certificate key length.

Self signed certificate has been created

Enter the network hub public ip and enable type of VPN configuration. We enabled Site to site vpn and point to site VPN. Take note on the UDP port 1194 and 6179. This port require to open from firewall.

In this lab, we are using dynamic DNS to map to our public ip address

Once complete the initial configuration.
Let start by add a new client.

Since we are testing point to site VPN and only have one remote computer. Let select Standalone computer.

After done on add a client, download openvpn client & import the configuration file

[Primary Site Firewall]

On firewall, enable port forwarding to open port UDP 1194 and 6179

[On Remote Site- Computer]

Configuration imported, you can connect using OpenVPN

[Check result]

From VeeamPN UI, client is connected

Client able to ping primary site Veeam Repository Server.
Configure backup and point backup data to Veeam Repository Server @ Primary Site

Below is the result of successful backup

VeeamPN able to view data transmitted using VPN tunnel.

That's concluded our simple test without require to setup complex VPN tunnel for two different sites.