I wanted to set up VPN split tunnelling for my home lab to simulate my workplace (which uses a commercial VPN solution ) to build a proof of concept of Windows AutoPilot with on-premise domain access from Azure AD joined devices.
I came across OpenVPN Cloud which provides you with 3 connections for free/personal use.
A couple of notes on my setup:
My host server has one Internal switch and one External switch. I installed RRAS on a Windows server VM in my lab running Windows Server 2016 with two virtual network adapters, one connected to the Internal switch and the other on the External switch. Both have DHCP enabled. Now for the instructions:
1) Install RRAS on a Windows server box (mine is on Windows Server 2016) with two virtual network adapters as mentioned above.
2) Enable routing on the server and follow the rest of these instructions on this RRAS server
3) Sign up for a free personal account and create your OpenVPN ID.
3) Once logged in, click on Networks on the left and and select “Remote Access” and follow the rest of the wizard.
Give your network a name.
Give the connector a name and select your region. This is the RRAS server on which you will have a OpenVPN connector (agent) running.
Add your lab subnet under Private Subnets.
4) Next select where to deploy the connector. I chose Windows, downloaded the connector and installed it on my RRAS server mentioned above.
5) Open the OpenVPN Connector on the RRAS server, sign in with the user account/email address you signed up with and you should see a connection established.
Back on the OpenVPN web portal click Next and wait for the connection to be shown as established on that end too.
6) Next add your internal DNS to the web portal.
7) Click on Users and add a second user. This is the user who will be signing into VPN from an endpoint device over WAN/off-site. You can, of course, create more users here if you wish.
This completes the setup of the OpenVPN Cloud on the server side. I will soon write a follow up post on how to get endpoint devices connected via VPN.
Note that the connector which you installed on the RRAS server and the connection that it established with OpenVPN Cloud is counted as 1 of the 3 free connections you get with the free account. So you actually have only two connections for your endpoint devices. However, for quick POCs and lab use this is more than enough.