counterweight/superhog-infra-repo
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

more instructions

Browse source
This commit is contained in:
Pablo Martin 2024-02-07 18:43:10 +01:00
parent 54acad43b7
commit 420a17837b
1 changed files with 7 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

10
human-script.md
View file

@ -308,9 +308,13 @@ Follow this to deploy the entire data infra.
echo "Finished."
```
- You should copy the client config that the script will produce and set up the Wireguard config on your local machine.
- Once you've done so, start Wireguard on the client and try to ping the server from the client with the Wireguard VPN IP. If it reaches, the VPN is working fine.
- You should copy the client config that the script will produce and set up the Wireguard config on your local machine.
- Once you've done so, start Wireguard on the client and try to ping the server from the client with the Wireguard VPN IP. If it reaches, the VPN is working fine.
- Now, validate your setup by SSHing from your local device into the jumphost by referencing the VPN IP of the jumphost instead of the public IP.
- Once you verify everything works, you should go to the NSG of the jumphost and remove rule AllowSSHInboundTemporarily. From this point on, the only entrypoint from WAN to the virtual network is the VPN port in the jumphost machine.
- Next, we must allow IP forwarding on Azure.
- Look for the jumphost VM Network Interface.
- In the `IP configurations` session, activate the flag `Enable IP forwarding`.
- #TODO
- Allowing ip4 forward on network interface of jumphost in Azure