GuidesDiscussions
GuidesAPI ReferenceJoin the Mailing List

Orka Small Teams: Access Your Cluster

How to connect to your Orka Small Teams cluster via VPN.

🚧

Quick navigation

On this page, jump to: Cisco AnyConnect | OpenConnect

πŸ“˜

You need:

  • The public firewall IP from here.
  • The username and password from here.

To protect your environment, MacStadium deploys your Orka Small Teams cluster with a dedicated Cisco Adaptive Security Virtual Appliance (ASAv) firewall. Cisco ASAv runs the same software as physical Cisco ASAs and delivers full ASA firewall and VPN capabilities to the cloud.

πŸ‘

TIP: Looking for more information about your firewall?

See MacStadium Docs: Firewall Overview and MacStadium Docs: Logging into Cisco Firewall.

Your Orka Small Teams cluster sits behind its dedicated Cisco ASAv firewall. You need to be connected to the cluster via VPN to manage your Orka VMs and K8s pods.

MacStadium has pre-configured the firewall and has enabled VPN access. All you need to do is run a VPN client and provide the server address and credentials for the connection.

Cisco AnyConnect Secure Mobility Client

πŸ“˜

Why Cisco AnyConnect?

Cisco firewalls are designed to work with the Cisco AnyConnect Secure Mobility Client as a VPN client. If you prefer a GUI VPN client or you're running on Windows, you might want to use Cisco AnyConnect.

Download and install Cisco AnyConnect

  1. In your browser, navigate to your public firewall IP (you can find it here). You might need to use https://.
  2. Ignore the certificate warning and proceed to the address.
  3. When prompted, enter the credentials from here.
  4. When prompted, download, install, and run the Cisco AnyConnect desktop client.

Use Cisco AnyConnect

  1. Run Cisco AnyConnect Secure Mobility Client.
  2. When prompted, enter your public firewall IP and click Connect. You can find the public firewall IP here.
  3. If prompted that an untrusted server was blocked, perform the following steps:
    1. Click Change Setting... and deselect Block connections to untrusted servers.
    2. Close the Preferences - VPN window.
    3. Click Connect again.

  1. If prompted that the server certificate is untrusted, click Connect Anyway.
  2. When prompted, provide your login credentials and click OK. You can find them here.

(Open-source option) OpenConnect

πŸ“˜

Why OpenConnect?

If you are a pre-dominantly CLI user, you might want to use OpenConnect - an open-source VPN client available from the command line.

Download and install OpenConnect

  • If you have Homebrew on your system, you can run brew install openconnect from your command line.
  • If you're running on Windows, you can download and build the OpenConnect package yourself, or you can use Cisco AnyConnect instead.

Use OpenConnect

  1. From your command line, run the following command. Replace <SERVER ADDRESS> with your public firewall IP from here.
sudo openconnect <SERVER ADDRESS> --protocol=anyconnect
// OR if running on Windows
openconnect <SERVER ADDRESS> --protocol=anyconnect
  1. Follow the prompts.
    • On the immediate Password prompt, provide your sudo password (the password for your current computer user) and press Enter.
    • On the Enter 'yes' to accept, 'no' to abort; anything else to view: prompt, type yes and press Enter.
    • On the Username prompt, provide the username from here and press Enter.
    • On the Password prompt, provide the password from here and press Enter.

When the connection is established, you will see a similar output:

πŸ‘

TIP: Want to terminate the VPN connection?

At any time press Ctrl+C on the command line.


Β© 2019-2023 Copyright MacStadium, Inc. – Documentation built with readme.com. Orka is a registered trademark of MacStadium, Inc.