Home Networking

Networking

American Cloud networking resources.

By Dane and 1 other

• 8 articles

Create/Manage a Virtual Private Cloud Network

1. A VPC is a private, isolated section of a public cloud that provides a secure and customizable environment for deploying and managing resources. It allows you to control your network configuration, including IP address ranges, subnets, and security settings. VPCs are often used to create a private network within a public cloud, offering enhanced security and flexibility. Key features of a VPC include: - Isolation: VPCs are logically isolated from other networks in the public cloud, ensuring that your resources are private and secure. - Customization: You can define custom IP address ranges, create subnets, and set up network access control lists (ACLs) and security groups. - Scalability: VPCs can scale on demand, allowing you to add or remove resources as needed. - Connectivity: VPCs can be connected to on-premises data centers via secure connections like VPN or Direct Connect. - Security: VPCs offer robust security features, including network ACLs, security groups, and encryption. This ability to subnet the primary VPC provides the flexibility to create as complex of a networking scheme as needed, with the same functionality and segmentation that a traditional subnetted design would provide. Create The VPC 2. Navigate to https://app.americancloud.com 3. Select "Networking" from the left navigation pane. 4. Select "+ CREATE VPC NETWORK" 5. Determine the zone to create the VPC in. Keeping in mind the premium cluster resides in US-West-0 and only standard clusters reside within US-West-1. 6. Select a project to create the VPC in. 7. - Select the IP Address Range Prefix. This is a manual input based on your networking needs and design. - Determine the network size based off network design and planning. Take into consideration the number of networks necessary for your environment. - Name the VPC based off a naming convention of your choosing. - VPC description can be anything that supports the environmental design and navigation. - Lastly, choose the between monthly or hourly billing method. A VPC will cost a standard $12 a month. 8. Select "CREATE VPC" 9. "Hold on! Creating VPC network. Might take a few minutes..." will appear top of the screen while the VPC is being created. Tip: A VPC will NOT delete itself. Therefore, if you wish to destroy and not pay for a VPC you must manually delete. Create The Network 10. Once the VPC is created we must add an internal network to being building our environment. Select "+ ADD NETWORK". 11. - Enter a name based off your naming convention for networks within the VPC. - Select the desired Network Offering. - Source NAT - This service enables the virtual router's public IP address to be applied to outgoing network traffic. This is the standard for local nodes to access the internet. - External (Public) load-balancing - This service redirects all traffic to a public IP address of a virtual router to other network routers. - Internal (Private) load-balancing - This service enables traffic entering the network to be balanced across different VMs within the network itself. - Determine the gateway for the network based on the VPC settings and network design. This field is where to define the default-gateway that will be for the new network. This is what the internal IP address would be on a router or firewall in a traditional network. Typically this is the first- or last-usable address in an IP range (ex. in 10.10.20.0/24, first-usable would be 10.10.20.1; last-usable would be 10.10.20.254). - Establish the Netmask required for the network. - You can assign an external id for the network. This allows the creation of tags to the new network. - Select the default ACL. This field provides the ability to assign a default 'permit-all (default_allow)' or 'deny-all (default_deny)' rule for the new network. Individual exceptions can be configured within the VPC. Select "CREATE NETWORK" 12. An instance can quickly be added to the network by selecting the three dots on the corresponding network. Then selecting "Add Instance". Tip: For more information on creating an instance Click Here. 13. By selecting the drop-down arrow we can list the Instances running in the network. Public IP Addresses 14. Select "Public IP Addresses" from the top menu. 15. Add a port forwarding rule by selecting "Add Port Forwarding Rule" on the corresponding IP Address and VM which can be identified in the far left. Already created or active PF rules will be listed below the IP table. 16. Create a rule: - Select the VM to add the rule to. - Select the network for the rule. - Select between TCP or UDP protocols. - Add a start and end private port - Then select the start and end public port. Click "Submit" 17. The newly created rule will be listed in the active rule table as depicted below. 18. To delete a PF rule simply select "Delete Rule". A warning block/last chance block will be presented. To proceed with the deletion select "Delete Port Forwarding Rule". 19. If another IP Addresses is needed select "+ Acquire New IP". 20. Select the Network to add the ip to. A additional ip will cost $1 a month. Select "Add IP" 21. The newly acquired ip will be listed in the ip table. To enable the ip as a static nat for a VM select "Enable Static NAT". 22. Select the network and vm to assign static nat to. Select "Enable Static Nat". 23. By listing the instances within the Network, you can see the static nat for the IP has been enabled. 24. To disable static nat for the vm select "Disable Static NAT". A warning/last chance block will appear select "Disable Static NAT" to proceed. 25. After disabling static nat, if the IP is no longer required, you can release the IP by selecting "Release IP". A warning/last chance block will appear select "Release IP" to proceed. 26. The table will update and show the IP no longer present. This will end your $1 a month requirement for the IP. Manage ACL 27. From the top menu tree select "ACL Lists". 28. To create and manage a custom ACL List select "+Add network ACL list". 29. Provide a name for the list and brief description of your choosing then select "Add ACL" 30. The newly created list will be added to the Network ACL Lists table. 31. Once the ACL is created we can add rules by selecting "+ Add ACL Rule". 32. - Rule Number: Rule numbers are used to prioritize and order the rules within an Access Control List, with lower numbers taking precedence over higher numbers. - CIDR List: Is a method used to specify a range of IP addresses in a concise manner to control access to network resources. - Action: Action is used to define whether the ACL rule is allowing or denying connection. - Allow - Deny - Protocols: Protocol is referring to network protocols which can be used to define the type of connection being allowed or denied in the ACL rule. Choosing the different protocol options will expand other fields to be filled out. See the additional fields under the below protocols. - All Choosing 'All' will allow or deny all network protocols for the ACL rule. - TCP TCP is a communication protocol that provides reliable, ordered, and error-checked delivery of data between applications over IP networks. - Start Port: This is where the network traffic originates. - End Port: This is the destination of the network traffic. - UDP UDP is a connectionless communication protocol that allows for the exchange of datagrams between applications over IP networks without requiring a dedicated connection. - Start Port: This is where the network traffic originates. - End Port: This is the destination of the network traffic. - ICMP ICMP is a network protocol used to send error messages and operational information about network conditions between hosts on an IP network. - ICMP Type - ICMP Code - Protocol Number: Protocol numbers are numerical values that identify the specific network protocol being used for communication, such as TCP, UDP, or ICMP. - End Port - Start Port - End Port - ICMP Type - ICMP Code Select "Add ACL" 33. Click here. 34. To delete the rule simply select the trash can icon associated with the rule. A warning/last chance block will present itself. Select "Delete" to proceed with the deletion. 35. The rule will be removed from the rule table. 36. To delete the ACL List simply select the corresponding trash can icon. A warning/last chance block will present itself. Select "Delete" to proceed. 37. The ACL list will be removed from the table. Remote Access VPN 38. Remote access VPN's enables individual users to connect to a private network from various locations. Remote access VPNs require setup on each client and each user must initiate the tunnel setup. Remote access VPNs are ideal for remote employees needing secure access to a corporate network 39. From the top menu select "Remote Access VPN" 40. Select the slider bar to activate the VPN connection. 49. Once activated the VPN status will read "Running" and display the IPSec pre-shared key needed for connection. 50. Next users must be added. Select "+ Add New User" 51. Provide a Username and Password for the user. Then store in a secure location for sharing. Select "Add User" 52. The user will be added and show an active state. 53. If that user is no longer needed. Remove it by selecting the trashcan icon associated with the user and select delete in the warning/last chance block. 54. If the VPN connection is no longer required, simply select the slider bar. This will deactivate the VPN connection. Tip: For further information creating a VPN on the local host Click Here.

