In all honesty of you are in a commerical environment and scale where PCI and mesh VPNs are cropping up you should consider hardware firewalls.
FortiNet has FortiGate ADVPN as part of the base image and no extra licenses required. If you include the licenses you can get PCI reports from the FortiGate.
Juniper has SRX mesh, don't go for the cisco tax of DMVPN, Palo Alto has LSVPN
I am actually managing a bunch of locations with only 1-3 people at each. Full firewalls feel overkill but maybe there is a middle ground. I've actually considered openWRT with ansible but keeping openWRT updated is a pain in the ass.
For now I'll just stick with Tailscale and some sort of management software.
Which specific PCI requirements did you fail?
Regardless, it sounds like you're over-complicating things. The cameras should just be on a separate VLAN with proper ACLs at the router/firewall.
I'm looking to completely remove the NVRs from the internet so no, I don't believe its that complicated
It seems that Tailscale may be a decent fit for our needs. Netbird had a nicer UI but is not nearly mature enough and has broken user invites
A community dedicated to the profession of IT Systems Administration
No generic Lemmy issue posts please! Posts about Lemmy belong in one of these communities:
[email protected]
[email protected]
[email protected]
[email protected]