...
In the Armor Management Portal (AMP), in the left-side navigation, click Infrastructure.
Click L2L VPN.
In the top menu, in the drop-down menu, select the data center where the virtual machine lives.
Click the plus ( + ) icon.
If you do not have any tunnels in that data center, then click Create an L2L tunnel.
In Tunnel Name, enter a descriptive name.
Use the slider to enable or disable the tunnel.
In Pre-Shared Key, enter a secure password.
You will use this key to securely connect to your local endpoint.
You can click Generate New Key to generate a password.
You can also create your own key. If you create your own key, the key must contain the following requirements:
16 to 96 characters
One lower-case letter
One upper-case letter
One number
In Internet Key Exchange Version (IKE Version), select the IKE version (IKEV1 or IKEV2).
In Digest Algorithms, select an algorithm (SHA1 or SHA256).
In Encryption Mode, select an encryption mode:
Advanced Encryption Standard (AES-128), (AES-256-CBC), or (AES-256-GCM).
Select a Diffie-Hellman Group option:
DH-2
MODP with a 1024-bit modulus
DH-5
MODP with a 1536-bit modulus
DH-14
DH-15
DH-16
Enable or disable Perfect Forward Secrecy (PFS).
Tunnel Configuration
Digest Algorithms, select an algorithm (SHA1 or SHA256).
Encryption Mode, select an encryption mode: (AES-128, AES-256, AEC-GCM)
Select a Diffie-Hellman Group option:
DH-2
MODP with a 1024-bit modulus
DH-5
MODP with a 1536-bit modulus
DH-14
DH-15
DH-16
In Remote Peer IP Address, enter your VPN peer IP address.
In Remote Host/Networks (CIDR), enter your LAN encryption domain, and then click the plus ( + ) sign.
In Local Host/Networks (CIDR), enter the Armor LAN encryption domain, and then click the plus ( + ) sign.
This information is the same as your secure cloud server IP address at Armor.
Click Save Changes.
...