Say I have a public server with a service (email, web server, etc) that’s accessible through https://myservice.example.com, and I would like to restrict that service with a VPN. How do I do that?

I know how to setup a VPN. I know how to use some of the services through that VPN. But see, if I want to use that VPN, I connect my client to that VPN, then I get the subnet of that VPN, say 10.10.100.0, through which I can access the devices by address.

But I see some services offer things like https://myservice.example.com, and they only work when that VPN is connected. How does that work? Is it just some DNS setting at the domain level or there’s more to it?

  • sloppy_diffuser@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    Set myservice.example.com to an internal address like 10.10.100.x. Those addresses are not routable on the public internet. They can only be reached from a local network which the VPN tunnels you into.

    If your VPN also supplies DNS to clients, can also add a private zone if its supported so nobody can resolve that internal address except those clients.