Forum: 

VPN solution to allow certain port access

JB's picture

Hello Experts, 

Our current network policy prohibits certain ports to not be accessible for the site. I was looking for a solution to allow this port to be opened may be via VPN. I was able to seach turnkey as a potential solution, but could not figure out where to start. Can you point me to the correction diretion please? 

To summarize the scenario:

 - I have an external server installed outside the site

- I would like to access that server throught a specific port. 

 

By the way, I not an expert in networking or anything related to that, so please be gentle on the technical terms. Thank you. 

 

Best regards,

JB

 

Jeremy Davis's picture

TBH I'm not completely clear on what you are asking... Perhaps armed with a little more info I would be able to give some specific advice/opinion.

What does this external server serve?

What exactly do you want to be accessing via this specific port?

Does the external server need to be accessible to everyone (i.e. public) or is the content specifically for you (and your team)?

JB's picture

Hello Jeremy, 

The target server is an SAP system. This can be accessed in public domain. I have no problems accessing it from anywhere except from my office site (which blocks port 3200, SAPgui port). 

Thank you. 

Best regards,

Julius

Jeremy Davis's picture

But TBH I haven't played with VPN much and don't really know a lot about implementing it. Besides it's not really it's intended use. I also have no knowledge at all of SAP, what it does and what it runs on.

As the name suggests, VPN (Virtual Private Network/ing) is intended to create a secured connection between a remote location and a local network (so you can more-or-less be on a LAN from a remote location). Using it to bypass a firewall seems like a complicated way of doing things to me, although perhaps you have run out of other options...? Also, my suspicion is that circumventing the firewall in this way would also be breach of policy (although blocking you from access to do your work seems pretty dumb too!)

Personally my first preference would be to ask your IT guys to open the port (I imagine that it only needs to be outgoing). Another option might be to talk with your IT guys and see if they can set up a proxy to allow you to connect to this remote computer. When working within a corporate network, while it can be painful, working with your IT guys is your best bet to avoid getting yourself into trouble.

Another option would be to see if you can configure the remote server and local software to use an alternate port. Finally if all other options are exhausted then perhaps creating a VPN tunnel from within your office to the outside world might be your only option. I think that it would cause your IT guys to have a fit if they knew about it though! Because it basically circumvents the whole point of locking down the network. I also imagine that configuration wouldn't be for the faint of heart... IMO you'll need your googlefu to be very strong and/or you'll need to be keen to learn tons and/or you'll need a friend that can help out... I suspect that this will be a serious project...!

Post new comment