The GTI Editor can only configure VPN tunnels for managed CloudGen Firewalls. You can add external non-managed or third party VPN servers to the GTI Editor. You must manually configure the VPN and network settings for VPN tunnels to external VPN servers. You must also configure the VPN tunnel on the external server manually, since the CC does not manage it. The external VPN server must be configured to match the settings entered here. To differentiate between managed and unmanaged VPN servers, external VPN services are represented by a grey icon.
Before You Begin
Create a VPN Group and add the managed VPN services. For more information, see How to Create a VPN Tunnel with the VPN GTI Editor.
Step 1. Add an External VPN Service to the GTI Editor
- Go to CONFIGURATION > Configuration Tree > Multi-Range > Global Settings > VPN GTI Editor.
- Click Lock.
- In the Groups tab select a VPN Group.
- Click the Services tab.
- Right click in the Services tab and select Add external VPN Server. The Add External VPN Server window opens.
- Enter a Name.
- If the external VPN Server is a standalone CloudGen Firewall, select the NGFW Release from the drop-down.
- Click OK.
- Drag the new external VPN service to the GTI map. The external VPN server is automatically added to the VPN group.
- Click Send Changes and Activate.
Step 2. Create a VPN Tunnel to an External VPN Server
The VPN tunnel to the external VPN server can be created and configured in the GTI editor.
- Go to CONFIGURATION > Configuration Tree > Multi-Range > Global Settings > VPN GTI Editor.
- Click Lock.
- Click the Groups tab and click the VPN Group. The name of the VPN Group is now displayed in the status bar above the GTI map.
- Create a VPN tunnel by drag and drop between a managed and an external VPN server.
- Click on the connection and click on the VPN tunnel. The TINA Tunnel configuration window opens.
- Depending on your external VPN server you may need to switch to an IPsec tunnel by clicking the Make IPsec in the upper right hand corner.
- Configure the network and VPN tunnel settings.
- Click OK.
- Click Send Changes and Activate.
You have now configured a VPN tunnel to an external VPN server.