Skip to main content

User Guide - Using multiple Connectors to increase reliability of Remote Access

Overview

In this document, we examine a WPC set up to meet the needs of a fictitious company. A startup has employees in Europe. Their employees need Remote Access to private resources running on AWS.

Owen is in charge of IT and Networking for this company. Owen is looking for a WPC solution that employees can use for secure access to the AWS private Network. He does not want to manage, install, and maintain WPC servers but wants to ensure that the access is very reliable so that there is no loss in employee productivity due to WPC being down.

To improve reliability, Owen wants to provide access to the private Network from two different CloudConnexa’s Regions: London and Frankfurt. This will ensure that access is maintained even if one of the Connectors running on the private Network goes down. Even though both London and Frankfurt Regions will provide connectivity for the private Network, to improve Network access performance, Owen wants to ensure that traffic to the private Network is routed via the London Region for employees that connect to London and for employees that connect to Frankfurt, the Frankfurt Connector is used to access the private Network. This optimized routing will automatically be taken care of by the smart routing feature of CloudConnexa.

Owen completes the signup process as shown here. During the signup process, Owen selects technop.openvpn.com as the web domain for the User portal. This domain uniquely identifies the WPC that will be set up by Owen and is used by Connect Client applications (WPC Client software) to identify the WPC that it needs to connect to.

Setup

A Network can be configured to have one or more Connectors. CloudConnexa will use Smart Routing to route traffic from the WPC to one of the Connectors belonging to the Network based on:

  • The geographic proximity of the Region that is the source of the traffic to the Region of the Network’s Connector

  • Network characteristics of the connectivity between source and destination Regions

  • Load balancing is used when multiple destination Connectors are connected to the same Region

  • If one or more of the multiple Connectors of the Network is down, the remaining Connectors that still provide connectivity to the private Network will be used

The instances running the Connectors will need to have NAT turned ON so that the incoming traffic to the private application servers has the source IP address set to the Connector instance’s private IP address.

The ability to route traffic flows originating from the private Network to the CloudConnexa WPC among multiple Connector instances depends on how your private Network infrastructure manages route prioritization and weighting. For example with AWS static routes, the most specific route in your route table that matches the traffic is used to determine how to route the traffic (longest prefix match).

Owen followed the steps shown below to make the AWS VPC with IP address range of 10.0.0.0/16 part of the WPC.

  1. Configured a Network to represent the AWS VPC and enters 10.0.0.0/16 as the Subnets for the Network. See, How to add a Network.

  2. Owen configured the Region of the first Connector as Frankfurt.

  3. Clicked on the download icon next to the Connector created for the Network to reveal various options and selected Launch Connector on AWS from the options list. This started the process of using the CloudFormation template to instantiate a Connector VM in the AWS VPC. See, Launch Connector on AWS.

  4. Owen then added another Connector to the same Network by clicking on the Add (+ icon) on top of the Connectors section of the Network.

  5. Owen configured the Region of this second Connector as London.

  6. Clicked on the download icon next to the second Connector to reveal various options and selected Launch Connector on AWS from the options list. This started the process of using the CloudFormation template to instantiate a Connector VM in the AWS VPC. See, Launch Connector on AWS

  7. Now Owen uses Connect Client and connects to London Regions of CloudConnexa (see, Connecting to CloudConnexa). On connection, Owen can access the application server on the AWS via the 2nd London Connector.

  8. Owen uses AWS console to stop the EC2 instance connected to London Region. Owen can still access the application server on the AWS via the 1st Frankfurt Connector.

Demonstration Video

This WPC has one Network configured with two Connectors. The video shows smart routing at work demonstrating the selection of the optimum Connector for routing, continued functioning when one of the Connectors goes down, and load balancing when both Connectors use the same Region.