so… just a short introduction may be necessary…
I’m more of a regular on the LTT forums side of things, but it seems my issue fell a little out of place there, so here’s me hoping this side of the pond can help me out. parts of this post are copy/paste’s, so if i screw up formatting, help me out here.
i’m looking for a VERY specific VPN / Firewall implementation, essentially intending to create a replacement for having to set up passwords, whitelists, block out server list ports, etc.
in other words, i want something i can throw in a VM on my server, that does the following:
user needs to connect trough windows’ built in VPN (NO exceptions here, end users are dum users)
all connected users need to be seperated (cannot ping each other, etc.)
this same VM needs a form of “port forwarding” where i can easily allow or disallow access to a certain port, on a certain IP address.
this all, ideally, fits in a VM with 1GB RAM or less.
the idea is an end user can connect to my server via windows’ VPN, can only see/ping the “host” IP address there, which is in itself sort of the “WAN” ip address on a router, on which specific ports are forwarded to the actual game servers. the VPN aspect being the passworded “gate”, relieving the endless annoyance of password configuration and ensuring things are properly walled off.
I dont particularly care about a high security VPN protocol, because essentially all that’ll go over it is meant for public internet anyways.
there’s a few things i do care about, that have proven to be difficult to find as a whole package:
- ease of use, both for me and the end users
- low resource usage (preferably a 1GB RAM VM or less)
- preferably a single VM solution
Things i’ve tried, and why they failed
PFsense: VPN configuration is horrible, even when following the official guide to the letter. creating firewall rules (“port forwarding”) is beyond the level of complexity i’d prefer to deal with.
OPNsense: see above
IPFire: this web interface is actually worse than D-link…
iptables (linux): PLEASE SOMEONE FIND ME AN EASY TO USE INTERFACE FOR THIS… I NEED THIS IN MY LIFE.
or as a TLDR: it needs to be a VM, it needs to have a VPN function that works with windows VPN, and it needs to have quick (preferably visual) setup of port forwarding rules.