This article describes how to setup SSL VPN PLUS in Copaco VMWare Cloud

1.Login to Copaco VMware Cloud

2.When logged in to the Copaco VMware cloud environment go to:
Networking -> Edges -> select the edge -> configure service

3. In the "Edge Gateway Settings" go to SSL VPN-PLUS General settings 

Here you can leave everything default. If you like you can give a user a notification when connecting to the VPN You can enter your text    in the "user notification" field.

4. now go to the "IP Pools" menu And click on the "+"

Here you need to specify your IP Pool for with IP addresses that you want to assign to your VPN clients

 

In the example above I have chosen for the 192.168.3.30 till 192.168.3.40 range with the gateway 192.168.3.254 (please note the gateway address we need this address in a later step.)

5. now go to the "client configuration" menu and chose for tunnel mode "full" You can also use "split" tunnel mode but this is less secure.

For the default gateway enter the gateway address that you have configured in the client configuration menu.

6 now go to the Users menu and click on the "+" sign

here you can create a user that needs to have access through VPN

7 now go to the "installation Packages" menu and click on the "+"sign

 

 

Here you must give you package a name and specify the gateway and port where the client can download the package from. This is the IP address from the Edge gateway. you can also specify a port. I have used 60003. (note this IP address and port number we need this later on) you can also choose for a DNS name in combination with a certificate. See this article how you can upload your certificate.

By default VCloud will create an package for windows but you can also choose for Linux or MAC.

To save the settings click on "keep"

8. now go to "server settings" menu

here you need to select the IP address from the gateway and specify the port. (this are the same settings as what you used in your installation package. In my case its 185.105.202.18 with port number 60003

If you would like to use your own certificate you can change it by clicking on the “change certificate”button.

Select the certificate that you want to use and click OK


9. now go to the "private networks" menu and click on the "+" sign

Here you need to specify which subnet you want to use in the tunnel. In my example its my network that I use in VMware Vcloud

192.168.1.0/24

click on "keep" to save changes

 

10. now we can download the VPN Package for the clients. In a web browser go to gateway address + port      number /sslvpn-plus

in my case its https://185.105.202.18:60003/sslvpn-plus

 11. Now you have to login with the user you created earlier

12. Now you can download and install the package by click on download by clicking on the package we have created:

After you have download and installed the package you can login with your VPN user

 

13 now you are successfully connected with VPN

14 If you also want to have internet access trough VPN you have to add the appropriate firewall and Nat rules.

Firewall rule:
Source: 192.168.3.0/24
Destination Any
Service: any

SNat rule:
Original IP 192.168.3.0/24
Port: any
Translated IP (edge gateway) 185.105.202.18
Port: any

 See also: