Configuring a VPN Network

A Virtual Private Network (VPN ) is suitable for users who require secure and encrypted connections across their network infrastructure. It enables encrypted communication between remote clients and a secure gateway, allowing users to access resources on the local network.

Remote clients must have proper authorization on their device to establish a remote connection through a VPN tunnel. They can access networks and services based on site-specific and VPN network policies.

You can create only one VPN network per site. A VPN network can be created only when a secure gateway is deployed at the site.

To create a VPN network, follow these steps:

  1. Click the LAN tile on the Instant On web application home page, or click Networks from the navigation pane on the left.
  2. Under Networks > LAN, click Create Network.
  3. Under Network Identification, configure the following:
    1. Name—Enter a name for the VPN network.
    2. Network Type—Select the VPN option.
    3. Click Next.
  4. Under Network Properties > Listening Port, enter the listening port for the VPN server. The default port is 51820.

    When the UDP protocol on the WAN port is already in use by an existing port forwarding policy, the following error banner message is displayed: The UDP protocol on WAN port (portID) is used by the (policyName) policy.

  5. Click Next.
  6. Under IP Assignment > Network Address, enter the IP address of the VPN server.

    The Subnet Mask is auto-generated based on the secured gateway SKU model and displayed as read-only.

    This step defines how clients and devices will obtain IP addresses when connecting to the VPN network.

  7. Click Next.
  8. Under Tunneled Destinations > Networks, define which LAN networks are accessible through the VPN tunnel by selecting one of the following options:
    • All wired networks—Select this option to include all available wired LAN networks in the VPN tunnel. This is the default option.
    • Selected Wired Networks—Select this option to allow only selected wired LAN networks to be included in the VPN tunnel. You must select at least one network from the Selected Networks list.
  9. Click Create Network.

    Once completed, the VPN network is created, and the corresponding policy is automatically generated to allow access to the selected destinations.