Hello Ansible Citizens,
I am able to connect to a windows machine through a linux bastion host. This is a central jump server that is connected to all of our client networks. Each client network has it’s own linux jump server.
To review the current configuration:
Example in the Ansible hosts file:
[dr_win]
DR-MGMT01-WIN
[dr_win:vars]
ansible_user=
ansible_password=
ansible_connection=psrp
ansible_port=5985
ansible_psrp_protocol=http
ansible_psrp_proxy=socks5h://10.x.x.x:1234
ansible_winrm_server_cert_validation=ignore
The /etc/hosts file has an entry for DR-MGMT01-WIN.
So does the central jump server.
This works; I am able to win_ping successfully.
Now I want to set up similar connectivity to another windows host in DR but there is an extra hop. I have connectivity from Ansible to DR MGMT subnet. I want to chain the jump servers together.
I have done this successfully with linux machines and ssh, but now I need a way to do this for windows machines.
So right now it looks like:
Ansible → Central_bastion:1234 (ssh listener) → DR-MGMT01-WIN:5985 (successful)
I want:
Ansible → Central_bastion:1234 → DR-MGMT-LIN:22 → DR-SERVER-WIN:5985
How do I configure Ansible to be aware of this chain or how do I set this chain up? There must be a way but it is not clear.
I understand that this is not fully secure; once connectivity is established and I understand the process I can add layers of security.
Regards,