Last updated on Feb 28, 2025

Create and Configure an Elastic Network in American Cloud

Create The Network 1. Navigate to https://app.americancloud.com 2. Click "Networking" 3. Click "Elastic Network" 4. Click "+ CREATE ELASTIC NETWORK" 5. - Select the zone in which to build the network. Keeping in mind US-West-0 provides a Premium and Standard cluster where US-West-1 only provides a standard cluster option. Choose based on your compute requirements. - Choose the project of which the network will reside. 6. - Enter Name This field allows for a name to be assigned to the Elastic Network. A unique name is suggested in order to easily differentiate between Elastic Networks, especially in regards to large-scale, multi-network environments. - Enter Description for Elastic Network This field allows for a unique definition of the Elastic Network. - Gateway This field is where to define the default-gateway for the new network. This is what the internal IP address would be on a router or firewall in a traditional network. This is the first-usable address in the IP range (ex. in 10.10.20.0/24, first-usable would be 10.10.20.1). - Netmask This field is for the subnet mask of the IP block based on the desired available IP addresses. Select 'CREATE NETWORK'. 7. Quick add an instance to the network by selecting the ellipsis menu then "Add Instance". A redirect to instance creation will occur. 8. View the instances associated with the network by selecting the drop-down arrow. The instances will be depicted as below. Manage Public IP Addresses 9. Manage assigned IP Addresses, Firewall Rules, and Port Forwarding Rules by selecting "Public IP Addresses" from the top menu. 10. To add a new Firewall rule select "Add Firewall Rule" to the corresponding IP address. 11. - Provide a source CIDR for the Firewall Rule. - Select the protocol required for the new rule. - Provide the protocol specifics ie... start and end port. Select "Add Firewall Rule". 12. Select "Add Port Forwarding Rule" 13. - Select the VM to add the Port Forwarding Rule to. - Select the protocol for new Port Forwarding Rule. - Identify and input the private start and end ports. Then provide the public start and end ports. These are determined based on your network design. Select "Submit" 14. The newly created Firewall and Port Forwarding Rules will be displayed in the associated tables below the IP Address. 15. To delete a rule simply select "Delete Rule" on the associated rule. On the warning/last chance block select "Delete Firewall Rule" to proceed. 16. American Cloud provides the ability to acquire new IP addresses based on customer's needs. The acquisition of a new IP address cost a standard $1 a month. To acquire select "+ Acquire New IP" in the upper right corner. 17. In the popup select "Add IP" 18. Should a requirement for static nat be necessary select "Enable Static NAT" under the associated IP address. 19. From the drop-down select the VM to enable static nat for. Then select "Enable Static Nat". 20. Confirm the static nat IP address from the network overview page. 21. To disable static nat select "Disable Static NAT". Egress Rules 22. Navigate to Egress Rules in the top menu. To add a new rule select "+ Add New Rule" in the top right. 23. Provide the required fields - Source CIDR for the egress rule. - Input the destination CIDR for new rule. - Lastly choose the protocol and the required protocol information. Select "Add Egress Rule" 24. The newly created egress rule will be added to the table. To remove the egress rule select "Delete Rule". Then in the warning/last chance block select "Delete" to proceed. Remote Access VPN 25. To enable Remote Access VPN. Select "Remote Access VPN" from the top menu. On the remote access vpn page select the slider bar to activate the vpn. Wait while the connection is being made. The vpn will be available when VPN Status reads "running". 26. Once the VPN is running, the IP and IPSec pre-shared key will be displayed. Remote access VPN's require user credentials. To add users select "+ Add New User". 27. In the popup provide a username and password for the user. Save the credentials in a safe location and select "Add User". 28. Once the user has been added wait for an "Active" state. The user can then access the VPN. 29. To remove a user select the trashcan icon associated with the user. In the warning/last chance block select "Delete" to proceed. 30. The user will be removed from the table list. To disable the VPN select the slider bar. Wait as the VPN is disconnected. Once disabled the VPN Status will read "Disabled".

