Argo tunnel bastion mode: Jump Server

I have created a virtual network on Microsoft azure, I want to attach a jump server that will allow the users to connect to VM without exposing them publicly. For this, I’m looking forward to argo tunnel bastion mode.

The functionalities I need from my jump server are as follows:

  1. The server should allow users to authenticate using the Azure active directory.
  2. User session should timeout after 15 minutes of inactivity.
  3. Server should send a webhook when the user tries to connect and after the user disconnects

Can anyone please help me understand if these features are possible using argo tunnel or not?

For SSH, this is possible by leveraging Short-lived certificates. But, the server will expect the username of the authenticated email address as the username of the server. This works in Linux, but I’m not sure whether this can be used in Windows Server or not (in case you are using Windows Server).

I can’t confirm this. Maybe someone can answer that.

Webhook is not supported by Cloudflare Access as far as I know.

The session can be timed out after a specific amount of time, but not inactivity. You can make the user re-authenticate every, for example, 15 minutes.

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.