Provision the VPN

Integrate DuploCloud with OpenVPN by provisioning VPN users

DuploCloud integrates with OpenVPN by provisioning VPN users that you add to the DuploCloud Portal. This integration allows users to securely access your cloud infrastructure. Below are the steps for setting up OpenVPN and managing VPN users.

Accepting OpenVPN in the Azure Marketplace

  1. Navigate to Azure Marketplace and accept OpenVPN.

  2. Follow the instructions in the Quick Start Guide provided in the Marketplace to set up OpenVPN.

Provisioning the VPN

  1. In the DuploCloud Portal, navigate to Administrator -> System Settings.

  2. Click on the VPN tab.

  3. Click Provision VPN.

Note: In Azure environments, VPN provisioning may require manual setup by the DuploCloud team. If VPN access does not become available shortly after provisioning, please contact DuploCloud Support for assistance.

Provisioning the VPN and Creating a User

  1. In the DuploCloud Portal, navigate to Administrator -> Users.

  2. Click Add. The Create User pane displays.

    The Create User pane
  3. Enter a valid email address in the Username field.

  4. In the Roles field, select the appropriate role(s) for the User.

  5. Select Provision VPN.

  6. Click Submit. The user will be provisioned with VPN access and can connect using the OpenVPN credentials.

Deleting VPN Access for a User

To remove VPN access for a user, refer to the section Deleting a VPN user (Administrator privileges are required).

Opening a VPN Port

By default, users connected to a VPN can SSH or RDP into virtual machines and access an application's internal Load Balancers and endpoints. However, to connect to other Services, such as databases, you must configure the appropriate security rules to allow traffic from the VPN.

  1. In the DuploCloud Portal, navigate to Administrator -> Infrastructure.

  2. Select the Infrastructure that hosts your Tenant from the NAME column.

  3. Click the Security Group Rules tab.

  4. Click Add. The Add Infrastructure Security pane displays.

  5. Fill in the fields:

Name

A descriptive name for the rule (e.g., VPN Access to DB).

Subnet

Select the DuploCloud-managed subnet (e.g., custom-default).

Direction

Inbound

Source Type

IP Address

Source Value

Enter the CIDR block for your VPN (e.g., 10.10.0.0/24).

Source Port Range

* (or specify if you're limiting source ports)

Destination Type

IP Address (leave blank to allow traffic to all destinations in the subnet, or specify a target if needed)

Destination Value

Leave blank or enter an internal IP range

Destination Port Range

Enter the port or port range required (e.g., 5432 for PostgreSQL, or 6379 for Redis)

Priority

Enter a priority number (typically between 100 and 4096). Lower numbers = higher priority.

Protocol

TCP, UDP, or Both, depending on the service

Action

Allow

  1. Click Add to save the security rule and allow VPN traffic to the specified internal service.

Last updated

Was this helpful?