Tunnel sub-tab

The main table displays available tunnels. 

Add New Tunnel

1. Go to Network :: VPN drop-down :: IPsec :: Tunnel.
2. Click Add (displays dialog).
    
   
   
   
3. Enter Name.
   
4. On Initiate Tunnel drop-down, select one (Start, Ignore, On-Demand)
5. On IKE Profile drop-down, select one (Cisco_ASA, PaloAlto, nodegrid)
6. (optional) On Custom Up/Down Script drop-down, select one (this customized script can set configuration changes and activities, when the tunnel is up or down).
7. In Authentication Method menu, select either of the following options. 
   1. Pre-Shared Key radio button (expands dialog). Enter Secret.
   2. RSA Key radio button (expands dialog): 
      • Left Public Key
      • Right Public Key
      • Generate Left Public Key
   3. Certificate: Allows you to set up a tunnel using certificates as the authentication method. This involves using certificates configured under the Security :: Certificates page.
      
      
      
      1. Left Certificate: Choose the necessary certificate for the sides that are connected to your tunnel.
      2. Right Certificate: Select a value when you intend to establish a side-to-side configuration with up to two nodes. In cases where there are more than two nodes, you should not enter any value into this field.
8. In the Local menu, enter:
   1. Left ID
      
   2. Left Address drop-down, select one (selection depends on the system configuration)
   3. Left Source IP Address
      
   4. Left Subnet
9. In the Remote menu, enter:
   1. Right ID
      
   2. Right Address
      
   3. Right Source IP Address
      
   4. Right Subnet
10. (optional) In the Monitoring menu, select Enable Monitoring checkbox (expands dialog). 
    1. Source IP Address(ping from)
       • Destination IP Address (ping to)
       • Number of Retries (pings before triggering Action)
       • Interval (seconds) (time between retries)
    2. On Action drop-down, select one (if the tunnel does not respond):
       • Restart IPsec (to resolve issues with key negotiation)
       • Restart Tunnel (to resolve issues with key negotiation)
       • Failover (fails over to another IPsec tunnel) (expands dialog). On IPsec Tunnel drop-down, select one. 
11. (optional) In Virtual Tunnel Interface menu, select Enable Virtual Tunnel
    1. Interface checkbox (expands dialog), enter details:
    2. Mark
       
    3. Address
       
    4. Interface
       
    5. Automatically create VTI routes checkbox
    6. Share VTI with other connections checkbox
12. Click Save.

Edit Tunnel

1. Go to Network :: VPN drop-down :: IPsec :: Tunnel.
2. In the Name column, click a name (displays dialog).
3. Make changes, as needed.
4. Click Save.

Delete Tunnel

1. Go to Network :: VPN drop-down :: IPsec :: Tunnel.
2. In the table, select checkbox of tunnel to delete.
3. Click Delete.

Start Tunnel

1. Go to Network :: VPN drop-down :: IPsec :: Tunnel.
2. In the table, select checkbox of tunnel to start.
3. Click Start Tunnel.

Stop Tunnel

1. Go to Network :: VPN drop-down :: IPsec :: Tunnel.
2. In the table, select checkbox of tunnel to stop.
3. Click Stop Tunnel.