By ThrivenGeek
I recently deployed a droplet with WGDashboard so I could VPN into my private network and access other droplets. It seemed to work great until I decided to apply a cloud firewall to one of the droplets running a webserver. As soon as I applied the firewall I could no longer access that droplet over the VPN. Even if I allow all TCP and UDP connections it still does not work. If I remove the cloud firewall from the droplet access is restored. Is this expected behavior?
My end goal is to be able to restrict public vs private access. Example, being able to access Portainer over the VPN but not over the web.
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Heya, @thrivengeek
DigitalOcean’s Cloud Firewalls apply their rules at the network level, outside the droplet itself. This can inadvertently block VPN traffic if the firewall rules are not explicitly configured to allow traffic from your VPN.
You can open the Cloud Firewall settings and add a rule to allow traffic from your VPN subnet:
- Protocol: TCP/UDP
- Ports: The ports you want accessible over the VPN (e.g.,
9000for Portainer,80/443for web). - Source:
10.8.0.0/24(or whatever your VPN subnet is).
Regards
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and SMBs
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.