VPN Access

VPN is essential to access the specified assets in the program. It's important to note that these assets cannot be accessed without connecting to a VPN.

Program VPN servers

1. Viewing VPNs

  1. Go to the program policy page and choose the Credentials & VPN tab.

  2. You will see a list of VPN servers that the company has created.

  3. Click on "View Server Configuration" to see the VPN configuration details.

2. Downloading VPN Configuration

  1. To obtain the OpenVPN configuration file, click on "Download Configuration File" button.

Learn how to connect to VPN using the config file here.

3. Understanding VPN Configuration Details

  1. Server Name: This is the name given to the VPN server.

  2. Server Status: Indicates whether the VPN server is currently running, stopped, or in the process of deploying.

  3. Rate Limit: This refers to the maximum number of requests per minute allowed through the VPN, ensuring fair usage and server stability.

  4. Countries: Lists the countries from which you are allowed to access the VPN.

  5. Accessible Assets: Shows the specific domains (assets) you are permitted to test. Each domain includes:

    • Asset: The specific domain or asset you have access to.

    • Active Time Period: The time range during which the asset is available for testing. NOTE: All time range is in UTC timezone.

    • Blacklist Routes: Any API routes or paths that are off-limits, even when connected to the VPN.

Connecting to VPN using the config file

Once you have .ovpn file downloaded ( config file ). Follow the below steps:

  1. Add the domains/in-scope targets of the program to your /etc/hosts file

    1. Example: docs.google.com and bugbase.in are the domains/in-scope targets in the VPN configuration. Check here for the accessible assets.

    2. Lookup the DNS resolution of the target domains.

    3. Add the Addresses to the /etc/hosts for your linux systems or the corresponding local resolution files for Windows and MacOS.

    4. Connect to VPN Server using the .ovpn file with sudo permissions.

    5. Confirm a valid connection by checking the newly assigned IP on the tun interface.

      • `ip a` - Linux User

      • `ipconfig` - Windows User

      • `ifconfig` - MACOS

    6. Confirm additions of the domains/targets to the routing table

      • Linux users can use the route command to do this

      • MacOS Users can use `netstat -rn` command to do the same

      • Windows users can use `route print`

    7. In case the target domains are not live or do not have a valid IP address on Lookup, the IP will be separately mentioned in the Program description

Please wait approximately 2-5 minutes before starting testing to ensure a smooth experience.

PreviousCredentialsNextReports

Last updated