Comment on How can I restrict visiting a service through a domain to VPN-connected devices?
Black616Angel@feddit.de 1 year ago
Okay, the others are a little short for what you need.
Your VPN needs it’s own DNS. With that DNS you can route the traffic internally from the VPN subnet to the server. Then you can set the server up to only take requests from that subnet either via firewall or the reverse proxy.
Snowplow8861@lemmus.org 1 year ago
100%.Or set host file entries on each endpoint to resolve the mail.domain.com to your internal ip that’s available only over vpn. Not going to be easy on mobiles.
There is an assumption though that the mail server has an internal IP address wherever you are hosting. That might not be true. I would always put the public IP on the firewall and then NAT with specific port 25 in to the private IP of the server, but who knows what this particular OP has done.