I'd like to implement an LDAP using FreeIPA for centralized authentication and for security sake (Kerberos).
The problem is my servers (Ubuntu) running as public cloud with no private interface provided. So, my only choice is using public but I'm not sure is this a nice idea to implement with public IP for both server and clients.
Apart from that, I'm worrying about external services. How can external services access to the REALM?.
also wondering about users, We have two types of users
- external users with various public IP
- external users that using one public IP but using NAT to assign private IP
I have little experience with LDAP and that was implement only on private. Please share you suggestion. I'm really appreciated.