[Note: Tried to post this over at ServerFault, but I don't have enough 'points' for
more than one link. Powers that be, move this question over there.]
Please give this a quick read and let me know if I'm missing something before I start trying to make this work. I'm not a systems admin professional, and I'd hate to end up banging my head into the wall if I can avoid it.
Goals:
Create a 'road-warrior' capable star shaped virtual LAN for consultants who spend the majority of their time on client sites, and who's firm has no physical network or servers.
Enable CIFS access to a cloud-server based installation of Alfresco
Allow Eventual implementation of some form of single-sign-on ( OpenLDAP server ) access to Alfresco and other server applications implemented in the future
Given:
All Servers will live in the public internet cloud (Rackspace Cloud Servers)
OpenVPN Server will be a Linux disto, probably Ubuntu 9.x, installed on same server as Alfresco (at least to start)
Staff will access server applications and resources from client sites, hotels, trains, planes, coffee shops or their homes over various ISP, using their company laptops or personal home desktops.
Based on my Research thus far, to accomplish this, I'll need:
OpenVPN with Bridging Enabled to create a star shaped "virtual" LAN
http://openvpn.net/index.php/open-source/documentation/miscellaneous/76-ethernet-bridging.html
A Road Warrior Network Configuration, as described in this Shorewall article (lower down the page)
http://www.shorewall.net/OPENVPN.html
Configure bridge addressesing (probably DHCP)
http://openvpn.net/index.php/open-source/faq.html#bridge-addressing
Configure CIFS / Samba to accept VPN IP address
http://serverfault.com/questions/137933/howto-access-samba-share-over-vpn-tunnel
Set up Client software, with keys configured for access (potentially through a OpenVPN-Sa client portal) http://www.openvpn.net/index.php/access-server/download-openvpn-as/221-installation-overview.html
