Question

Access Private Network from Droplet

Posted September 30, 2021 113 views
NetworkingVPNDigitalOcean VPC

Hello community,

I have the following challenge I would appreciate any help,

I created a Droplet in Digital Ocean which I will use as a Back-End Server for an application, this server requires to connect to a database that is hosted by another provider. Of course The Droplet does not reach the database server as it is inside a Private Network.

What would be the best approach for this?

I contacted the provider that hosts that database and they told me: “We can configure an additional point-to-point VPN, would only require your new endpoint IP, internal subnet and I can send you the private shared key and the encryption parameters”

I’m wondering,
Do I need to configure a PPTP?
What’s my endpoint IP? Is that the Public IP of the droplet?
What’s my internal subnet? Do I require a VPC for this?

And what would I do with the private shared key, given by the provider?

I know it’s specific but any help would really really help!

Thanks!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
Submit an Answer
1 answer

Hello there,

It is not possible to create a site-to-site VPN using DigitalOcean droplet because of a restriction that prevents configuring direct server return and using Droplets as routers and site-to-site VPN gateways. You can find more details about the limitations here: https://docs.digitalocean.com/products/droplets/#limits

One of the solutions will be to set up an IKE VPN server:
https://www.digitalocean.com/community/tutorials/how-to-set-up-an-ikev2-vpn-server-with-strongswan-on-ubuntu-20-04

Once this is set up you can connect to the Droplet using any of the VPN Clients shown in the article which can be further bridged to the entire local network.

I hope it helps!

by Jamon Camisso
A virtual private network, or VPN, allows you to securely encrypt traffic as it travels through untrusted networks, such as those at the coffee shop, a conference, or an airport. In this tutorial, you'll set up an IKEv2 VPN server using [StrongSwan](https://www.strongswan.org/) on an Ubuntu 20.04 server and learn how to connect to it with Windows, macOS, Ubuntu, iOS, and Android clients.