Setting Up VPN for a Virtual Network
- Setting Up VPN for a Virtual Network
Because Datapipe's Stratosphere EPN is private by design, only privileged access is allowed. To establish such access to your EPN resources for configuration and management, a Virtual Private Network (VPN) needs to be created. VPNs are software tunnels through firewalled systems that permit traffic to pass back and forth that is invisible and inaccessible otherwise.
EPN's VPN employs two-factor authentication to control access. All communications passing through the VPN tunnel is encrypted.
Setting up an EPN VPN is relatively easy. It requires:
- The public gateway IP address you acquire when you create a virtual network.
- Port forwarding rules in place opening the necessary ports.
- One or more user accounts that will need to be created.
- A preshared key (a randomly generated string of characters) needs to be created.
- A VPN client. The client is the only thing you must supply. Most operating systems have clients already built in but there are many available should you need one and do not have one.
Here is a graphical representation of the entire process:
To begin, select the virtual network for which you want to establish a VPN from the "Virtual Networks" browser window.
Click on the network name. This will present options specific to this network. To begin setting up a VPN, click on the "VPN" button.
If you do not yet have a VPN defined, you will see the following:
Note: Once you have established a VPN, it will be displayed and you will be able to manage it from this screen.
Click on "Click Here To Get Started". You will see the following:
You need to enter a range of IP addresses. Each VPN connection will get assigned an address from this range. The range can be any valid IPV4 network but the same best practices discussed in "Setting up private virtual networks" should be adhered to here, as well.
For more information about setting up private virtual networks, go HERE
The range you enter should provide enough addresses to accommodate all of the systems that will be attaching to your EPN environment concurrently. If you anticipate 20 concurrent connections, specify a range that provides at least 20. Too many addresses are better than too few. Once you have depleted your pool of addresses, no additional connections can be established.
Note: IP addresses are allocated using DHCP. Once a connection has been terminated, the address that was allocated to that node will be released and becomes available for reassignment.
The DHCP function within EPN is limited. You cannot specify or reserve addresses. Your workstation may receive a different address (within the range you specified) each time you connect so be wary of referencing by address in any configurations you might create.
After entering the IP address range, click on the "Enable Remote Access VPN" button. The creation process could take a minute or so. Once completed, the details of your new VPN will be displayed.
You can also navigate to the VPN tab on the left side of your portal. This will allow you to see and manage all of your VPNs. If you need to enable a VPN, click on the green button on the far right.
Make a note of your VPN IP Address and preshared key. You will need both to configure your VPN client. You can always refer back to this detail page if you need that information again.
Note: You cannot alter any of your VPN settings once it has been created. If you need to change anything, you will need to disable your VPN and start over.