A VPN interface is a virtual network adapter that will be used to connect VPN clients. This is a cluster-type interface, which means that it will be created automatically on all UserGate configuration cluster nodes. If a HA cluster exists, VPN clients will be automatically switched to a backup server in case of any problems with the active server without terminating the existing VPN connections.
In the Network --> Interfaces section, click Add and select Add VPN. Provide the following settings:
|
Name |
Description |
|---|---|
|
Name |
The interface name. Should be in the form of tunnelN, where N is the ordinal number of the VPN interface. |
|
Description |
Interface description. |
|
Zone |
The zone to which this interface will belong. All clients with a VPN connection to the UserGate server will be placed in the same zone. |
|
Netflow profile |
The Netflow profile to send statistical data to the Netflow collector. You can read about Netflow profiles in chapter Netflow Profiles. |
|
Mode |
The IP address assignment type: no address, a static IP address, or a dynamic IP address obtained using DHCP. If the interface is to be used for accepting VPN connections (Site-2-Site VPN or Remote access VPN), a static IP address must be used. To use an interface as a client, select the dynamic mode. |
|
MTU |
The MTU size for the selected interface. |
The system has three predefined VPN interfaces by default:
-
tunnel1, recommended for a Remote access VPN.
-
tunnel2, recommended for the server side of a Site-to-Site VPN.
-
tunnel3, recommended for the client side of a Site-to-Site VPN.