Question

VPN back to the office

Posted December 17, 2020 342 views
VPN

Good afternoon,

We are trying to setup a VPN back to our office from a droplet. The setup would look like this:
1 - Remote employee has OpenVPN on his laptop, and connects to the droplet. Once connected, all the internet traffic goes through the droplet.
2 - If said employee requests a connection to an office resource (such as a file server) they will have access to it without a problem. It is not necessary for any of the resources to be auto-discovered (they are all assigned via their IP addresses).

I can’t see this being very complicated, but I can’t for the life of me find a tutorial that would help me achieve that.

Thanks in advance

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
Submit an Answer
2 answers

Hi @YOWGuy,

To fulfill your needs, you need to do two things. The first one is to create a VPN, it can be any type of VPN, it doesn’t matter. Having said that, DigitalOcean has some tutorials on how to configure a VPN. Here is one :

https://www.digitalocean.com/community/tutorials/how-to-set-up-an-openvpn-server-on-ubuntu-18-04

The next step would be to allow incoming traffic to office resources only from that OpenVPN IP Address. That can be done via your network router. Once you do deny all other Incoming traffic apart from the VPN’s IP address, then you are done.

Regards,
KFSys

by Mark Drake
OpenVPN is a full-featured, open-source Secure Socket Layer (SSL) VPN solution that accommodates a wide range of configurations. In this tutorial, you will set up an OpenVPN server on an Ubuntu 18.04 server and then configure access to it from Windows, OS X, iOS and/or Android devices. This tutorial will keep the installation and configuration steps as simple as possible for each of these setups.

Hi,

@YOWGuy wrote
2 - If said employee requests a connection to an office resource (such as a file server) they will have access to it without a problem. It is not necessary for any of the resources to be auto-discovered (they are all assigned via their IP addresses).

I guess the office resources are available just in office LAN with local (private) IP addresses. In that case you need to configure site-to-site VPN between your office and a droplet. Then, employees connected to a droplet would have an access to the office local network.
You could consider an even simpler configuration with single VPN gateway located in the edge of your office network. Employees connected to it would have an access to the company’s internet and LAN.

Besides the tutorial pointed by @KFSys, I recommend OpenVPN community’s ‘how-to’ guide.