Connecting to a digital ocean Private Network

Posted August 9, 2016 8.4k views
NetworkingUbuntu 16.04


I am building out an infrastructure for an application that my team is building. I currently have 4 droplets (may end up being 5 droplets) each running Ubuntu 16.04. I have one droplet acting as a reverse proxy server (running NGINX), one droplet acting as my Application server, one application acting as my Database Server and one droplet is a Continuous Integration server (running jenkins). I want to make sure that all but the reverse proxy server are only accessible over the Private network that you guys provide. How ever, I obviously still want to be able to access these droplets even though they are only accessible on private Networking. How could I do this? Do I need to setup openVPN and have that connect to the your Private Networking or what?

Thanks for your help!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Submit an Answer
1 answer

You’ve got a few different options here. In all cases, this guide should help you get a firewall set up on your droplets.

You could decide to keep SSH on the other droplets accessible on the public network (on a non-standard port) or you could SSH to the server hosting your reverse proxy and then ssh from there to your other droplets. A VPN would be another option. Additionally you can access your droplets via the console in the control panel though you will need to set up a password for your user to do so.

by Shaun Lewis
Learn how to setup a firewall with UFW on an Ubuntu / Debian cloud server.
  • How would I set up the VPN? I would rather restrict all SSH activities to only being allowed on the private network. And I would rather use my own terminal rather than the online control panel one.

    • Absolutely. That makes sense. This guide will walk you through setting up a VPN on a droplet. You can then configure the firewall on all the droplets except the nginx reverse_proxy to only accept connections coming from the VPN server’s IP address.

      by Justin Ellingwood
      Want to access the Internet safely and securely from your smartphone or laptop when connected to an untrusted network such as the WiFi of a hotel or coffee shop? A Virtual Private Network (VPN) allows you to traverse...