I’m currently in the process of getting my own IT company together and am working on refining some of the skills I would to advertise, essentially generating my own SOP’s so I can just do the exact some thing every time. One skill in particular I want to advertise is setting up remote connections to a network. I’ve done this before using software like Tailscale but I know this does eventually cost money and needs to be run on hardware connected to the network for users to connect remotely to.
While I can recommend buying a cheap PC and simply running it 24/7 to act as an anchor point for users to connect to I was curious if there was an online way to do this. I’ve used products like AWS and GCP to host databases and such but never to actually host a network point. Do you guys have any suggestions on different ways to go about this? For instance if I can host the connection via something else that’s cheaper then dropping money on a standalone server that would be helpful. Also any free alternatives to Tailscale or just generally recommended software although I imagine it just comes down to what you know best. Thanks!
You mean a remote VPN? I’m not too familiar with software VPN solutions, but there’s plenty to choose from, I just can’t exactly recommend one. Hardware-wise, most any basic firewall appliance will have some baked in VPN solutions, either SSL or site-to-site ipsec or both. We’ve use Fortinet devices for a while, and they’re pretty easy to setup and use for VPN purposes. Some routers have baked in support as well.
As someone else mentioned, it sounds like a firewall with VPN functionality built-in is what you’re after. It runs on a piece of hardware you need to have anyway, so no server required.
Unifi will be the cheapest and license free, but their VPN controls are not very granular and the software clients are not the most reliable for a business. I have a handful of small business customers on them and they’re great for what they are.
Other options that are a bit more business grade (but still far from perfect) are Fortinet, Sonicwall, Sophos, Meraki/Cisco, Palo Alto and Watchguard (don’t use Watchguard). There are pros and cons to all of them, but in my experience, it’s best to just pick one, learn it well, and then standardize your customer base on it to make support easier.
About $200. But fundamentally you need to have some hardware on the network you want to connect to. It doesn’t have to be dedicated hardware or some fancy network appliance, but obviously you need something.
Some routers may have the ability to function as VPN servers. Depends on the model.
But the solution I mention above will get you what you want, and more, for about $200 in hardware. But this would be for personal or home use. For personal use or some little corner store small business it’d probably be good enough. If they already have a server rack when get a network appliance that slots in it.
Twingate? You might need to pay depending on licensing.
Users should only need access to a remote network if it’s hosting a service they require to use, and if you’re hosting a service, you can probably add a modern reverse proxy tunneling solution or VPN.
Based on your desire to integrate the cloud, look into Cloudflare Tunnels. But you still need to host the endpoint service.
Because I want to know other ways to do something? I’m trying to find alternative solutions to something I already know how to do. Am I supposed to be omni-potent and know everything without ever asking questions?
Trust me, don’t take a single word of advice from anyone recommending hobbyist equipment and services. Unless you plan to make (or to pay your techs) minimum wage, you’ll quickly find there’s a reason why we don’t use shit like PFSense and rarely touch open source garbage in the Enterprise IT world, even though, on paper, they should be able to do the same job or even better job as high-dollar options.