How to configure client to site VPN with openVPN in Copaco VMware Cloud

Summary

This article describes how to install and configure VPN using openVPN in Copaco VMware Cloud.

Prerequisites

OpenVPN is free for 2 users. If you want to use OpenVPN for more then 2 users please make sure that you have bought the appropriate amount of licenses. See here

Start

Download the OpenVPN Appliance here
When the download is complete you need to create a VM based on the OVF.
- Go to Vapps and select “add vapp from OVF
- Click upload to select the OpenVPN OVF file
- click “Next”
- Click “Next”
- Enter a name for the Vapp. In this case its “OpenVPNsrv”
- Now you need sto specify the computername. We give it the same computername as the VM name. Clcik “Next”
- Now we need to specify the primairy NIC and network for the OpenVPNsrv01 server. Click “next”
- On Custom Properties click “next”
- Now you can customize the hardware if you like. We leave everything default. Click “Next”
- On the “Ready to complete” step click “finish”
Now we need to create the appropriate Firewall and Nat Rules
- Go to Edges → your network → services - Firwall and click the “+” button Create a firwall rule that allows traffic from your local network to the Copaco VMware Cloud environment
- Now we need to create a NAT rule to Nat Ports 1194 (UDP/TCP) and 943 (TCP) to our OpenVPNsrv01 machine which will have the IP 192.168.1.100 (We will configure the IP address later)
  Click on “+ Dnat rule”
  Here we have created the 1194 TCP rule
  
  Here we have created the 1194 UDP rule
  Here we have created the 943 UDP rule
- As you can see we have configured the three NAT rules
Now we are going to configure the OpenVPNsrv so we can connect though VPN.
- Go the details of the OpenVPNsrv and change the “IP Mode” to “static - Manual” and enter the IP address. We have used 192.168.1.100. And click “Save”
- Now go to “Guest OS Customization” and click “Edit”
- Untick “auto generate password”ans specify a password for the root account
- Go to “Virtual Machines”and power on the VM with force recustomalization
- When the VM is started login with the credentials you have specified. The OpenVPN cofiguration wizard will start
- if you agree the agreement type “Yes”
- On primary access node type “yes”
- On specify network interface specify the network interface with the private IP. In our case its 2
- port for admin web leave default and press enter
- For the OpenVPN Deamon enter port 1149
- client traffic routing type “yes”
- Client DNS traffic be routed through VPN “type “yes”
- User authentication via internal DB type “yes”
- Should private subnets be accesible type “yes”
- Do you want to wish to login to admin UI with openvpn. In our case we type yes
- Enter your activation key if you have one.
- Wait a few minutes for the installation to be complete
- Now we need to specify a password for the user “openvpn”
- Type “passwd openvpn” to specify a password for this user
- Now we can browse to the OpenVPN admin interface and login with the openvpn user In our case its https://188.126.116.38:943/admin/
- here you can configure serveral things such as authentication methods. Out Of the box” everything works to setup a VPN connection.
- Now we can go to the client page to download our client config. In our case its https://188.126.116.38:943/
- Here you have serveral options to choose for using the VPN. We are going to choose to download our config since we allready have installed the OpenVPN client
- When you have downloaded the config you have the 192.168.1.100 addresses into 188.126.116.38 (its public address)
- When this is done. you can import the config in to your client and try to make connection
- Now you are successfully connected to the OpenVPN VPN connection