Enabling Connections over WAN
If the Connector server will be accessed outside the domain, it must be configured for external access (this step is only required if you want to enable remote access to the workstations without requiring a VPN):
- The server must have a public IP address. This can be done via bi-directional NAT mapping.
- The
--external-client-cidr
flag takes priority over the--internal-client-cidr
. The default for the--internal-client-cidr
is 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16. Any source that does not match to a--internal-client-cidr
will default to an external connection.
For example --external-client-cidr 0.0.0.0/0
will treat everything as an external connection, to reset to the default behaviour you would need to enter the following command and flag parameters:
./cloud-access-connector update --internal-client-cidr 10.0.0.0/8 --internal-client-cidr 172.16.0.0/12 --internal-client-cidr 192.168.0.0/16
./cloud-access-connector update --internal-client-cidr 10.11.12.0/24 --external-client-cidr 10.11.12.1/32
--external-pcoip-ip
flag sets the IPv4 address for the Connector for external connections. If this value is not set, the external IPv4 address will be determined automatically. This is an optional setting that can be used when installing the Connector.
For information on the session establishment and session bandwidth limits when working with external connections, see here.
Reboot the server after NAT changes
If the NAT is configured after the Connector has been installed, reboot the Connector server.