Last updated on Feb 27, 2025

Creating a VPN Customer Gateway

1. Navigate to https://app.americancloud.com 2. Select "Networking" 3. Select "VPN Customer Gateway" from the top menu. 4. Select "+ Add VPN Customer Gateway" 5. Name - Input a custom name for the Gateway Project - Select the project for the Gateway to reside Gateway - Select the public IP address for the Gateway. This should be the public IP of the distant network. Possibly a Firewall device. CIDR List - In the context of a gateway, a CIDR list can be used to define the range of IP addresses that are allowed to communicate through the gateway. This can be used as a security measure to restrict access to a network or to specify the range of IP addresses that are allowed to connect to a VPN. The CIDR list can be configured on the gateway device or in the cloud-based network infrastructure to enforce these restrictions. - Select the CIDR List preferred IPSEC Pre-shared Key - IPsec (Internet Protocol Security) Pre-shared key (PSK) is a method of authentication used to establish a secure and encrypted communication channel between two devices over a network. PSK is a shared secret key between the two devices that is used to encrypt and decrypt data passing through the communication channel. This method of authentication is commonly used in VPN (Virtual Private Network) connections, where the PSK is shared between the VPN client and server to establish a secure connection. - There are several online tools that generate keys or OPENSSL can be used on the local machine to generate an IPSEC PSK by running: openssl rand -base64 24 - Create a PSK and add 6. IKE Encryption - Internet Key Exchange (IKE) is a protocol used to establish a secure and encrypted connection between two devices in a VPN (Virtual Private Network). Encryption in IKE is used to protect the exchange of security parameters and shared secrets during the establishment of the VPN connection. IKE uses various encryption algorithms, such as AES, DES, and 3DES, to encrypt and protect data transmitted between the devices, ensuring confidentiality, integrity, and authenticity of the data being transmitted. - Input the chosen encryption type IKE Hash - Internet Key Exchange (IKE) hash is a cryptographic function used to ensure the integrity of data transmitted between two devices in a VPN (Virtual Private Network) connection. The hash function generates a fixed-size message digest from the input data, which is used to verify that the data has not been modified or tampered with during transmission. IKE supports several hash algorithms, such as SHA-1, SHA-2, and MD5, that can be used to provide different levels of security and performance in the VPN connection. - Input the chosen hash type IKE DH - Internet Key Exchange (IKE) Diffie-Hellman (DH) is a key exchange protocol used to establish a shared secret key between two devices in a VPN (Virtual Private Network) connection. DH is used to generate a shared secret key without exchanging the key directly, thus protecting the key from interception. IKE supports various DH groups, such as DH Group 1, 2, 5, 14, 19, 20, 24, etc., that offer different levels of security and performance in the VPN connection. - Input the chosen DH Group IKE Version - Internet Key Exchange (IKE) Version is the version of the IKE protocol used to establish a secure and encrypted connection between two devices in a VPN (Virtual Private Network). IKE has undergone several revisions, with each version introducing new features and improvements to the protocol. IKE versions include IKEv1 and IKEv2, with IKEv2 being the most recent version. IKEv2 offers improved security, efficiency, and flexibility over IKEv1, making it the preferred choice for many VPN implementations. - Input the chosen version ESP Encryption - Encapsulating Security Payload (ESP) is a protocol used to provide encryption and authentication of data transmitted between two devices in a VPN (Virtual Private Network) connection. ESP encrypts the payload of IP packets, ensuring confidentiality, integrity, and authenticity of the data being transmitted. ESP supports various encryption algorithms, such as AES, DES, and 3DES, that can be used to provide different levels of security and performance in the VPN connection. ESP also provides optional support for data compression and anti-replay protection. - Input the chosen Encryption ESP Hash - Encapsulating Security Payload (ESP) hash is a mechanism used to ensure the integrity of data transmitted between two devices in a VPN (Virtual Private Network) connection. The hash function generates a fixed-size message digest from the input data, which is used to verify that the data has not been modified or tampered with during transmission. ESP supports various hash algorithms, such as SHA-1, SHA-2, and MD5, that can be used to provide