0

We have a need to set a file system instance in the cloud with strictly limited access. This has to be on Azure because of client demands. Restricting by IP address won't achieve what we need alone, because we also need to control what devices are being used to access the documents. Azure doesn't allow for whitelisting by device/MAC, only by IP address.

My first thought on this is to firstly set up a VPN and add the IP address of this to the Azure whitelist, and then lock down the VPN to certain devices. For different reasons, I asked that question a couple of years ago and discovered that OpenVPN doesn't support this (we currently run a VPN which uses OpenVPN). Fine. Someone has suggested to me that a VPN using IPsec will allow me to do this, but I haven't been able to find information about this anywhere - and I mean nothing.

Can anyone confirm that IPsec supports device/MCA address whitelisting?

Does anyone know where I can find any more information on that?

Finally, does anyone know of a better solution that will achieve what I need to achieve?

Improve this question

1 Answer 1

Reset to default
0

You may want to use X.509 certificates which is supported by IPSec and OpenVPN.

Improve this answer
2
  • Do you mean these can be used to effectively whitelist devices?
    – shaneoh
    Commented Aug 21, 2017 at 7:40
  • To establish VPN you need authentication method, be it certificate with ASN1DN or PSK with FQDN - each device has "name" which is not IP address / MAC address.
    – alexlev2004
    Commented Aug 21, 2017 at 7:48

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .