Connect databases via VPN

While Adobe recommends that you connect your databases using an SSH tunnel, you can also use an encrypted VPN connection to keep things secure. A VPN can be used for any of your database integrations and, to keep things simple, the process is just about the same as setting up an SSH tunnel:

  1. Create an MBI database user
  2. Create an MBI VPN user
  3. Allow access to the MBI IP address
  4. Enter the connection and VPN user info into MBI

In addition to database credentials, you must enter credentials for a VPN user to wrap things up. Any VPN user works, but Adobe recommends you create an MBI user - it makes it easier for you to track the users on your account.

Creating a database user for MBI

The process for creating a database user varies depending on the database type you are connecting. To see the instructions for each database type, click the links below.

Creating a VPN user for MBI

As mentioned before, any valid VPN user works - but Adobe recommends you create a user solely for MBI use.

Allow access to the MBI IP addresses

For the connection to be successful, you must configure your firewall to allow access from your IP addresses. They are 54.88.76.97 and 34.250.211.151, but it is also on the credentials page for any database integration:

MBI_Allow_Access_IPs.png

Entering the connection and VPN user info into MBI

To wrap things up, you need to enter the connection and user info into MBI. Did you leave the database credentials page open? If not, go to Manage Data > Connections and click Add New Data Source, then the icon for the database you are connecting. Do not forget to change the Encrypted toggle to Yes.

Enter the following info into this page, starting with the Database Connection section:

  • Username: The username for the MBI database user
  • Password: The password for the MBI database user
  • Port: The database’s port on your server. Defaults are:
  • MicrosoftSQL: 1433
  • MongoDB: 27017
  • MySQL: 3306
  • PostgreSQL: 5432
  • Host: By default, this is localhost 127.0.0.1, but it could also be your server’s public IP address or a local area network address.
  • Database Name (optional): If you only allowed access to one database (this is specified during the database user creation step), enter the name of that database here.

Under the Encryption Connection section:

  • Encryption Type: Set this to Cisco IPsec VPN
  • Gateway Address: The IP address of the VPN server
  • Group Name: The name of the group used for group authentication
  • Group Secret: The password corresponding to the group.
  • Username: The MBI VPN username
  • Password: The MBI VPN user password

That is it! When you are finished, click Save & Test to complete the setup.

On this page