different levels of security and performance in the VPN connection. - Input the chosen hash Perfect Forward Secrecy - Perfect Forward Secrecy (PFS) is a property of cryptographic protocols that ensures that even if the private key of a user is compromised, past communications are still protected. PFS achieves this by generating a new set of public and private keys for each session. This means that even if an attacker gains access to the private key, they will not be able to decrypt previously encrypted messages, providing an additional layer of security to the communication. PFS is commonly used in VPN (Virtual Private Network) and secure messaging protocols. - Input the chosen perfect forward secrecy 7. IKE Lifetime - Internet Key Exchange (IKE) lifetime refers to the duration for which the security associations (SA) established during IKE negotiations are valid. An SA is a security mechanism used to ensure the confidentiality, integrity, and authenticity of data transmitted between two devices in a VPN (Virtual Private Network) connection. IKE lifetime can be set by the VPN administrator, and the duration can vary from a few minutes to several hours, depending on the security requirements and network conditions. Once the IKE lifetime expires, the devices renegotiate a new SA to ensure continued secure communication. - Input the chosen lifetime ESP Lifetime - Encapsulating Security Payload (ESP) lifetime is the duration for which the encryption and authentication keys used by ESP to secure data transmitted between two devices in a VPN (Virtual Private Network) connection are valid. The ESP lifetime is defined by the VPN administrator and can vary from a few minutes to several hours, depending on the security requirements and network conditions. Once the ESP lifetime expires, the devices renegotiate new keys to ensure continued secure communication. The ESP lifetime can be configured to balance the security and performance requirements of the VPN connection. - Input the chosen lifetime Dead Peer Detection - Dead Peer Detection (DPD) is a mechanism used in VPN (Virtual Private Network) connections to detect if one of the peers has become unreachable or unresponsive. DPD monitors the state of the VPN connection and sends periodic requests to the remote peer to confirm its availability. If the peer fails to respond to the requests, the DPD mechanism considers it dead and initiates a new negotiation to establish a new VPN connection. DPD helps to ensure continuous availability and reliability of VPN connections. - Toggle disabled/enabled (Disabled by default) Split Connections - Split tunneling is a feature of VPN (Virtual Private Network) connections that allows some traffic to be sent through the VPN tunnel while other traffic is sent directly to the internet. With split tunneling, only the traffic destined for the corporate network is sent through the VPN tunnel, while other traffic, such as browsing the internet, is sent directly to the internet. Split tunneling can reduce the load on the VPN connection and improve the performance of internet-based applications. However, it can also pose security risks, as it can allow unencrypted traffic to bypass the VPN tunnel. - Toggle disabled/enabled (Disabled by default) Force UDP Encapsulation of ESP Packets - Force UDP encapsulation of Encapsulating Security Payload (ESP) packets is a technique used in VPN (Virtual Private Network) connections to improve the reliability and efficiency of the ESP protocol over networks that may block or interfere with ESP traffic. By encapsulating the ESP packets within User Datagram Protocol (UDP) packets, the VPN connection can bypass network restrictions and ensure that the ESP traffic is not dropped or modified. The UDP encapsulation can also provide additional security features, such as authentication and anti-replay protection. - Toggle disabled/inabled (Disabled by default) Select 'ADD VPN GATEWAY 8. The new gateway will be added to the table. To copy the IPSec preshared-key select the copy icon on the right. Use the trashcan icon to delete the gateway if necessary. Create Site-To-Site Tip: For more information on creating a VPC, see our VPC Creation Doc. 9. Select "VPC" from the top menu. 10. Select the desired VPC network for adding the site-to-site VPN. 11. In the top menu select "Site-to-site VPN" 12. Select the slider bar to activate the site-to-site VPN. Once the VPN is running select "+ Create VPN Connection". 13. In the drop-down select the customer gateway to be used during the connection creation and select "Create VPN Connection" 14. The connection will show in the table below. The state of the connection will change from Pending -> Connecting -> Connected. This process usually takes only a few moments. If failures occur check accuracies on both ends of the connection.

