This article describes how to identify the Client-to-Site VPN URLs relevant for your Organization, which are required to establish a secure client-to-site VPN connection to your Cloud Servers on the CaaS infrastructure. Connection through a Client-to-Site VPN is necessary in order to access or administer your virtual servers via SSH or Windows Remote Desktop (RDP) protocols using the server's private IP address.
The CloudControl UI will indicate whether Single-Factor VPN Authentication or Multi-Factor VPN Authentication is required for a given VPN URL. For further information see Introduction to Single-Factor and Multi-Factor Client-to-Site VPN Authentication.
Please refer to How to Establish a Secure VPN Connection to Access your Cloud Network and Servers for the complete set of requirements, summary of steps and links to appropriate instructions.
- Any of your users can identify the VPN URLs relevant for your Organization but only users with the VPN role can connect to the VPN and access their Organization's cloud resources.
- To add the VPN Role to a user, see How to Manage the Primary Administrator User and other Sub-Administrators
Content / Solution:
How to identify the VPN links relevant for your Organization
From the Home screen, click on the Compute button, and select Support and Additional URLs from the drop-down menu:
The Support and Additional URLs dashboard will be displayed. Click on the VPN Links tab:
Every VPN link will have a tooltip indicating whether or not it requires Single-factor VPN Authentication or Multi-factor VPN Authentication (see Introduction to Single-Factor and Multi-Factor Client-to-Site VPN Authentication) and this applies to both of the two distinct types of VPN links:
1. Geographic Region VPN
In most Geographic regions, the first link with the name of the Geographic Region (in this case Australia) provides a link to the Geographic Region VPN. Often referred to in abbreviated form as the "Region VPN", the Geographic Region VPN connects you to all of your Cloud Network Domains/Cloud Networks in all data centers in the Geographic Region. This provides additional convenience. However, all such VPN traffic is routed through the primary data center in the Geographic Region (i.e. EU1, NA1, AU1, AP1, etc.), which reduces performance when connecting to other data center locations in the region.
Note that some Geographic Regions do not provide a Region VPN. In that case, the link will simply refer you to this documentation page.
2. Data Center Location VPN
The second type of link is to the Data Center VPN (in this case Australia - Sydney, Australia - Melbourne etc). The Data Center VPN connects you with a secure link directly to the private IP addresses associated with the Cloud Network Domains (MCP 2.0) or Cloud Networks (MCP 1.0) in that specific data center. This provides the best link performance but requires that you switch to a different VPN if you wish to access Cloud Network Domains/Cloud Networks in a different data center location. For more information on data center locations, see Introduction to Multiple Data Center Locations in the same Geographic Region.
NOTES: For performance reasons, there is no "global" VPN that connects you to data center locations in different Geographic Regions.
Additionally, you can access the Region VPN by using Region VPN button on the Home Dashboard:
You can access the Data Center VPN by using the Data Center VPN button on the Data Center dashboard: