How to Setup SSL VPN Plus with Copaco VMware Cloud
This article describes how to setup SSL VPN PLUS in Copaco VMWare Cloud
1.Login to Copaco VMware Cloud
2.When logged in to the Copaco VMware cloud environment go to:
Networking -> Edges -> select the edge -> configure service
3. In the "Edge Gateway Settings" go to SSL VPN-PLUS General settings
Here you can leave everything default. If you like you can give a user a notification when connecting to the VPN You can enter your text in the "user notification" field.
4. now go to the "IP Pools" menu And click on the "+"
Here you need to specify your IP Pool for with IP addresses that you want to assign to your VPN clients
In the example above I have chosen for the 192.168.3.30 till 192.168.3.40 range with the gateway 192.168.3.254 (please note the gateway address we need this address in a later step.)
5. now go to the "client configuration" menu and chose for tunnel mode "full" You can also use "split" tunnel mode but this is less secure.
For the default gateway enter the gateway address that you have configured in the client configuration menu.
6 now go to the Users menu and click on the "+" sign
here you can create a user that needs to have access through VPN
7 now go to the "installation Packages" menu and click on the "+"sign
Here you must give you package a name and specify the gateway and port where the client can download the package from. This is the IP address from the Edge gateway. you can also specify a port. I have used 60003. (note this IP address and port number we need this later on) you can also choose for a DNS name in combination with a certificate. See this article how you can upload your certificate.
By default VCloud will create an package for windows but you can also choose for Linux or MAC.
To save the settings click on "keep"
8. now go to "server settings" menu
here you need to select the IP address from the gateway and specify the port. (this are the same settings as what you used in your installation package. In my case its 188.8.131.52 with port number 60003
If you would like to use your own certificate you can change it by clicking on the “change certificate”button.
Select the certificate that you want to use and click OK
9. now go to the "private networks" menu and click on the "+" sign
Here you need to specify which subnet you want to use in the tunnel. In my example its my network that I use in VMware Vcloud
click on "keep" to save changes
10. now we can download the VPN Package for the clients. In a web browser go to gateway address + port number /sslvpn-plus
in my case its https://184.108.40.206:60003/sslvpn-plus
11. Now you have to login with the user you created earlier
12. Now you can download and install the package by click on download by clicking on the package we have created:
After you have download and installed the package you can login with your VPN user
13 now you are successfully connected with VPN
14 If you also want to have internet access trough VPN you have to add the appropriate firewall and Nat rules.
Original IP 192.168.3.0/24
Translated IP (edge gateway) 220.127.116.11