Skip to main content
Skip table of contents

How to configure client to site VPN with openVPN

Summary

This article describes how to install and configure VPN using openVPN in Copaco VMware Cloud.

Prerequisites

Getting Started

This article contains 3 parts. In the first part will explain how to create a vApp and the second part will explain the firewall rules that need to be created and the third part will explain how to configure the vApp.

Creating the vApp

  1. Login to the customer tenant environment from Copaco VMware Cloud.

  2. Click on vApps, click NEW and click Add vApp From OVF.

    image-20240206-101108.png

  3. Click upload to select the OpenVPN OVF file.

    image-20240206-101558.png

  4. Click Next.

    image-20240206-101509.png

  5. Review the details and click Next.

    image-20240206-103216.png

  6. Provide a name for the vApp and click Next.

    image-20240206-103342.png

  7. Change the Computer Name so it meets the requirements shown.

    image-20240206-103622.png

  8. Click Next.

    image-20240206-104012.png

  9. Click Next.
    (Optional) Specify the primary NIC, Network Adapter Type, vApp Logical Network and IP assignment.

    image-20240206-104719.png

  10. Click Next.
    (Optional) Adjust the hardware settings.

    image-20240206-104953.png

  11. Click Next.
    (Optional) Change the Destination and IP Allocation.

    image-20240206-105131.png

  12. Review the settings and click Finish.

    image-20240206-105635.png

Creating Firewall and NAT Rules

  1. Click Edges, select the Edge gateway rule and click Services.

    image-20240131-124835-20240206-110907.png

  2. Go to the Firewall tab and click the + icon.

    image-20240131-130606-20240206-111000.png

  3. Create a firewall rule that allows traffic from your local network to the Copaco VMware Cloud environment.

    image-20240206-111530.png

  4. Go to the NAT tab and click +DNAT RULE.

    image-20240201-132417-20240206-112818.png

  5. Create a DNAT rule to NAT ports 1194 (UDP/TCP) and 943 (TCP) to our OpenVPNserver machine which will have the IP 192.168.1.100 (We will configure the IP address later).

    1194 TCP rule

    1194 UDP rule


    943 TCP rule

    All three created rules

Configuring the VM to be able to connect through VPN

  1. Go to vApps and click the name of the vApp created in the first steps.

    image-20240206-115112.png

  2. Click Virtual Machines, and click the name of the server.

    image-20240206-115445.png

  3. Under Hardware, click NICs and click Edit.

    image-20240206-115615.png

  4. Enable the NIC, Change IP Mode to Static - Manually and enter the IP address and click Save.

    image-20240206-115845.png

  5. Go to Guest OS Customization and click Edit.

    image-20240206-120259.png

  6. Check the Allow local administrator password checkbox, specify a password and click Save.

    image-20240206-120633.png

  7. Go to ALL ACTIONS, Click Power and click Power On, Force Recustomization.

    image-20240206-120809.png

  8. When the VM is started, login with the credentials you have specified. The OpenVPN configuration wizard will start.

  9. Type Yes if you agree the agreement

  10. Type Yes On primary access node

  11. On specify network interface specify the network interface with the private IP. In this case its 2.

  12. Leave the port for admin web default and press Enter.

  13. Enter port 1149 for OpenVPN Daemon.

  14. Type Yes on the Client traffic routing.

  15. Type Yes for the DNS traffic to be router through VPN.

  16. Type Yes for User authentication via internal DB.

  17. Type Yes for Should private subnets be accessible.

  18. Type Yes to login to the Admin UI with OpenVPN.

  19. Enter your activation key if you have one.

    • Wait a few minutes for the installation to be complete

  20. Specify a password for the user “openvpn” by typing passwd openvpn.

  21. Browse to the OpenVPN admin interface and login with the openvpn user In our case its https://188.126.116.38:943/admin/

    image-20240206-122821.png

  22. Here you can configure several settings such as authentication methods.

  23. Go to the client page to download our client config. In our case its https://188.126.116.38:943/

    • Here you have several options to choose for using the VPN. We are going to choose to download our config since we already have installed the OpenVPN client.

  24. When you have downloaded the config you have the 192.168.1.100 addresses into 188.126.116.38 (its public address).

  25. When this is done. you can import the config in to your client and try to make connection.

  26. Now you are successfully connected to the OpenVPN VPN connection.


JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.