Create IPSec Tunnel or a WireGuard Peer

After creating a VPN Gateway, you can create a Tunnel or a Peer based on your chosen VPN Gateway protocol.

To create tunnels or peers, follow these steps:

1. In the DCD, go to Menu > Network > VPN Gateway under Connectivity.

2. On the VPN Gateways page, click Create Tunnels or Create Peers based on the chosen VPN Gateway protocol.

3. Enter the following details:

Enter the following details in the Create IPSec Tunnel page:

Tunnel name: Enter a tunnel name.
Description: (Optional). Enter a description.
Remote host: Enter a valid public IPv4 address or an Fully Qualified Domain Name (FQDN).

Pre-shared key (PSK): Enter a valid key or click Generate to automatically generate a key.

Select an appropriate value from the drop-down list for the following:

Settings

Values

Diffie-Hellman Group

15-MODP3072 16-MODP4096 19-ECP256 20-ECP384 21-ECP521 28-ECP256BP 29-ECP384BP 30-ECP512BP

Encryption Algorithm

AES128-CTR AES256-CTR AES128-GCM-16 AES256-GCM-16 AES128-GCM-12 AES256-GCM-12 AES128-CCM-12 AES256-CCM-12 AES128 AES256

Integrity Algorithm

SHA256 SHA384 SHA512 AES-XCBC

Lifetime

Specify a value starting from 3600 seconds to a maximum of 604800 seconds.

For more information about determining the appropriate combination of encryption and hashing algorithms based on your need, see FAQs.