![]() All servers in a Pritunl cluster are independent and do not rely on other servers. Pritunl is designed for high availability with no master servers and no single point of failure. In the above screenshot, the us-west-production, us-west-development and us-east-production are the VPN profiles a user has access to. Here’s a sample screenshot of the pritunl client. So on the users end it is pretty straightforward they just need to install the client and don’t have to worry about the nitty-gritty behind it. The client automatically tries to switch to another node if the first node is not reachable or some network issue. Since the client talks to the Pritunl cluster, the load is distributed among the nodes in the cluster, so nodes are choked with the incoming traffic. So there is a double check before a user tries to access a network behind VPN. This seed or the QR code can be used in token generating apps like Google Authenticator, Authy etc. Each user at the time of registration and every he logs in, is presented with a unique QR code which is the seed for the 2FA token. ![]() These profiles may also have two-step authentication. How does the users get access to particular VPNs I will explain in the next section. so only valid users can register and download their VPN profiles. Pritunl has various integrations for authentication like Google, Github, Auth0 etc. Users need to authenticate themselves with the Pritunl cluster and get a list of VPN profiles that they have given access to. It is readily available for all platforms and OS. The pritunl client needs to be installed at user end. There are three major parts of this solution: Pritunl client, Pritunl Cluster and the VPN facilitators. So instead of each user setting their own VPN, we set that particular VPN once and just route users’ traffic through these machines. The main intention was to have a central control over the company wide VPN(s). The solution we implemented reduced the VPN related issues by more than 90%. We solved the above problems by setting up a Pritunl cluster which would be the central hub for routing all the VPN traffic. They needs to address issues individually and fix them.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |