Network | VPN | Create

  • Blog
  • Network | VPN | Create

Knowledge Base

Scaling Site Reliability Knowledge

Network | VPN | Create

Table of Contents

In this section, you’ll learn how to set up and configure a VPN service on the RELIANOID appliance using various VPN profiles.

VPN services list #

The VPN service list is shown in the image below.

relianoid load balancer v8 network vlan list

Creating a VPN Service #

When you click the Create VPN action, a form similar to the one below will appear.

relianoid load balancer v8 network vlan create

Fields description:

  • Name: Assign a suitable label to the VPN.
  • Profile: Select the VPN type from the available options.

Upon clicking the profile field, you can choose from three VPN profiles:

ZSS: RELIANOID Site to Site VPN. Used for client-to-load balancer or load balancer-to-server connections. Relianoid acts as the default gateway for local and remote subnets using IPsec.
ZTN: RELIANOID Tunnel VPN. Creates a GRE tunnel over IPsec, suitable for client-to-load balancer or load balancer-to-server connections. Relianoid serves as the default gateway for local and remote subnets.
ZRS: RELIANOID Remote Site VPN. RELIANOID functions as a VPN server, assigning dynamic IP addresses to clients, with traffic routed through the load balancer using IPsec in server mode (road warrior).

Refer to the figure below for the VPN profile selection.

relianoid load balancer v8 network vlan create

When you select a profile, such as ZTN (Tunnel L2TP), a more detailed form will appear. Fill out this form carefully with the required information.

The image below shows a glimpse of the fields in the detailed form.

relianoid load balancer v8 network vlan create

Here is a brief description of the fields you’ll fill in the form:

Authentication #

Authentication method. Method to verify submitted credentials. This method is usually kept a secret.
Password. User password for accessing the VPN.

Local Network Configuration #

Local gateway. Default gateway for the local server to access external resources.
Local IP. IP address of the local server (supports IPv4 and IPv6).
Local netmask. Subnet mask of the local server.
Local tunnel IP. IP address of the local tunneling host (supports IPv4 and IPv6).
Local tunnel netmask. Subnet mask of the local tunneling host.

Remote Network Configuration #

Remote gateway. Default gateway for the remote server to access external resources.
Remote IP. IP address of the remote server (supports IPv4 and IPv6).
Remote netmask. Subnet mask of the remote server.
Remote tunnel IP. IP address of the remote tunneling host.

Phase 1 Configuration #

Authentication. IKE Phase 1 negotiation algorithm.
Encryption. Encryption algorithms for securing data packets.
DH group. Algorithm for data secrecy between VPN endpoints.

Phase 2 Configuration #

Protocols. Type of IPsec protocol for authenticating packets.
Authentication. IKE Phase 2 negotiation algorithm.
Encryption. Encryption methods for securing data packets.
DH group. Algorithm for data secrecy between VPN endpoints.
Pseudo random function. Algorithm for creating randomness in keying purposes.

Both IPv4 and IPv6 stacks are supported, with the requirement that the Netmask and Gateway are configured in the same stack as the IP address.

Once all required fields are filled, click the Apply button to create the new VPN service.

SHARE ON:

Powered by BetterDocs