Internal Network VPN Access
Posted by Ben Galliart, Last modified by Kevin Stange on 18 March 2015 10:27 AM
This document describes how to connect to the Steadfast Networks VPN server for accessing the Internal Network and IPMI remote server management.
Access to the VPN is freely available to all customers with a service that is provides IPMI or Internal Network access. To request access, your name must be listed as an authorized contact in our management portal, or the request for your access must come from someone in that list.
Each computer and person that will connect to the VPN should have its own set of credentials.
Access requests should include the following information:
An email address and client ID are required. You must also provide either a user or device name to identify the credentials.
Please send the request via email or our helpdesk to the Tech Support department from a person on the authorized contact list for your account in our management portal. Once the request is received, it will be reviewed within 1 business day, and the credentials will be made available to you if approved.
In case VPN credentials are compromised or you need to revoke access from a person who is no longer authorized, please contact our Tech Support department via email or our helpdesk. Please indicate if the situation is an emergency and our team will escalate the request to be handled as quickly as possible.
If you terminate your services with Steadfast, all VPN credentials will be revoked as part of the account closure process. We also may revoke VPN credentials of any user found to be abusing the service, or if we suspect a compromise. We will make every attempt to notify affected users if we revoke credentials proactively.
About the VPN Service
The VPN server is running software provided by the OpenVPN project. More information about this project is available at: http://openvpn.net/
The VPN provides access to servers and services that are accessible on the Internal Network and to IPMI services for Dedicated Servers. It is supported on Windows Vista and later, Mac OS X 10.4 and later, Linux, FreeBSD, and mobile devices running iOS 6.0 or Android 4.0 and later.
Please note that though the Internal Network and IPMI are both accessible using the same VPN service, it is not possible to communicate between IPMI devices and the Internal Network directly. The VPN has the ability to reach both networks, but the networks are not otherwise connected together.
The Internal Network is a service included with Dedicated Servers and Cloud accounts, and available to Colocation accounts upon request. This is a separate network that links servers and services within Steadfast to one another, but is not accessible from the Internet. You can communicate with your servers' Internal Network IP addresses and transfer data for no additional charge. Please note that bandwidth on the VPN is limited and performance will be lower than it would be when accessing your server over the Internet directly.
IPMI is a service provided with all Steadfast dedicated servers. It allows you to remotely access your server's keyboard, video, mouse (KVM), and power controls. It works with most modern web browsers running on Windows, Mac OS X, and Linux. Remote KVM requires Java to be installed on your computer.
Your server's IPMI address can be found in the management portal Devices list or your server's welcome email. It can be accessed only when your are connected to the VPN.
Your VPN credentials will be delivered in a ZIP file. The software required to use them is not included. It must be downloaded separately as indicated in the following sections. Please locate the section for your computer or device and follow those instructions. If you need assistance, please feel free to contact us for help.
Download the latest version of the "Windows Installer" from the Official OpenVPN web site:
You will need to choose between the 32-bit or 64-bit download. You can find out which version you need by opening "Control Panel" and then "System." Find the "System type" entry on this screen. Choose the download that matches your system type.
Make sure your computer has the latest Service Packs and Windows Updates installed. Some of these updates fix known issues that can affect using OpenVPN.
Once the software is installed, double-click the ZIP file and copy the contents into the folder:
If this directory does not exist, try to use this folder instead:
The OpenVPN-GUI application must be run as as an Administrator in order to properly direct traffic through the VPN. Right click on the OpenVPN-GUI icon and choose "Run as administrator" each time you start it.
To make this option permanent, right click the icon, and select "Properties." From the "Advanced" tab, check "Run as administrator" and click "OK."
To connect, right click the OpenVPN-GUI icon in your notification area after starting the program, then select the "steadfast" option.
Mac OS X
On Mac OS X, we recommend using a third party client for OpenVPN called Tunnelblick.
