How to enable a software VPN connection to a VM

Introduction
Step 1: Enable the VPN and add a user
Step 2: Configure your own VPN client
Next step

 

Introduction

A software VPN (virtual private network) is an encrypted network connection between your own Internet-connected computer and a VDC local network, which bypasses (also called 'tunneling through') the firewall controls (firewall blocks, port forwarding, or load balancing) of a 'Local with Internet Gateway' network. The basic VPN set up procedure in VDC is described in this document.

When the VPN is connected, your own computer effectively becomes part of the local network in a VDC zone.

For guidance on the basic use of network connections through the firewall, see How to connect to your Linux VM and How to connect to your Windows VM. Please note that no connection rules (inbound or outbound) are set by default for a newly-created network.

Take care that you have set a secure Administrator/root password for your virtual machines, before you activate any Internet network connection.

Step 1: Enable the VPN and add a user

Click Network on the left-hand menu. Then click the name of the network you wish to use. Then click View IP Addresses, and from the list click the public IP address you wish to use (one Gateway network can support multiple public IP addresses). You should now see the Details sub-panel for the IP address:

Click the Enable VPN button . A confirmation dialog appears; click Yes to continue.

Also note that the button function changes to Disable VPN .

After a short wait a confirmation dialog should appear:

This dialog shows the public (Internet) IP address for the VPN, and the 'IPsec pre-shared key'. Make a note of these values for later use.

A third tab labelled VPN should have appeared. Click the tab to show the VPN sub-panel. A list of existing VPN users will be displayed. Enter a new username and password in the input boxes, and click the Add button:

The username/password combination will be used to authenticate access to the VPN from your (remote) computer. It is not possible to modify the password. If you need to generate a new password for any reason then you will need to delete the username and re-create it.

Note: the same set of VPN users is defined for all of the VPN connections in your VDC account. However the account owner can control access because VPN users require the unique pre-shared key for each VPN connection.

Step 2: Configure your own VPN client

On your own computer, you will need to configure your VPN client software. Details will vary depending on your operating system and client.

Here is the essential information you will need:

  • the public IP address for your 'Local with Internet Gateway' network;

  • the IPSec pre-shared key (see Step 1);

  • a username and password for the VPN (that you created in step 1);

  • and you may need to configure your computer network connection to use the VPN type ‘Layer 2 Tunneling Protocol with IPSec’ (also abbreviated to 'L2TP/IPSec').

Next step

See How to enable your computer to use software VPN for a basic guide to creating a VPN connection using a Windows computer.