A few weeks ago I wrote an article on how Veeam Powered Network can make accessing your homelab easy with it’s straight forward approach to creating and connection site-to-site and point-to-site VPN connections. Since then I’ve done a couple of webinars on Veeam PN and I was asked a number of times if Veeam PN can be setup without the use of a central hub appliance.
To refresh the use case that I went through in my first post, I wanted to access my homelab/office machines while on the road.
With the use of the Tunnelblick OpenVPN Client on my MBP I am able to create a point-to-site connection to the Veeam PN HUB which is in turn connected via site-to-site to each of the subnets I want to connect into.
Single Veeam PN Appliance Deployment Model
After fielding a couple of similar questions during the webinars it became apparent that the first use case I described was probably more complicated than it needed to be for the average home office user…that is create a simple point-to-site VPN to allows remote access into the network. This use case can also be used to access a simple (flat) company network for remote users.post and also visit this VeeamKB that describes where to get the OVA and how to deploy and configure the appliance for first use.
- Veeam PN Hub Appliance x 1
- OpenVPN Client
- Veeam PN Hub Appliance – Incoming Ports UDP 1194, 6179 and TCP 443
- OpenVPN Client – Outgoing access to at least UDP 6179
In my setup the Veeam PN Hub Appliance has been deployed into VMware Workstation and has picked up a DHCP address. Unlike the Azure Market Place deployment you need to go through an initial configuration wizard to setup the Hub appliance to be ready to accept connections. Go to the Veeam PN URL, enter in the default username and password and click through to the Initial Configuration wizard.
Once that’s done you are sent to the Veeam PN home dashboard page. In order to have the 192.168.1.0/24 network accessible remotely you need to configure it as a site, as shown below from the Clients menu. This is a bit of a workaround to ensure that the correct static routes are included in the endpoint OVPN configuration files but note that the site will never become connected in the client status window.post, for my MPB I’m using the Tunnelblick OpenVPN Client that I’ve found it to be an excellent client but obviously being OpenVPN there are a bunch of other clients for pretty much any platform you might be running. Once I’ve imported the OVPN configuration file into the client I am able to authenticate against the Hub Appliance endpoint and the home office routing is injected into the network settings.
Summerizing the steps that where taken in order to setup and configure remote access into my home office using Veeam PN:
- Deploy and configure Veeam PN Hub Appliance
- Go through initial Hub Network Wizard
- Register local network as a Site
- Register Endpoints
- Setup Endpoint and connect to Hub Appliance
Those five steps took me less than 10 minutes which also took into consideration the OVA deployment as well. The simplicity of the solution is what makes it very useful for home users wanting a quick and easy way to access their systems…but also, as mentioned for configuring external access to simple office networks!
Again, Veeam PN is free and is deployable from the Azure Marketplace to help extend availability for Microsoft Azure…or downloadable in OVA format directly from the veeam.com site.