Last updated on Feb 28, 2025

Access Control Lists (ACLs)

Access Control Lists (ACLs) Understanding Access Control Lists (ACLs) Access Control Lists (ACLs) are an integral part of networking and are used to control access to network resources. ACLs are essentially a list of permissions that specify which networks and protocols are allowed or denied access to the network it is applied to. Properly configuring ACLs, can prevent unauthorized access, reduce the risk of network security incidents, and maintain the confidentiality, integrity, and availability of network resources. ACLs are only available when using a Virtual Private Cloud (VPC) To create a custom ACL follow the below steps: 1. Login to the Web Portal with a valid American Cloud account. 2. On the left navigation column choose 'Networking'. 3. Select an already created VPC. If no VPC is present Click Here to create a VPC. 4. Once the VPC is selected, click on'Settings'. 5. Choose 'Network ACL Lists'. 6. Choose '+Add network ACL list'. 7. Enter a unique name for the ACL under 'ACL List name'. 8. Enter a description for the ACL under 'Description'. 9. Click on 'ADD ACL' to create the new ACL. 10. Select the newly created ACL list and click '+ Add ACL Rule'. 11. Fill out the below fields to create the new ACL rule. Rule Number Rule numbers are used to prioritize and order the rules within an Access Control List, with lower numbers taking precedence over higher numbers. CIDR list CIDR list is a method used to specify a range of IP addresses in a concise manner to control access to network resources. Action Action is used to define whether the ACL rule is allowing or denying connection. - Allow - Deny Protocol Protocol is referring to network protocols which can be used to define the type of connection being allowed or denied in the ACL rule. Choosing the different protocol options will expand other fields to be filled out. See the additional fields under the below protocols. All Choosing 'All' will allow or deny all network protocols for the ACL rule. TCP TCP is a communication protocol that provides reliable, ordered, and error-checked delivery of data between applications over IP networks. - Start Port: This is where the network traffic originates. - End Port: This is the destination of the network traffic. UDP UDP is a connectionless communication protocol that allows for the exchange of datagrams between applications over IP networks without requiring a dedicated connection. - Start Port: This is where the network traffic originates. - End Port: This is the destination of the network traffic. ICMP ICMP is a network protocol used to send error messages and operational information about network conditions between hosts on an IP network. - ICMP Type - ICMP Code Protocol Number Protocol numbers are numerical values that identify the specific network protocol being used for communication, such as TCP, UDP, or ICMP. - End Port - Start Port - End Port - ICMP Type - ICMP Code Traffic Type Traffic type is how traffic flow is defined for the ACL rule. - Ingress: Traffic coming into a network - Egress: Traffic going out from a network Description Enter a custom description for the ACL rule.

