Date: Tue, 19 Mar 2024 06:23:30 -0600 (MDT) Message-ID: <848038563.321.1710851010339@localhost> Subject: Exported From Confluence MIME-Version: 1.0 Content-Type: multipart/related; boundary="----=_Part_320_1854022080.1710851010338" ------=_Part_320_1854022080.1710851010338 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Content-Location: file:///C:/exported.html
Creating a virtual private ne= twork (VPN) between your desktop or laptop and a VPN service within the Rap= id Access Cloud, allows you access to the private IP address of instances associated with your project (e.g. 10.0.0.73; 10.1= .1.9; etc.). This is best if you need access to the resources you have crea= ted in the Rapid Access Cloud for computational experiments for example, bu= t do not need to offer public services to the internet over IPv4, like web = applications or email.
The VPN will need to be manually star= ted each time you wish to access the private network and only computers tha= t have connected to the VPN in this manner can access the private network, = however multiple computers can access the network at the same time if they = each have the VPN configured.
Install Tunnelblick, a free OpenVPN= application for macOS.
Download the Rapid Access = Cloud VPN configuration files. VPN access is configured per region:<= /p>
<= span style=3D"color: rgb(17,85,204);">Calgary (https://vpn-yyc.cloud.cybera.ca/vpn-yyc-tblk.zip)
<= span style=3D"color: rgb(17,85,204);">Edmonton (https://vpn-yeg.cloud.cybera.ca/vpn-yeg-tblk.zip)
Unzip the file locally and= double-click the unzipped file vpn-yyc.tblk. This will automatically run T= unnelblick and add the VPN configuration.
In the top right corner of= your screen, you will see the Tunnelblick icon. Click on it and choose "Co= nnect vpn-yyc".
When prompted, enter your = RAC username and password.
See the section Verifying Co= nnectivity to confirm the VPN connection is working.
If you see the following message, you can safely ignore it:
This computer's apparent public IP address was not different after=
connecting to vpn. This may mean that your VPN is not configured correctly=
.
The reason for this message is because the Rapid Access Cloud VPN is not= routing all of your traffic through the VPN. Only traffic destine= d for the Rapid Access Cloud's IP space.
Download and Install the c= ommunity version of OpenVPN from <= span style=3D"color: rgb(17,85,204);">openvpn.net.<= /p>
Download the Rapid Access = Cloud VPN configuration files. VPN access is configured per region:<= /p>
Calgary (https://vpn-yyc.cloud.cybera.ca/vpn-yyc-win.zip)
Edmonton (https://vpn-yeg.cloud.cybera.ca/vpn-yeg-win.zip)
Unzip then copy al=
l of the files (ca.crt, client.crt, client.key, and client.ovpn)&n=
bsp;to C:\Program Files\OpenVPN\config
.
On the Windows Desktop, ri= ght-click on the OpenVPN GUI shortcut, select Properties and then the Compa= tibility tab. Check the box to "Run this program as an administrator".
Double-click on the OpenVP= N GUI shortcut and an OpenVPN icon should now appear on your taskbar.
Right-click on the OpenVPN= taskbar icon and choose "connect".
When prompted, enter your = Rapid Access Cloud username and password.
See the section Verifyi=
ng Connectivity to confirm the VPN connection is working.
Install and configure the = openvpn package for your distribution. For example, on Ubuntu 16.04, run th= e following commands:
sudo ap= t-get update sudo apt-get install openvpn unzip
Download the Rapid Access = Cloud VPN configuration files. VPN access is configured per region:<= /p>
Unzip the file and move th= e contents to /etc/openvpn/. For example:
wget ht= tps://vpn-yyc.cloud.cybera.ca/vpn-yyc-ovpn.zip unzip vpn-yyc-ovpn.zip sudo mv ca.crt client.conf client.crt client.key /etc/openvpn/
Start the OpenVPN client s= ervice:
sudo sy= stemctl start openvpn@client Enter Auth Username: Enter Auth Password:
Enter your Rapid Access Cloud username/email address and password =
to authenticate.
See the section Verifyi= ng Connectivity to confirm the VPN connection is working.= p>
To disconnect from the VPN= :
sudo sy= stemctl stop openvpn@client
To verify you have successfully connected to the VPN, please do the foll= owing
Pinging the VPN Gateway will confirm you have successfully connected and= can communicate with the VPN server. Open a command-prompt and run the fol= lowing:
ping 10= .254.0.1
Each of your instances has a private IPv4 address:
10.1.x.y
. 10.2.x.y
.Open a command-prompt and run the following:
ping 10= .1.x.y
where x.y
is the rest of your instance's IP address. F=
or example:
ping 10= .1.11.44
For the ping to work, make sure your instance's Security Group allows IC= MP traffic
You may need to alter your security groups to allow traffic from the VPN= server to reach your instance. You will see Calgary VPN traffic reaching y= our instance locally from 10.1.8.18, while Edmonton VPN traffic will reach = your instance from 10.2.1.9
Example rules:
Calgary: Allow ALL ICMP from 10.1.0.0/20
Edmonton: Allow ALL ICMP from 10.2.0.0/20
Calgary: Allow TCP Port 22 from 10.1.8.18/32
Edmonton: Allow TCP Port 22 from 10.2.1.9/32