Managing VPN User Access
You have total control over your VPN. To manage your VPN, on the left hand menu column of you Stratosphere dashboard, navigate to "Network" and select "VPN". This will open a browser view of all your established VPNs.
You can enable or disable your VPN by clicking on the red button on the far right.
Note: Disabling the VPN is dynamic and the effect is immediate. If you are connected to your EPN environment through your VPN, when the VPN is disabled, your connection will be aborted. Disabling is not deleting. You can re-enable a disabled VPN at any time. Disabling, however, is necessary if you need to make changes. The change process is the same as the creation process.
Access over the VPN is restricted to authorized users. To create users, click on the "Add VPN User" button. You will see the following:
You can create as many users as you need. There are no naming conventions or password requirements enforced upon you; you can establish and maintain whatever works for you.
If one or more preconditions to creating a VPN user have not been satisfied, you will see the following:
The warning message will tell where the deficiencies are so that you can locate and correct them. Once you have them corrected, you may resume creating users.
Best practice: Names need to be unique and should be meaningful. Most organizations have a naming convention in place so it would be best to mimic that. Passwords should be complex, not names, dates or dictionary words. They should be at least seven characters in length and incorporate a variety of upper and lower case alpha characters, numbers and special characters.
Note: DO NOT use the pound sign (#) in your password. This symbol is significant to the system software and its inclusion will cause the password to be unrecognized.
You will need to confirm whatever password you choose. If there is a mismatch, you will see the following:
Retype your chosen password twice. Once they agree, you can proceed to create the user account.
Repeat the above process for each additional user account desired.
Once you have created your users, they will appear in your browser view. You cannot edit or change anything. You can only delete and recreate. To delete a user, click on the on the right hand side.
Note: There is no facility within EPN enabling a user to change his/her password. If a password needs to be changed, you will need to delete the user and add it back with the new password.
The final step will be to provide your users with their account credentials (user name and password), preshared key and VPN address. They will need all three pieces to configure their clients.
CAVEAT: Once a user account is created, that user is eligible to use every VPN in your account. Provide the preshared keys for specific VPNs only to those users you need to have access. Without the key, the user account alone will not be sufficient to grant access.
At some point, you will also need to provide your users with the particulars of the virtual machines within your EPN environment, such as their IP addresses and administrator passwords. They will need that information to be able to SSH or RDP into the virtual machines.
Note: You have a great deal of control over your environment. Using Datapipe's key pairs and local machine policies, you can tailor access to specific instances even though VPN authorization grants access to the entire network and all resources on the network.
For more information about finding virtual machine addresses in EPN, go HERE
For more information about retrieving passwords, go HERE
To learn how to configure a Windows VPN client, go HERE
To learn how to configure a Mac VPN client, go HERE