Setting up client VPN¶

You can only provision VPN from the Cloud management portal.

Follow these steps to setup client VPN by using the cloud management portal:

• Press VPN and then OpenVPN in the sidebar menu.

• Click the + (plus) symbol in the lower right corner.

• Give your VPN service a name and optionally a description.

• Select your SSH-keys.

• Under Admin IP ranges, enter the IP ranges (comma-delimited or a single range) that should be able to do initial VPN configuration, see below.

  • This should be one ore more subnets in CIDR notation. We recommend your current public IP address. If you use a single IP address, it needs to use a /32 CIDR suffix.

• Under Private network, select the subnet that you want to access.

  • This is also the network added to the VPN instance. If you want to reach networks, you can add more networks later on. The network you choose needs to have a router connected as the instance will use a floating IP.

• Under pfSense instance flavor, select the compute flavor you want for your VPN. We recommend the default gp.1x2 for implementations up to 10 users for management use. For more users, consider adding an extra core per 10 users. For performance oriented users, we recommend the hp.4x6 flavor.

• If you want backup, press the checkbox and enter the amount of days.

• Press Create. VPN creation takes considerably longer than setting up a standard instance. This is due to the (comparably) long first time bootstrap of the VPN instance when generating ciphers and so on.

• You are now ready to proceed to do the initial configuration of the service.