[194526] in North American Network Operators' Group
Re: Ingress filtering from an external cloud service to the internal
daemon@ATHENA.MIT.EDU (Yan Filyurin)
Fri May 5 12:23:02 2017
X-Original-To: nanog@nanog.org
In-Reply-To: <FD416C05-D347-4DE3-AD54-4F6029922E08@gmail.com>
From: Yan Filyurin <yanf787@gmail.com>
Date: Fri, 5 May 2017 11:30:16 -0400
To: George William Herbert <george.herbert@gmail.com>
Cc: "Torres, Matt" <matt.torres@state.or.us>,
"nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
I just read an article about these people. They are even more interesting
than Illumio or these other VPN solutions. The important part is that you
get to stitch tunnels together on some other host, so the changing IP of
endpoints is irrelevant.
http://zentera.net/
On Fri, May 5, 2017 at 11:13 AM, George William Herbert <
george.herbert@gmail.com> wrote:
> You can usually run OpenVPN from a cloud host. The source IP changing
> possibly should require only one open exception to the local VPN
> termination point.
>
> Better, find a cloud that doesn't do that shit with changing endpoints and
> gives you real VPNs. What sort of cloud doesn't these days?...?...
>
>
> Sent from my iPhone
>
> > On May 4, 2017, at 10:08 AM, Torres, Matt <matt.torres@state.or.us>
> wrote:
> >
> > Unfortunately, a private connection or VPN to the cloud service provider
> is not available right now, but I can see how that could help solve my
> problem. :-)
> > ~Matt
> >
> >> Is it possible for you to get a private/direct connect service from
> your network perimeter to the cloud provider and eliminate using the public
> connectivity?
> >>
> >> Or because its Internet-based you have to use public connectivity?
>