Tunnelblick can be downloaded from:
Please download the current Stable release, unless you see a notice that your version of Mac OS X requires the Beta release. If directed, download the Beta release instead.
Please follow these directions for installation:
Once the software is installed, the content of the ZIP file should be copied to the folder:
When you have finished installation, run the Tunnelblick program from your applications list and select the "steadfast" option to connect.
Android 4.0 or later devices
OpenVPN will work with most new Android devices which run Android version 4.0 or higher. Previous to version 4.0, the device would need to be "rooted" to use OpenVPN. Putting an older Android device into a "rooted" state goes beyond the scope of this document as it is a lengthy process and puts the device outside of the manufacturer warranty.
For devices running Android 4.0 or higher that come with the Google Play store, it is recommended you use the free app "OpenVPN Connect." It can be found here:
You will need to transfer the steadfast.ovpn file to your Android device. It is recommended that you extract all the files from the ZIP file on your computer. Most Android devices will then allow you to transfer the file over USB. Otherwise, you can use an online storage services to transfer the file, such as Google Drive or Dropbox.
Once the file is transferred, select the file from OpenVPN Connect to use it. You should then be able to establish a connection immediately.
Additional help for OpenVPN Connect for Android can be found on the OpenVPN community forums at:
The original Kindle Fire uses Android version 2.3 and can not easily use OpenVPN. However, newer Kindle Fire tablets can use the client "OpenVPN for Android" from the Amazon Appstore:
Please note that it is not an officially supported OpenVPN client. More information about "OpenVPN for Android" can be found on the project page at:
Apple iOS 6.0 or later devices
For Apple iPhone, iPod, and iPad, you must have a device that is running iOS 6 or later. Install the free "OpenVPN Connect" application from the Apple App Store.
You can then install the steadfast.ovpn file on the device using iTunes or transfer it from an online storage service such as Google Drive or Dropbox. It is recommended that you extract all the files from the ZIP file on your computer before transferring so that you do not need to do this on the device.
Once you install steadfast.ovpn, locate the file on your device and select the "Send To/Open In" icon or option. Choose to open the item in OpenVPN Connect.
You should then see a message that there is a new OpenVPN profile available for import. Simply select the + icon associated with the Steadfast OpenVPN profile. Once imported, you will be able to connect and disconnect from the VPN via an On/Off switch.
Additional help can be found inside the application as well as on the iOS OpenVPN Connector forums at:
Linux distributions and FreeBSD
Several Linux distributions such as Fedora, Ubuntu and Debian already include OpenVPN in their software repository. For distributions that do not already have OpenVPN packaged, the following install instructions are provided:
FreeBSD include OpenVPN in ports and is installed using the normal method.
You will also need an application which can unzip files from the ZIP file archive format. Most Linux distributions provide an unzip application, but may not install it by default. Once you have an application to unzip the file, extract the content of the ZIP file to the directory of your choice.
For some Linux distributions, you can use a GUI to point to certificate and key files. If you are using NetworkManager-openvpn, make sure that under the "Advanced" tab the option "Use LZO data compression" is checked. Also, under the "IPv4 Settings" tab, click the "Routes" button and check the box for "Use this connection only for resources on its network." After adding the VPN configuration, you may need to restart the NetworkManager service.
If your distribution does not provide a GUI, then try running it from a command prompt. Make sure you are running openvpn as root. On some distributions this might involve using sudo.
At the prompt try:
Or at a root prompt:
Contents of The ZIP File
Testing the Connection
Once connected, you should be able to run:
To run ping from Windows, run a Command Prompt (normally found under Accessories) or run cmd.exe Then select the resulting black box and type"ping 10.2.255.10" and press enter.
To run ping from Mac OS X, go to Applications, then Utilities and then select Terminal. Select the resulting terminal window and type"ping 10.2.255.10" and press enter.
If the ping is successful, you should see lines that begin with something similar to "64 bytes from 10.2.255.10" that are produced about once per second.