VPN Server
This is a special role that can be installed on any Server, except a server with the cluster component role. A VPN server lets you access services from outside the VPC by local domain names or private IP addresses.
When to Use the VPN Server
A VPN server is convenient for providing access to services that should not be available from the Internet. For example, a project may use a monitoring tool with a web interface hosted in a service cluster, while the user service runs in a public cluster. Access to such a web interface can be obtained through the SHIPOPS VPN server.
Network Requirements
The VPN server uses UDP port 51820 on the public network interface of the server on which you install the VPN server role. Therefore:
- Check that this server has a public IP address, and use it.
- Make sure this port is open in the cloud provider's firewall.
To manage access to the VPN server, the SHIPOPS web interface uses a list of named clients. You need to create at least one client and download the WireGuard client configuration file.
In some countries, users may have problems using a VPN client because of current restrictions. One simple workaround is to configure port 53 for the server instead of 51820, and if port 53 is occupied by the DNS Server role, use port 5353. If this does not help either, use tools for counteracting DPI systems.