Results 1 to 9 of 9
  1. #1
    Registered User
    Join Date
    Sep 2013
    Posts
    19
    Smile Secure connection to a single colo server
    Hello,

    We would like to colocate a single server with XenServer installed. We are trying to figure out the best way to configure/setup the server to enable us to access idrac and XenServer Manager without exposing both the internet and without purchasing an additional 1ru simply host a VPN device.

    We were thinking of installing some form of virtual switch like Netscaler and setup the iDrac port to share the wan port but with an internal IP accessible via the netscaler. The problem being that this causes a catch 22. The XenServer Management IP cant be set to an internal IP accessible to the netscaler which is virtualized on the XenServer.

    Just wondering how other people colocate a single server securely whilst still being able to remotely manage the server.

  2. #2
    Registered Provider Exigent's Avatar
    Join Date
    Jul 2009
    Location
    Brisbane
    Posts
    688
    Hi thelabguy

    We get asked this quite a bit from our colo customers and one of the best solutions to doing this would be to simply install a VPN router/device into the rack along side your server and putting the iDRAC onto a private IP address (192.168.x.x) so it's only accessible VIA the VPN connection.

    The VPN router would have a public IP that you connect to VIA VPN and then you can access the iDRAC through the private IP address that you have assigned to it. You can also lock down the VPN router as well with white listing only those IP's that you want logging into it.

    There's definitely a few solutions out there that I'm sure others will suggest for you.
    Last edited by Exigent; 09-09-2014 at 07:21 PM.
    www.exigent.com.au :: sales@exigent.com.au :: 1300 252 080
    Cloud Hosting :: Elastic Servers :: Hosted Exchange & Desktops :: Dedicated Servers :: Colocation

  3. #3
    Registered User
    Join Date
    Sep 2013
    Posts
    19
    Hi Exigent,

    That's what we currently have at the moment, but it just feels like waste to buy an additional 1 ru to only place a small VPN device in it. So much of the physical space is wasted. I would rather try and get a better bang for buck and use that space for an additional high density server and try and solve the security issue another way so that I can increase my ROI.

    It would be great if the colo providers could sell VPN (type) WAN drops, for things like iDrac and Virtualisation management.

  4. #4
    Registered User
    Join Date
    Dec 2014
    Posts
    12
    Hi

    We have a shared rack service that we could accomodate the a VPN device at the back of other devices so you only have to use 1 RU.
    Otherewise we can host netscaler or something similar for you on a shared server for not much money

    PM me or email sales@rojan.net and we can try and accomodate you

    Regards
    Daniel Smith

  5. #5
    Service Provider SpiderHosting's Avatar
    Join Date
    Mar 2011
    Location
    Australia, Sydney
    Posts
    113
    Quote Originally Posted by rojan View Post
    Hi

    We have a shared rack service that we could accomodate the a VPN device at the back of other devices so you only have to use 1 RU.
    Otherewise we can host netscaler or something similar for you on a shared server for not much money
    And then what happens to the heat that needs to be expelled from the rear? wouldnt it just be blowing onto the device....
    Robert K.
    █ SpiderWeb Hosting Pty Ltd
    Domains & Hosted Services
    https://spiderhosting.com.au

  6. #6
    Registered User
    Join Date
    Dec 2014
    Posts
    12
    We have cable management taking up 1RU on some racks. Depending on the vpn device it will be blowing on a very small amount onto some cables.
    Either way I am sure we can try and accommodate any customer with their needs.

  7. #7
    Registered User
    Join Date
    Dec 2014
    Posts
    12
    We can also allow a VPN connection through our FW to a private VLAN to your server.

    That would be the easiest way especially for just idrac and management access.

  8. #8
    Registered User CloudIO's Avatar
    Join Date
    Jan 2015
    Posts
    15
    The best way to manage this is to ask the colo provider if they can provide you a virtual firewall.

    From there just send a private vlan to the xen server and keep all connections secure without the need for additional equipment.
    _______________________________________
    █ █ CloudIO - Cloud Server Hosting Australia
    █ █ Cloud Servers | AnyCAST DNS | CloudFlare CDN

  9. #9
    Registered User
    Join Date
    Dec 2014
    Posts
    12
    Exactly, this is what we can provide you potential customers wanting a simple transition to the DC

Similar Threads

  1. Replies: 0
    Last Post: 25-04-2013, 01:36 AM
  2. Replies: 0
    Last Post: 20-03-2013, 11:42 AM
  3. ● [EU] Underground BUNKER | MOST Secure Colo | 50% OFF ●
    By DEAC in forum International Offers (LINK)
    Replies: 0
    Last Post: 18-03-2011, 03:14 AM
  4. Replies: 0
    Last Post: 16-03-2011, 05:26 PM
  5. Replies: 0
    Last Post: 24-05-2008, 04:15 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •