Manage VPN Accounts

How to Request VPN Access to Non-Prod Environments

Direct VPN access to the backend database will be provided to allow read-only access to Clarity data for non-production environments. No more than 5 concurrent accounts may be granted. Accounts unused for one year may be terminated, after which time a new request to reactivate accounts may be submitted.

• To request VPN access on the support portal, select the Manage VPN Accounts option:

Open

• The Raise a Ticket screen will appear. Fill out the fields as follows:

  Summary: Specify that a new access is required
  Description: Be sure to include the following information:
  - Email Address and Name of the User
  Environment: The URL of the non-PROD environment you require database access to
  
  

• After the fields are filled out, click Send. A case will be create and a support agent will assist you in the process to obtain the key file necessary for VPN access to the database.
  
  

• For further information about setting up a VPN, use this Article: How to Set up AWS VPN Access to Non-Prod Oracle Databases
  
  

NOTE: No more than 5 concurrent accounts may be granted. It is the responsibility of your organization to reach out to Clarity by Rego to request the deactivation of any user no longer working with you. Clarity by Rego is not responsible under any conditions for the governance of the provided credentials.

Options to access data in PROD environments:

Recommendation:

http://xogbridge.com. Rego Consulting recorded an internal demo on this in 2019: https://web.microsoftstream.com/video/1c26e5af-d922-4db4-8af8-aebeeeaea927

How to Set up AWS VPN Access to Non-Prod Oracle Databases

To ensure the best connection to the VPN and the underlying Oracle Non-Prod Database, Clarity by Rego recommends JDK 1.7 or later, SQL Developer v4 or later and the most current AWS VPN client. The connectivity will negotiate over the TLS 1.2 protocol.

• Download and install the latest AWS VPN Desktop Client on your local machine from AWS website at:
  AWS Client VPN Download | Amazon Web Services
  If your desktop image is managed by your IT department you may need to contact your internal team to get this client installed. If you utilize a different VPN Client, please work with your IT department to configure it. Clarity by Rego supports the AWS VPN Client, and provides the instructions below.
  
  

• Once the client is installed and you have the VPN profile file (.ovpn) provided by Clarity by Rego, you are ready to configure the client.
  
  

• Open the AWS VPN Client and on the file tab select the Manage Profiles option:
  
  

  Open

  

   

• A new screen will pop-up, select the Add Profile option and enter a name for the connection.  Browse for the saved .ovpn file provided by Clarity by Rego and click the Add Profile button

   

• To connect, return to the initial window, select the desired profile and click Connect.
  
  

• If the connection is successful, you are ready to access your database using your existing DB client.

Please keep in mind that the Database accounts expire every 90 days. If you need to retain VPN access, please submit a ticket near the end of the 90 days requesting that the account be renewed/extended.

VPN Common error Guide

Below you can find the most common errors using the VPN connection provided by Clarity by Rego

1. The VPN process failed to start.  The port is already in use by another process

Description: Another VPN/Application/Process is using the port the VPN connection needs. 
Troubleshooting Steps:

***Note that you should not be connected to a Corporate VPN account while performing these tests***

Test 1: Restart

1. Restart the computer

2. Keeping all other programs closed, launch the AWS VPN Client

3. Attempt to Connect to your Profile

Pass: This means another VPN/Application/Process you started previously used this port.  You will need to identify what that is and make sure only one is running at a time.  Use the method in Test 3 as a way to identify.

Test 2: Different Network

1. Using a separate network than your Office network (such as a home network), launch the AWS VPN Client

2. Configure the Profile if you haven’t already

3. Press connect

Pass: The Network you were on previously prevented you from connecting.  Work with your Helpdesk to resolve the connection issue.

Test 3: Identify Port Usage

If the previous tests fail, this will help identify the issue.  Work with your Helpdesk if you are unable to run the command yourself.

1. Open CMD as an Administrator

2. Type this command: netstat -bano

3. Look for a Local Address ending in :8096 or :35001. 

4. Note the Name of the Protocol (the name is in brackets above the line with the Port Number) and the PID. 

5. Open Task Manger

6. Go to the Details tab

7. Find the PID that matches the PID from step 4.   That is the process using the Port in question.

Work with your helpdesk to see if this is a necessary process and next steps.

Test 4: Alternate VPN Client

Use this test if you need to configure proxy settings in order to connect to the VPN.

1. Navigate to the OpenVPN Connect website (here) and download the client

2. Install the OpenVPN Connect Client.  On Driver Selection, make sure to pick TAP

3. Open OpenVPN Connect and click through the pop ups for first installation

4. Once on the Import Profile screen, click File

5. Browse for the .ovpn file used for the AWS VPN client

6. Name the Profile appropriately, then click Add

7. If you need to add a proxy, click the Edit icon next to the Profile.

8. Click Add Proxy and configure appropriately

9. Click On next to the new Profile

Work with your Helpdesk if you need assistance installing the software

2. VPN connection process quits unexpectedly

Description: While connecting to the VPN, the client quits unexpectedly. 

Troubleshooting:

This indicates that the TAP Driver is missing.  To fix, follow the steps below:

1. Navigate to the OpenVPN Connect website (here) and download the client

2. Install the OpenVPN Connect Client.  On Driver Selection, make sure to pick TAP

3. Once the installation is complete, open AWS VPN Client.

4. Attempt to connect to and verify that the VPN doesn’t close.

3. AWS VPN Client doesn’t launch

Description: A more recent version of the .NET Framework (4.7.2 or later) is needed.  This error is generally on Windows 7 machines

Troubleshooting:

This indicates that the .NET Framework is not up to date.  To fix, follow the steps below:

1. Open the AWS VPN Client installer

2. Select Repair

3. Once the Repair is finished, attempt to open the VPN Client. 

4. If it fails, uninstall the AWS VPN Client

5. Restart your machine

6. Open the AWS VPN Client installer and install the client again.

7. Open the AWS VPN Client to verify you can open and use it.