Create IPSec Tunnel or a WireGuard Peer
Last updated
Last updated
After creating a VPN Gateway, you can create a Tunnel or a Peer based on your chosen VPN Gateway protocol.
To create tunnels or peers, follow these steps:
1. In the DCD, go to Menu > Network > VPN Gateway under Connectivity.
2. On the VPN Gateways page, click Create Tunnels or Create Peers based on the chosen VPN Gateway protocol.
3. Enter the following details:
Enter the following details in the Create IPSec Tunnel page:
Tunnel name: Enter a tunnel name.
Description: (Optional). Enter a description.
Remote host: Enter a valid public IPv4 address or an Fully Qualified Domain Name (FQDN).
Pre-shared key (PSK): Enter a valid key or click Generate to automatically generate a key.
Select an appropriate value from the drop-down list for the following:
For more information about determining the appropriate combination of encryption and hashing algorithms based on your need, see FAQs.
Select an appropriate value from the drop-down list for the following:
For more information about the combination of encryption and hashing algorithms for your needs, see FAQs.
Enter the following details:
Cloud Network CIDRs: Specify up to 20 IPv4 or IPv6 network addresses, separated by commas, on IONOS Cloud that can connect to the tunnel.
Peer Network CIDRs: Specify up to to 20 IPv4 or IPv6 addresses, separated by commas, on the peer side that can connect to the tunnel.
4. Click Save to save the configuration.
Settings | Values |
---|---|
Settings | Values |
---|---|
Diffie-Hellman Group
15-MODP3072
16-MODP4096
19-ECP256
20-ECP384
21-ECP521
28-ECP256BP
29-ECP384BP
30-ECP512BP
Encryption Algorithm
AES128-CTR
AES256-CTR
AES128-GCM-16
AES256-GCM-16
AES128-GCM-12
AES256-GCM-12
AES128-CCM-12
AES256-CCM-12
AES128
AES256
Integrity Algorithm
SHA256
SHA384
SHA512
AES-XCBC
Lifetime
Specify a value starting from 3600 seconds to a maximum of 604800 seconds.
Diffie-Hellman Group
15-MODP3072
16-MODP4096
19-ECP256
20-ECP384
21-ECP521
28-ECP256BP
29-ECP384BP
30-ECP512BP
Encryption Algorithm
AES128-CTR
AES256-CTR
AES128-GCM-16
AES256-GCM-16
AES128-GCM-12
AES256-GCM-12
AES128-CCM-12
AES256-CCM-12
AES128
AES256
Integrity Algorithm
SHA256
SHA384
SHA512
AES-XCBC
Lifetime
Specify a value starting from 600 seconds to a maximum of 86400 seconds.