Devin operates in its own VM workspace and sometimes needs to access resources within your internal network (e.g., internal package registry, staging services, self-hosted services). Like your developers, Devin can use a client VPN to connect to your internal network.

Prerequisites Checklist

Before setting up VPN access, verify the following:

  1. Public Access Verification

    • Confirm these services are not accessible via the public internet
    • For cloud-hosted services (e.g., Gitlab Cloud Package Registry, JFrog Artifactory Cloud), an access token is typically sufficient

  2. Authentication Method

    • Using a service account to authenticate is recommended
      • Credentials can be securely stored via Devin’s Secrets functionality
    • If a service account cannot be provisioned, please contact enterprise@cognition.ai

Setting up OpenVPN

OpenVPN comes pre-installed in Devin’s workspace. To configure:

  1. Upload your config.ovpn configuration file to Devin’s workspace by dragging and dropping it into the VSCode instance
  1. Set a startup command to establish the VPN connection: 
    sudo openvpn --config /path/to/config.ovpn
    This ensures Devin connects to the VPN at the beginning of every session.

Alternative VPN Clients

If your organization uses a different VPN solution:

Publicly Available VPN Clients

For clients like Fortinet that can be installed via a package manager:

  1. Install the client during setup using the appropriate package manager commands: 
    sudo apt install forticlient
  2. Configure the startup command to establish connection

Private VPN Clients

For clients like Palo Alto GlobalProtect that require a binary installation:

  1. Upload the client binary and certificate to Devin’s workspace by dragging and dropping it into the VSCode instance

  2. Install using:

    sudo dpkg -i /path/to/GlobalProtect_deb.deb
  1. Configure the startup command: 
    globalprotect import-certificate --location /path/to/cert
Repos and SnapshotsDevin Workflows