Are there some possibilties to manage a windows server over the public internet with Ansible?
I have no possibility to add execution_nodes to the network. These are single machines on different places and no vpn between.
Is there some agent or is there an option to use receptor windows agent to manage the machines?
I presume the goal is to not open ports across the public internet, even if tied to specific source addresses.
I have a similar requirement in some cases and use a tool named “Remote.It” to establish a secure P2P tunnel. You basically install an agent/app on your target node, publish the required ports you want to connect to as a service, and then “request” a connection to the service from the source node. The target then establishes a P2P connection back to you.
The connection is then bound to localhost on a random port.
I’m sure there are other similar Zero Trust type tools, but haven’t used them.
I also notice NetFoundry have this: Ansible Security Cloud - built upon OpenZiti, which looks interesting.
However, again, I have no experience of using it, would be interesting to hear if anyone else has!