Automatic VPN Site management
The VPN settings for NGFW Engines include a Site that is automatically populated and updated according to the routing definitions.
All interfaces and networks are included in the automatic Site, except interfaces with the Any Network element. If loopback IP addresses are defined for the engine, you can use a loopback IP address as an endpoint IP address.
You can change this automatic Site in the following ways:
- You can disable individual interfaces through their right-click menu. This way, you can exclude some of the internal interfaces from VPNs.
- You can add addresses to the automatic Site at the top level (at the same level with the Interface elements, not inside them) by dragging and dropping the correct Networks or other elements.
- You can add more Sites alongside the automatic Site.
- You can define the automatic Site as Private in some VPNs.