Does Digital Ocean's VPS hosting supports VPN behind NAT

Posted May 16, 2017 3.9k views
VPNUbuntu 16.04

I want to purchase a Vps from digital ocean, i want to set up this Vps as an ipsec VPN client..
Here is the usage scenario
I need to connect to my partner’s network, the connection must go through a VPN tunnel ( IPSEC protocol ) to be specific. The configuration will be site to site VPN. I am looking to set up a site to site IPSEC vpn connection to my partner’s network. I will be using strong swan or open swan as my ipsec client.

Can i achieve this with Digital ocean’s vps ?without buying hardware vpn routers ?

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Submit an Answer
1 answer

Hi @salimsaid

You   <===>   VPN server on Droplet <===> VPN client on Droplet   <===>   Partner

Yes, that’s possible to setup. Doing double VPN connections is always a little tricky to configure correctly.

And as for VPN routers, most of them are simply running OpenVPN/StrongSwan, so there’s no magic there - usually just a graphical interface with a wizard.

  • Hey @hansen ,, thanks for reply

    Am a bit new here, am still not very aware of the droplet concept but i would like to know if its possible to do the connection directly from my vps without having to purchase an extra vpn service or droplet as they call it here at digital ocean ?

    A little more explanation to clear the question ..
    Me ==> buy digital ocean vps <== install strong swan & establish ipsec connection from within vps ==> my partner

    i do not want to provision an extra droplet for vpn apart from provisioning a VPS ..
    I hope my question is clear , thanks.

    • @salimsaid

      That’s okay. DigitalOcean is an unmanaged VPS provider, which they call Droplets. That’s essentially a full server, where you choose an OS and then you have full control and responsibility over what happens on the server.

      I wasn’t talking about setting up multiple Droplets, but you need to run both a VPN server and VPN client on the Droplet.

      You (VPN client) <tunnel> Droplet (VPN server) <internal> Droplet (VPN client) <tunnel> Partner (VPN server)