Our platform currently has an admin panel, let’s call it admin.service.com. The admin panel is access by both our staff and our customers. We would like to heighten the security, but requiring all traffic from our staff to go through a VPN. The idea is that all staff functions will require the VPN IP and the customer functions can be accessed from any IP.
I’ve set up a VPN, which works fine, but there is one single issue I can’t fix. Our VPN does not have free traffic (Actually it’s quite expensive), so we allow only access to 220.127.116.11, 18.104.22.168 and the admin panel. Therefore all other traffic is routed outside of the VPN.
This raises the issue. The admin panel connection is also preferring a non-VPN connection meaning the public IP of the staff is not the VPN and the staff features are therefore disabled. Yikes.
I’m looking for a solution to this strange problem. I’m asking this here on StackOverflow and not ServerFault, as I’ll allow programmable solutions to this problem if necessary. Thank you in advance.
We are using L2TP on CentOS.