Step by step configuration pritunl-zero and bastion host

ochid · May 9, 2024, 2:02am

We have install pritunl zero on ubuntu 22.04 machine.
We already follow the pritunl zero documentation but still confuse step by step to config pritunl zero as a bastion host.

Is there any guide step by step sequence that we can follow ? Which part that we must config first and verify it then continue to the next config.

Thanks

zach · May 9, 2024, 2:53am

The Getting Started Bastion Server documentation has a guide for bastion configurations.

ochid · May 9, 2024, 3:21am

Thank you Zach for your quick response,

From the url i just see the repository just for the redhat/centOS family.
is there any specific for ubuntu 22.04 ?

Where we can get explanation the purpose of each menu (Services, Nodes, Policies etc ) ?

Where the pritunl configuration saving in pritunl zero ? on pritunl we can see in /etc/pritunl.conf

Thanks

zach · May 10, 2024, 6:41pm

The repositories documentation has all the available repositories. There isn’t any documentation for each tab, clicking the ? icon next to options will provide information. The configuration is stored in the MongoDB database.

ochid · May 15, 2024, 9:13am

Ok Thank Zach, we got the repository.

So for installing pritunl zero and bastion host we need 2 instance ? Can we just use 1 instance ?

Is there any documentation step by step to install bastion host and tested succeed ?

Thanks

zach · May 16, 2024, 1:59am

The server can create a bastion host in a pod container but it should not be the SSH server on the host. Bastion SSH hosts are an advanced configuration that should only be done with full knowledge of complex SSH configurations. Even when done correctly it is far less secure than a configuration with a VPN server to provide the first layer of access control.

ochid · May 16, 2024, 2:48am

Thanks Zach,

So better we use 2 servers ? 1 server as pritun-zero as vpn and 1 server as bastion Host.

The Flow if we just use 1 bastion host like this ?
Pritunl-zero VPN → bastion Host → Internal server

Can we got detail step to setup ?

Pritunl-zero and verified the pritunl-zero working properly
Bastion (not sure between bastion server and bastion host) and verified the bastion working properly

Thanks

ochid · May 17, 2024, 3:09am

I just create 2 instances 1 for pritunl-zero and 1 for bastion host.
Then pritunl-zero from scratch, the below are the steps :

Setup pritunl zero
Config domain and certificate, nodes, and authority

What next should we do and how to verify that our pritunl-zero working properly ?

zach · May 22, 2024, 6:08pm

There is no VPN provided by Pritunl Zero. The SSH server would be open to the internet.