How did we implement the cloud solution?
Our first step was to evaluate the complexity of the future IT infrastructure. The client’s wish to set up VPN IPsec between the OPNsense virtual router in the public cloud and the client’s Kerio router in site-to-site mode was taken into consideration. Setting up and diagnosing the tunnel was complicated by the fact that the client did not provide access to the nodes. We set up the client-to-site L2TP tunnel between the router and the client’s instances while bypassing the limitations of Windows OS with consideration of the specifics of working with NAT. As a result, we found an effective solution which allowed us to permit a connection with the L2TP/IPSec server when it’s behind NAT.
SIM-Networks technical specialists successfully carried out the migration of 19 virtual machines with 3 TB of slow and 8 TB of fast disk space. The client’s tech staff was given a comprehensive consultation on the specifics of managing public cloud services. The consultation gave the client’s employees the skills necessary for working with cloud projects, such as creating new drives, setting up their volumes based on the chosen OS, launching instances etc.
After the consultation, the client’s staff were able to set up a connection between the instances, as well as the isolated DevOPS platform, set up permission rights for incoming traffic and put restrictions on the instance ports using security groups. The client also got practical recommendations on setting up VPN, firewalls, routing and NAT for connecting the web servers to the internet.
Solution proposed by SIM-Networks technical experts
It was important to the client to transfer from a trial version of Windows to a licensed full version without losing custom settings. We familiarized the client’s staff with the specifics of software licensing and provided a package of software necessary for the project.