Last updated on Mar 06, 2025

DNS Management

DNS Manangement - Getting Started American Cloud’s DNS Manager enables users to manage DNS records for each of their domains directly from the Web Portal. It supports most common DNS record types, including A, AAAA (quad A), CNAME, MX, TXT, NS, SOA, SRV, and CAA. Follow this guide to learn how to start using the DNS Manager. Understanding DNS DNS attaches human-readable domain names to machine-usable IP addresses. Instead of needing to know the IP address of the website you are navigating to, you can enter https://americancloud.com for example. Register the Domain American Cloud is not a domain registrar but our DNS Manager will work with any domain registrar. For example GoDaddy, BlueHost, HostGator, etc. Create the Domain Records Here you set your needed DNS records for a particular domain. 1. Log in to the Web Portal and select Networking. Click the Create under Manage DNS. 2. Click on Add A Domain Now. 3. Select the Project and enter your domain name in the Domain Name field. 4. After clicking Add Domain you will be able to add the records to your domain. Add DNS Records DNS records can associate specific domain names with pieces of information, such as a server’s IP address. After the domain has been created, you can immediately start adding and editing DNS records for it. See Manage DNS Records for instructions. You can also view each supported DNS record type to learn more about what it does and how to create it. - A and AAA Records - CNAME Records - MX Records - TXT Records - NS Records If you are migrating to American Cloud from another DNS provider, make sure you have added all of the necessary DNS records to DNS Manager before adding American Cloud’s name servers to your domain’s registrar. Use American Cloud’s Name Servers Once you are ready, set American Cloud’s name servers as the authoritative name servers for your domain. To do this, log in to your domain registrar’s control panel and set the name servers for your domain name to the entries below. See the instructions on your domain name registrar’s website for more information. - ns1.americancloud.org - ns2.americancloud.org

Last updated on Aug 30, 2024

Firewall

Firewall - Getting Started A firewall is a security mechanism that acts as a barrier between networks, typically between the internet and an internal network. It monitors and filters network traffic based on predefined rules to allow or block specific types of traffic. American Cloud allows self assigned firewall and port forwarding rules. During initial instance launch a few firewall rules will be established as default. These default rules are in place to ensure SSH and CMP graph are operational. To view and create firewall rules follow the following guidelines. Adding Firewall Rules Port rules are one of the criteria used by firewalls to control network traffic. Ports are numbered virtual endpoints on a network device that allow different types of data to be transmitted and received. Firewalls can be configured with port rules to allow or block traffic based on the specific ports being used. For example, a firewall may be configured to allow incoming traffic on port 80, which is commonly used for web traffic, while blocking traffic on port 22, which is commonly used for SSH (Secure Shell) access. Port rules are an important aspect of firewall configuration, as they help control the flow of data between networks and protect against unauthorized access or malicious activities. - Navigate to Firewall rules 1. In the navigation pane to the left select 'Cloud Compute' 2. In the list of instances select the desired instance to apply a rule 3. In the tabs select 'Settings' 4. Then in the navigation pane select 'Firewall' Default Firewall Rules Note The default ports opened during instance build. These ports are opened so the American Cloud CMP can communicate with SSH and the graphs presented in the Usage section. Select Add Firewall Rule To add a firewall rule select 'Add Firewall Rule'. Provide Specifics Input your Source CIDR, select a protocol, Start Port and End Port. Further information on Transfer Protocols coming soon! Created - The new firewall rule will be created. Create Port Forwarding Rule - Navigate to Port Forwarding rules 1. In the navigation pane to the left select 'Cloud Compute' 2. In the list of instances select the desired instance to apply a rule 3. In the tabs select 'Settings' 4. Then in the navigation pane select 'Port Forward' Add Port Forward Rule - Select ADD Port Forwarding Rule. Add Protocol and Port - Add protocol Private Port and Public Port. Select Submit. More information on Transfer Protocols coming soon! New Rule Creation Now rule will be created. Delete Firewall/Port Forwarding Rules To delete a rule simply navigate to firewall or port forwarding rules as previously described. Identify rule needing deletion and select "Delete Rule". In the warning/last chance block confirm deletion to continue.

