Knowledgebase
|
Configuring a VPN Appliance as an Internet Gateway
Posted by on 16 June 2017 02:01 PM
|
|
VPN Appliance Powered by OPNsenseThe eApps VPN Appliance is powered by OPNsense, a leading open source network security platform based on FreeBSD. See https://www.opnsense.org. This powerful security platform will allow you to easily create an Internet Gateway, which will allow you to connect from your local network through the VPN Appliance, and then out through the eApps network to the Internet. All of your traffic that is routed through the VPN Appliance will appear to be coming from the eApps network that is located in the US. The configuration of the VPN Appliance is done using the OPNsense user interface. This guide explains how to set up your VPN Appliance as an Internet Gateway. If you would like to have eApps perform the setup and configuration for you, contact sales@eapps.com. Create an Internal Certificate AuthorityLog in to your VPN Appliance dashboard and navigate to System > Trust > Authorities and click on + Add or import CA. Use the following settings:Descriptive name: VPN CAClick Save Create a VPN UserLog in to your VPN Appliance dashboard and navigate to System > Access > Users and click the + icon to add a new user. Use the following settings:Disabled: UncheckedClick Save You will be redirected to a page to create the certificate for the user. Use the following settings: Method: Create an internal CertificateLeave the rest of the settings at their default. All fields should already be populated with the values from the Certificate Authority you created earlier. You will be redirected back to the System: Access: Users page to finish creating the user. Click Save again at the bottom of this page. Configuring OpenVPNLog in to your VPN Appliance dashboard and navigate to VPN > OpenVPN > Servers > and click the icon to the left of Use a wizard to setup a new server. Use the following settings:Type of Server: Local User AccessFill in the VPN: OpenVPN: Servers: Add a Server Certificate page with the following settings: Descriptive name: VPN CERTClick Save On the VPN: OpenVPN: Servers: Server Setup page, use the following settings: ===General OpenVPN Server Information===Click Next On the VPN: OpenVPN: Servers: Firewall Rule Configuration page, make sure both the Firewall rule and the OpenVPN rule are checked and click Next Click Finish Configuring Mobile and Desktop ClientsLog in to your VPN Appliance dashboard and navigate to VPN > OpenVPN > Client Export and scroll down to Client Install Packages. You should see the user you created earlier. Select your client platform from the dropdown next to the user and download the corresponding OpenVPN package. There are links at the bottom of the page for desktop and mobile client setups.Enable FirewallYou will need to enable the VPN Appliance firewall in order to browse the internet from your mobile and desktop clients. Note that with this change you will no longer be able to access the VPN Appliance GUI using its public IP address. You will have to connect to the VPN you just created and use your VPN Appliance private IP address in order to access the GUI. Make sure you establish a connection to the VPN with your mobile or desktop clients before you enable the firewall in the GUI.Log in to your VPN Appliance dashboard and navigate to Firewall > Settings > Advanced Uncheck the box next to Disable all packet filtering Click Save TestingOnce your client is set up, visit https://www.whatismyip.com and make sure the IP address displayed is the public IP address assigned to your VPN Appliance. | |
 (0 vote(s)) |
Comments (0)