Tagvpn

Using Tailscale for Home Lab VPN Connectivity

I’m always looking to simplify connectivity between my networks’ different connections. With a home lab, colocated servers, and a few clouds that host projects, it’s a web. 

This was all connected with VPNs in the past, but everyone hates VPNs. 

I moved to SD-WAN when VMware acquired VeloCloud, and I had the fortune to get a few SD-WAN edges. But I handed them back when I left VMware, so I also needed to update the connectivity. 

Enter Tailscale.

Note: this is not a sponsored post. I just really, really like the product. 😃

Tailscale?

The Cloudcast introduced me Read more

Securing Platform Communication in a vRealize Network Insight Cluster

Hi there! It’s been a while. How are you doing? In the last release of vRealize Network Insight, version 6.3, there’s a new feature called Secure Cluster Communication. By default, the communication between Platform and Collectors is encrypted via TLS. A Platform cluster, has a few data replication services (FoundationDB, Kafka,  running between them – which are not all encrypted by default. The Secure Cluster Communication feature allows you to set up VPN tunnels between the Platform nodes and encrypt all traffic going between them. 

It’s not recommended to split Platform nodes between different locations. But, if you do … Read more

Routed VPN between VMware Cloud on AWS and VyOS

VMware Cloud on AWS has a few different connectivity options: Direct Connect, Policy-based VPN, and Routed-VPN. 

In my experience, most people seem to pick Direct Connect and Policy-based VPN first, before even thinking about Routed-VPN. But, as with most things in life, you’ll find that one use case for that option you’d never use otherwise. 😉

I had to build a routed-VPN from VMware Cloud on AWS to a VyOS router recently, and it had some options to take into account and took a while to figure out. This post goes into the configuration on both sides. Mostly on the … Read more

Using VMware NSX to get IPv6 connectivity at home

IPv6 is here and IPv4 is definitely running out of time. Here in the Netherlands, the consumer internet providers have been “working on it” for years. I’ve been lobbying for IPv6 connectivity for years, without much luck. After a time of experimenting with IPv6-over-IPv4 tunnels and Teredo, I basically gave up on those technologies due to various reasons; high latency, complexity & subnet reputation (a lot of shady stuff was going on those free IPv6 subnets).

Recently, I finalized my IPv6 implementation in my hosted environment (couple of websites, other apps/databases), which also contains a NSX testlab. Considering … Read more

Connecting a VPN between AWS and VMware NSX

Amazon Web Services has a few ways of giving you connectivity: internet, Direct Connect (a physical line) and VPN. While AWS has a ton of examples for firewall/VPN vendors, there is none for connecting with NSX. I needed to connect a NSX network with AWS for a proof of concept and had to figure out how to configure AWS and what settings to use on the NSX Edge VPN. Behold, the fruits of my labor!

aws-nsx-vpn-topology

This is what we are going to be building in this post. Compute resources inside AWS connected with a VPN towards VMware NSX for corporate … Read more

VCIX-NV Objective 3.2 – Configure and Manage Logical Virtual Private Networks (VPNs)

This post is part of my VMware VCIX-NV Study Guide and covers the Virtual Private Network connection (VPNs) options inside VMware NSX.

Documentation

Index

Read more

Juniper SSG Double Dual Homed VPN

This is going to be a lengthy post, one I’ve been wanting to do for a while, since there is not much information out there on this type of setup.

First off, let me explain the title real quick. “Juniper SSG Double Dual Homed VPN” means that we have 2 sites, e.g. branch and a main office and that both sites have two different internet connections for failover. We want to create a VPN between these 2 sites. It will look like this:

ssg-double-dual-homed

Juniper SSG firewall devices could be a perfect fit for a branch connecting to a main facility/datacenter. … Read more

© 2024 Lostdomain

Theme by Anders NorénUp ↑