Configure a VPN connection to your CloudSimple Private Cloud¶
VPN gateways allow you to connect to CloudSimple network from your on-premises network and from a client computer remotely. In this article, you can find information on setting up VPN gateways from the CloudSimple portal. A VPN connection between your on-premises network and your CloudSimple network provides access to the vCenter and workloads on your Private Cloud. CloudSimple supports both Point-to-Site VPN and Site-to-Site VPN gateways.
VPN gateway types¶
- Point-to-site VPN connection is the simplest way to connect to your Private Cloud from your computer. Use Point-to-Site VPN connectivity for connecting to the Private Cloud remotely.
- Site-to-Site VPN connection allows you to set up your Private Cloud workloads to access on-premises services. You can also use on-premises Active Directory as an identity source for authenticating to your Private Cloud vCenter. Currently, Policy-Based VPN type is supported.
In a region, you can create one Site-to-Site VPN gateway and one Point-to-Site VPN gateway.
To create a Point-to-Site VPN gateway, see Create Point-to-Site VPN gateway.
Connect to CloudSimple using Point-to-Site VPN¶
- Launch CloudSimple portal and select Network.
- Select VPN Gateway.
- From the list of VPN gateways, click on the Point-to-Site VPN gateway.
- Select Users.
Click on Download my VPN configuration
Import the configuration on your VPN client
Connect to CloudSimple VPN gateway.
Example below shows importing connection using Viscosity Client.
Import connection on Viscosity client¶
Extract the contents of VPN configuration from downloaded .zip file.
Open Viscosity on your computer.
Click the + icon and select Import connection > From File.
Select the OpenVPN configuration file (.ovpn) for the protocol you want to use and click Open.
The connection now appears in the Viscosity menu.
Connect to the VPN¶
To connect to VPN using the Viscosity OpenVPN client, select the connection from the menu. The menu icon updates to indicate that the connection is established.
Connecting to Multiple Private Clouds¶
A Point-to-Site VPN connection resolves the DNS names of the first Private Cloud that you create. When you want to access other Private Clouds, you must update the DNS server on your VPN client.
Launch CloudSimple portal.
Navigate to Resources > Private Clouds and select the Private Cloud you want to connect to.
On the Summary page of the Private Cloud, copy the Private Cloud DNS server IP address under Basic Info.
Right-click the Viscosity icon in your computer's system tray and select Preferences.
Select the CloudSimple VPN connection.
Click Edit to change the connection properties.
Click the Networking tab and enter the Private Cloud DNS server IP addresses separated by a comma or space and the domain as
cloudsimple.io. Select Ignore DNS settings sent by VPN server.
To connect to your first Private Cloud, remove these settings and connect to the VPN server.
To create a Site-to-Site VPN gateway, see Create Site-to-Site VPN gateway. Site-to-Site VPN connection from your on-premises network to your Private Cloud provides these benefits.
- Accessibility of your Private Cloud vCenter from any workstation in your on-premises network
- Use of your on-premises Active Directory as a vCenter identity source
- Convenient transfer of VM templates, ISOs, and other files from your on-premises resources to your Private Cloud vCenter
- Accessibility of workloads running on your Private Cloud from your on-premises network
To set up your on-premises VPN gateway in high-availability mode, see Configure a high availability VPN connection.
- Set TCP MSS Clamping at 1200 on your VPN device. Or if your VPN devices do not support MSS clamping, you can alternatively set the MTU on the tunnel interface to 1240 bytes instead.
- After Site-to-Site VPN is set up, forward the DNS requests for *.cloudsimple.io to the Private Cloud DNS servers. Follow the instructions in On-Premises DNS Setup.