Features
- Connect agent sandboxes to private networks so they can reach internal databases and services
- VPN connection is established automatically at the start of every session
- Works alongside the Postgres integration to access databases that aren’t publicly reachable
Supported VPNs
The VPN integration uses OpenConnect, an open-source VPN client that is compatible with several enterprise VPN servers:| Protocol | Compatible with |
|---|---|
| Fortinet SSL VPN | FortiClient, FortiGate |
| Cisco AnyConnect | Cisco Secure Client, ASA, IOS |
| Palo Alto GlobalProtect | GlobalProtect client, PAN-OS |
| Juniper Network Connect | Juniper/Pulse Secure, Ivanti Connect Secure |
Installation
Go to Integrations
Open Integrations and click Install next to VPN under the Network category.
Enter your VPN details
Fill in the connection form:
- Connection Name — a label for this VPN (e.g. “Production VPN”)
- Protocol — select your VPN type
- VPN Gateway — the hostname or IP of your VPN concentrator (e.g.
vpn.example.com) - Username and Password — credentials that the sandbox will use to authenticate
Connect your database
Once the VPN is configured, add a Postgres integration using the private connection string of your database. Tembo will connect to the VPN first, then reach the database through the tunnel.
Usage
When a session starts, Tembo automatically connects to your VPN before the agent begins work. The tunnel stays active for the duration of the session. This is useful when your database or internal services are behind a firewall and not reachable from the public internet. Instead of exposing your database publicly or setting up a bastion host, you provide the same VPN credentials your team already uses.Example workflow
- Configure the VPN integration with your gateway credentials
- Add a Postgres integration with your private connection string (e.g.
postgresql://user:pass@10.0.1.50:5432/mydb) - Create a session — Tembo connects to the VPN, then the agent can query your database as if it were on your network
Advanced
How it works
How it works
At each session start, the sandbox VM runs OpenConnect in the background to establish a VPN tunnel. This creates a virtual network interface (
tun0) that routes traffic to your private network through the encrypted tunnel. The connection is re-established on every session start since VPN state does not persist across sessions.MFA / two-factor authentication
MFA / two-factor authentication
OpenConnect supports some forms of MFA (e.g. TOTP tokens appended to the password field), but interactive MFA prompts are not supported. If your VPN requires interactive two-factor authentication, consider creating a dedicated service account with a static password or certificate-based authentication for Tembo access.
Security considerations
Security considerations
VPN credentials are injected into the sandbox at session start for the system to establish the tunnel before the agent begins work. Consider using a dedicated VPN account with limited network access scoped to only the resources Tembo needs.