S2S VPN between Raspberry Pi and pfSense

I’ve recently bought a Raspberry Pi 4 device and, amongst other things, I thought of implementing a Site to Site VPN (using OpenVPN) on it, so I can more efficiently connect to environments I use, like Azure labs and stuff like that.

I’m not usually a step-by-step guides writer and, as such, I’ll just tell you the configuration I’ve used to setup the environment mentioned on this post’s subject. Another reason for writing this is that I wasn’t able to find a fully functional guide into this.

Continue reading S2S VPN between Raspberry Pi and pfSense

My notes on deploying Check Point CloudGuard IaaS solution on Azure

I was recently involved in an Azure deployment of Check Point CloudGuard IaaS solution so please allow me to describe some tips for remembrance.

There may be various reasons for one to deploy a security solution like this in any public cloud infrastructure, the main one being that usually it fits better customer’s cloud security requirements than using the provider native ones – and there are a lot of them out there!

The other reason may be that you are already accustomed to manage a solution from that provider on your on-premises infrastructure and want to keep the ease of management in a way that you prefer most. Or even… You may just want different vendors to analyse and secure your cloud environments.

Continue reading My notes on deploying Check Point CloudGuard IaaS solution on Azure

Azure P2S VPN routing caveats (with multiple VNet gateways)

I’ve recently worked with a customer that had an Azure Virtual Network Gateway in place to connect their remote workers (using native P2S functionality, supported under subnet 192.168.17.0/24) to both Azure and on-premises networks. Pretty usual setup, to be fair. Let’s say:

  • Virtual Network Gateway
    • Name: vpngwA
    • Virtual Network: vnetA (172.16.0.0/16)
  • Local Network Gateway
    • Name: lngwA
    • Remote Network: 192.168.0.0/24 (using S2S connection named “s2sA”)
Continue reading Azure P2S VPN routing caveats (with multiple VNet gateways)

This (open) space described

Welcome to the first post of my personal space on the web!

Detailing current setup for making this come true is the intent of this blog post, in convergence with the openness I like about technology and its user community.

So, what will you need to do something like this for yourself?

  • A custom domain (in my case, bmartins.pt, owned since 2014)
  • A hosting provider (I’ll be sticking with GCP but you can opt for Azure or AWS)
  • An environment on where to run this on (like a GNU/Linux server, a CMS – WordPress, in my case -, and a web server)
  • Security (as always!)
Continue reading This (open) space described