Create VPN Gateway

A VPN Gateway provides a secure way to access your data center, protecting your network and sensitive information.

To create a VPN Gateway, follow these steps:

1. In the DCD, go to Menu > Network > VPN Gateway under Connectivity.

2. Click Create New VPN Gateway from the VPN Gateways page.

3. Configure the following details for a VPN Gateway:

  • Enter a Name and a Description.

  • Select Location.

  • Select the IP Address created in the chosen location.

Note: Ensure you reserve IP Addresses in advance, and make sure the IP Addresses and Data Centers are in the same location.

Define VPN Gateway Protocol

Prerequisite: You can create VPN Gateways using either the IPSec or WireGuard protocol. Each protocol offers different features and requires distinct configuration steps.

Select Protocol you want to use:

Select Protocol you want to use, you can choose WIREGUARD or IPSEC.

In WIREGUARD, you should input the following properties:

  • Private Key: Private Key.

  • Interface IPv4 IP: Mandatory if IPv6 is not provided.

  • Interface IPv6 IP: Mandatory if IPv4 is not provided.

  • Listen Port: Specifies the UDP port on which a WireGuard interface will listen for incoming encrypted VPN packets.

Note:

  • IPSec requires Tunnels before they can be used.

  • WireGuard requires Peers.

To create Tunnel or Peer, you can choose IPSec Tunnel or WireGuard Peer.

In Create IPSec Tunnel, you should enter the following properties:

  • Tunnel name

  • Description

  • Remote host: Public IPv4 address or FQDN.

Authentication

Pre-shared key (PSK)

Initial Exchange (IKE_SA_INIT) Settings

Choose the desired option from the available list.

  • Diffie-Hellman Group

  • Encryption Alghoritm

  • Integrity Alghoritm

  • Lifetime: Min 3600 sec. / max. 604800 sec.

Child SA/IPSec SA Settings (ESP)

Choose the desired option from the available list.

  • Diffie-Hellman Group

  • Encryption Alghoritm

  • Integrity Alghoritm

  • Lifetime: Min 600 sec. / max. 86400 sec.

Network CIDRs

Enter the following properties:

  • Cloud Network CIDRs: Up to 20 IPv4 or IPv6 addresses, Comma Separation.

  • Peer Network CIDRs: Up to 20 IPv4 or IPv6 addresses, Comma Separation.

Define Lan Connections

Note: These are the LANs you want to access. You can add new ones, delete, or edit existing ones.

1. Select Datacenter for the selected location.

2. Click + Add LAN Connections to add LAN Connections you want to access.

Result: You have successfully created the VPN gateway.

Last updated

Revision created

commented latest release