Versions Compared

Version Old Version 41 New Version 42
Changes made by

Former user

Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Anchor
Create a L2L VPN tunnel with a new workload
Create a L2L VPN tunnel with a new workload
Create an L2L VPN tunnel with a new workload 

Note

You must first create a workload before you can create an L2L VPN tunnel.

  1. In the Armor Management Portal (AMP), in the left-side navigation, click Infrastructure
  2. Click L2L VPN.
  3. If you have virtual machines in various data centers, then click the corresponding data center. 
  4. Click New L2L.
  5. In Tunnel Name, enter a descriptive name. 
  6. In Encryption Mode, select an encryption mode. You can select between Advanced Encryption Standard or Data Encryption Standard
  7. In Pre-Shared Key, click Generate or create your own key. You will use this key to securely connect to your local endpoint. 
    • If you create your own key, this key must contain the following requirements:
      • 16 to 96 characters
      • One lower-case letter
      • One upper-case letter
      • One number
  8. In Remote Peer IP Address, enter your VPN peer IP address. 
  9. In Remote Host/Networks (CIDR), enter your LAN encryption domain, and then click the plus ( + ) sign. 
  10. In Local Host/Networks (CIDR), enter the Armor LAN encryption domain, and then click the plus ( + ) sign. 
    • This information is the same as your secure cloud server IP address at Armor. 
  11. Click Save L2L

To create an L2L VPN tunnel, you must have an existing workload with an existing virtual machine. To learn how to create a virtual machine, see Create a virtual machine with a new workload.

Excerpt
hiddentrue

This has been updated; however, I am waiting for more information regarding perfect forward secrecy. 

Note
  1. In the Armor Management Portal (AMP), in the left-side navigation, click Infrastructure.
  2. Click L2L VPN.
  3. In the top menu, in the drop-down menu, select the data center where the virtual machine lives. 
  4. Click the plus ( + ) icon. 
    • If you do not have any tunnels in that data center, then click Create an L2L tunnel.
  5. In Tunnel Name, enter a descriptive name. 
  6. Use the slider to enable or disable the tunnel. 
  7. In Pre-Shared Key, enter a secure password. 
    • You will use this key to securely connect to your local endpoint. 
    • You can click Generate New Key to generate a password.
    • You can also create own key. If you create your own key, the key must contain the following requirements:
      • 16 to 96 characters
      • One lower-case letter
      • One upper-case letter
      • One number
  8. In Encryption Mode, select an encryption mode:
    • Advanced Encryption Standard (AES-128) or (AES-256)
    • Data Encryption Standard (3DES
  9. Mark a Diffie-Hellman Group option: 
    • DH-2
      • MODP with a 1024-bit modulus
    • DH-5
      • MODP with a 1536-bit modulus
  10. Enable or disable Perfect Forward Secrecy (PFD).
  11. In Remote Peer IP Address, enter your VPN peer IP address. 
  12. In Remote Host/Networks (CIDR), enter your LAN encryption domain, and then click the plus ( + ) sign. 
  13. In Local Host/Networks (CIDR), enter the Armor LAN encryption domain, and then click the plus ( + ) sign. 
    • This information is the same as your secure cloud server IP address at Armor. 
  14. Click Save Changes

...

Anchor
Edit a L2L VPN tunnel
Edit a L2L VPN tunnel
Edit an L2L VPN tunnel

...

  1. In the Armor Management Portal (AMP), in the left-side navigation, click Infrastructure
  2. Click L2L VPN.
  3. If you have virtual machines in various data centers, then click the corresponding data center. 
  4. Click the gear icon that corresponds to the desired L2L VPN tunnel, and then select Edit
    5. Make your desired changes, and then click Save L2L

...

hiddentrue
  1. the Armor Management Portal (AMP), in the left-side navigation, click Infrastructure
  2. Click L2L VPN.
  3. If you have virtual machines in various data centers, then click the corresponding data center. 
  4. Locate and hover over the desired virtual machine. 
  5. Click the vertical ellipses. 
  6. Click Edit
  7. Make your desired changes, and then click Save Changes

...

Anchor
Enable, disable, or delete a L2L VPN tunnel
Enable, disable, or delete a L2L VPN tunnel
Enable, disable, or delete an L2L VPN tunnel

...

L2L VPN

...

tunnel

...

  1. In the Armor Management Portal (AMP), in the left-side navigation, click Infrastructure
  2. Click L2L VPN.
  3. If you have virtual machines in various data centers, then click the corresponding data center. 
  4. Locate and hover over the desired virtual machine. 
  5. Click the vertical ellipses. 
  6. Click Enable, Disable, or Delete. 
  7. Make your desired changes, and then click Save Changes

...

Anchor
Troubleshooting
Troubleshooting
Troubleshoot L2L VPN screen

...