Last updated on Mar 06, 2025

Load Balancer

Load Balancer - Getting Started What is a Load Balancer A Load Balancer can be used to help hand out tasks to multiple Compute Instances running the same application, so that one Compute Instance does not become over burdened with the use of the application. You will need to ensure that you have at least two identical Compute Instances capable of fully serving the needs of your users to be able to benefit from and use the Load Balancer. Create the Load Balancer Once you have an application that has been deployed on multiple Compute Instances, you are ready to use a Load Balancer. Simple instructions have been provided below. 1. Log in to the Web Portal, select Networking, and click Create Load Balancer. 2. Select the location of your Load Balancer and select your Project. 3. Choose your Network. 4. Select your Compute instance. 5. Set your Forwarding Rules, use the + ADD NEW RULE to add more forwarding rules. 6. Select your Protocol and Algorithm. 7. Enter a unique name or leave the auto generated name for your Load Balancer. 8. Review your information and click Create Load Balancer.

Last updated on Aug 30, 2024

Remote Access VPN

Remote Access VPN Setup for VPC 1. Log in to the Web Portal and select Networking. Under the VPC tab, select your VPC. If no VPC is created please, Click Here. 2. Under the VPC select the Settings tab and click Remote Access VPN. 3. Click the slider to Enable Remote Access VPN. 4. Once the Remote Access VPN is enabled the IPSec pre-shared key will be automatically generated. 5. Click on + Add New User and on New VPN User popup create username and password. 6. With the Public IP Address, IPSec pre-shared key, username, and password. The client can be setup. Remote Access VPN Setup for Elastic Network 1. Log in to the Web Portal and select Networking. Under the Elastic Network tab, select your Elastic Network. If no Elastic Network is created please, Click Here. 1. Under the Elastic Network select the Settings tab and click Remote Access VPN. 2. Click the slider to Enable Remote Access VPN. 3. Once the Remote Access VPN is enabled the IPSec pre-shared key will be automatically generated. 4. Click on + Add New User and on New VPN User popup create username and password. 5. With the Public IP Address, IPSec pre-shared key, username, and password. The client can be setup. VPN Connection VIA OS MacOS 1. In System Settings, click on Network on the left pane and then click on VPN. 2. At the bottom right, click Add VPN Configuration dropdown and select L2TP over IPSec. 3. Fill out the following fields. 1. Display name: unique name for VPN connection 2. Server address: Public IP Address of VPC 3. Account name: VPN username 4. Shared secret: IPSec pre-shared key 4. Click on Create once created test the connection by trying on the slider. Windows 1. Select Start > Settings > Network & internet > VPN > Add VPN. 2. Under Add a VPN connection, do the following: - For VPN provider, choose Windows (built-in) - In the Connection name box, enter a unique name for VPN connection - In the Server name or address box, enter the Public IP address for the VPN server - For VPN type, select L2TP/IPsec and enter your pre-shared key - Select Save 3. To connect to the new VPN connection, select Start > Settings > Network & internet > VPN 4. Next to the VPN connection you want to use, select Connect 5. When prompted, enter your username and password To verify that the VPN is connected look on the VPN settings page, the VPN connection name will display Connected underneath it. If no virtual machine is attached to the Elastic Network the client will fail to connect to the Remote Access VPN.

Last updated on Oct 03, 2024