Configuring a connection to a VPN client

This section explains the procedure for configuring a connection to a VPN client over SSL-VPN.

Note: This procedure can be used in the Japan and UK regions.
Note:

This procedure has been confirmed using the following SSL-VPN client PC environment.

  • OS: Windows 7 Professional 64-bit, Japanese Version
  • VPN Client: OpenVPN 2.3.12
  1. Install OpenVPN.

    Download the installer from https://www.openvpn.jp/download/, and then perform installation.

    For details on the installation procedure, refer to the "K5 IaaS Features Handbook".

  2. Edit the client configuration file.

    In the sample-config folder in the installation directory, copy the file client.ovpn to the config folder.

    It is necessary to save the CA certificate, the client certificates and private keys created in Creating certificates for SSL-VPN to the config folder.

    Open client.ovpn in the config folder using a text editor, and edit it as follows.

    • Lines beginning with "proto"

      proto tcp

    • Lines beginning with "remote"

      remote <Global IP Address of Connection Target Virtual Router> 443

    • Lines beginning with "ca"

      ca <CA Certificate Name>

    • Lines beginning with "cert"

      cert <Client Certificate Name>

    • Lines beginning with "key"

      key <Client_private_key_name>

    • Lines beginning with "comp-lzo"

      #comp-lzo
    Note:

    Editted example:

    proto tcp
remote xxx.xxx.xxx.xxx 443
ca ca.crt
cert client.crt
key client.key
#comp-lzo
  3. Start the OpenVPN client.

    Right-click the OpenVPN client icon, and select "Run as administrator" to start the OpenVPN client with administrator privileges.

  4. Connect over SSL-VPN.
    Note:

    To connect to a virtual server after establishing a SSL-VPN connection, it is necessary for the following to be configured to allow VPN tunnel network addresses to access the relevant virtual server.

    • The firewall of a virtual router for which SSL-VPN functionality has been configured
    • The security group allocated to the virtual server

    Start the client PC terminal, right-click the OpenVPN icon in the system tray, and then select [Connect].

    If the OpenVPN icon in the system tray turns green, then the SSL-VPN connection has been established.

    It is possible to connect to the virtual server by specifying its private IP address on the SSL-VPN client PC.

    * If you wish to terminate the SSL-VPN connection

    To terminate the connection, right-click the OpenVPN icon in the system tray, and select [Disconnect].

    If the OpenVPN icon turns grey, then the SSL-VPN connection has been terminated.