Menu
▾
▴
[Astlinux-users] Wireguard VPN Security
|
From: Michael K. <mic...@ip...> - 2019-09-09 01:47:02
|
Hi Group I am seeing lots of hacking attempts on my systems as they have found my non standard SSH port. Although there is no issue as I have SSH Key access only, I'm sick of the long list of addresses in the Adaptive Ban list and I'm thinking I should be adding another line of defence in my security anyway. As such, along with implementing Geoblocking Netset files (next release), I also want to use a Jump box for management. This server would connect to each system via Wireguard VPN allowing management also when in a failover condition through NAT e.g. 4G backup, firewall managed by others. With this architecture in mind, I was wondering how I would go about restricting access to a single port only from this Wireguard VPN tunnel to the local interface e.g. wg0 address. I think is completely open currently. Is it easy to do? Regards Michael Knill |
