The CloudVPN router uses the following three connections to connect to the CloudVPN Portal. You can see which one of these connections are active in the Cloud Connection Status component. When you have one of three connections, your CloudVPN router will report being online.
- VPN connection: This connection can be used to securely access your machine remotely as if you are on-site. The VPN connection is required to use VNC and HTTP services as well. The connection can be turned off.
- Configuration connection: This connection is used to send configuration settings, firmware upgrades and settings from the CloudVPN Portal to the CloudVPN router. This MQTT connection should always be active.
- Data logging connection: The CloudVPN router uses this connection to send machine data to the CloudVPN Portal, which is necessary and only active when you are logging data (Cloud Logging) or want to receive notifications about important machine events (Cloud Notify).
VPN server location
The CloudVPN router chooses the VPN server based on its location. The location is based on the CloudVPN router's IP-address. This is called GeoIP. You can overrule this by manually entering a location and then switching VPN off and back on again.What connection problem do you have?
Please select what connection problem you are encountering with your CloudVPN router:
- I'm having trouble with getting my CloudVPN router online
- I'm having trouble with establishing a VPN connection
I'm having trouble with getting my CloudVPN router online
By default, all connections use the standard way out of your corporate network to connect to the CloudVPN Portal (TCP traffic over port 443). This port is blocked by some corporate networks. The first troubleshooting step should therefore be to check if your firewall isn't blocking the CloudVPN router's outgoing connections. You can also check if you need to use a proxy server for outgoing traffic.
You can very easily check this by using the same entry point on your laptop or mobile device and see if your firewall isn't blocking the CloudVPN router's outgoing connections. For a wired connection, connect the ethernet cable in the CloudVPN router's WAN-port to your laptop and see if you can use the internet with this cable. Please make sure your laptop can't connect to the internet with a different connection. For a wireless connection, connect to the same Wi-Fi network as the CloudVPN router. For a cellular connection, check if you can use the internet with the SIM-card in your mobile phone and if that SIM card has sufficient signal quality.
- If you can't use the internet, the problem is in your local network. Please contact your network administrator to allow the required outgoing connection (TCP traffic over port 443).
- If you can use the internet, please continue troubleshooting in this article.
I'm having trouble with establishing a VPN connection
First, you need to go to the CloudVPN Portal and see if you have an active VPN connection in the Cloud Connection status component. If the VPN connection has a green light, you have an active VPN connection. If you can't connect to VPN while you have this green light, you are having trouble with the VPN Client on your laptop
I don't have an active VPN connection
When your CloudVPN router is online, but you don't have an active VPN connection, something is probably blocking the CloudVPN router's VPN connection to the CloudVPN Portal. Please check if any of the following common issues are causing the problems.
- The very first package sent by the CloudVPN router may be considered unencrypted as the OpenVPN handshake takes place prior to the TLS handshake. For this reason an exception may be required on firewall rules that block non-SSL traffic over SSL-ports.
- When you have set your VPN settings to UDP traffic, port 1194 needs to be opened in your firewall. If you failed to do so, this is blocking your VPN connection. To resolve this problem, open port 1194 in your firewall, or switch your VPN settings back to TCP traffic.
- When you have set up Stealth Mode, you need to open port 8443 on your firewall. If you failed to do so, this is blocking your VPN connection. To resolve this problem, open port 8443 on your firewall, or turn off Stealth Mode if this is possible.
- If your corporate firewall uses application protocol filter, you may need to whitelist the application protocols used by the CloudVPN router for establishing a VPN connection (HTTPS, OpenVPN and MQTT).
- If your corporate firewall uses SSL and/or deep packet inspection, your firewall may change the SSL-certificate of the connection. Because the secure connection is being altered by the inspection, the CloudVPN Portal can't verify the safety and will refuse the connection. You need to create exceptions to allow a VPN connection between the CloudVPN router and the CloudVPN Portal.
I can't establish a VPN connection from my laptop
When you have an active VPN connection, but your VPN isn't working, the problem is likely not between your CloudVPN router and the CloudVPN Portal but between your laptop and the CloudVPN Portal.
Your laptop uses CloudVPN's VPN Client to establish a VPN connection. First, you need to check if your laptop's antivirus isn't blocking the VPN Client. To do this, see if you can go to https://localhost:9250 in your browser. If this can't be opened, please turn off your antivirus briefly to see if that is causing your problems.
- If your antivirus is blocking the VPN Client, please contact the supplier of the antivirus software on how to allow use of your VPN Client.
- If your antivirus isn't blocking the VPN Client, please continue with the steps below.
Please check if any of the following common issues is causing your problems.
- The very first package sent by the VPN Client may be considered unencrypted as the OpenVPN handshake takes place prior to the TLS handshake. For this reason an exception may be required on firewall rules that block non-SSL traffic over SSL-ports.
- When you have set up Stealth Mode for your VPN Client, you need to open port 8443 on your firewall. If you failed to do so, this is blocking your VPN connection. To resolve this problem, open port 8443 on your firewall, or turn off Stealth Mode if this is possible.
- Check if a proxy server should be configured in your network configuration. You can configure a proxy server on the webpage of the VPN Client (https://localhost:9250). More information can be found in this article.
- If your corporate firewall uses application protocol filter, you may need to whitelist the application protocols used by the VPN Client for establishing a VPN connection (HTTPS and OpenVPN).
- If your corporate firewall uses SSL and/or deep packet inspection, your firewall may change the SSL-certificate of the connection. Because the secure connection is being altered by the inspection, the CloudVPN Portal can't verify the safety and will refuse the connection. You need to create exceptions to allow a VPN connection between the VPN Client and the CloudVPN Portal.
Problem solved?
Problem solved? Good! If not, please contact us.This article can also provide more information on VPN connection issues.
Comments
0 comments
Article is closed for comments.