I have a customer that wants to set up a VPN tunnel with me with a Public IP address and a Public address for the host. I am completely at a loss as to how to accomplish this. The customer states that it against his company policy to have a remote host to connect to that is not in the public address space. I have given him a public Peer address to connect to for the establishment of the VPN Tunnel. However he states that he needs the host to be in the public address space as well.
What is my customer asking for? Surely he does not want me to put RDP on a public address?
The motive of your customer is not very clear. If the motive is to hide the remote (RDP) addressess then we can do it by natting (Static or Dynamic). We can allow the natted IP as interested traffic over the VPN tunnel. Because if we are getting the local IP into the public pool then it we don't need VPN tunnel. We can access it directly over internet too.
Im not sure what he is asking for either. I do not want to NAT the RDP port to a public address. Is there a way that I can setup a site-to-site VPN tunnel on a specific peer address and then allow RDP connections on the same peer IP address but ONLY to those with an authenticated site-to-site tunnel?