Remove a VPN site from all VPNs

You can remove a site that has been manually added to the VPN gateway. The site is removed from all VPNs where the VPN gateway is used.

Note: To remove the automatic site from an NGFW Engine that acts as a VPN Gateway, disable automatic VPN site management. There must be at least one enabled site.

For more details about the product and how to configure features, click Help or press F1.

Steps

  1. Select Configuration.
  2. Open the list of sites for the gateway in one of the following ways:
    • Right-click an NGFW Engine, select Edit <element type>, then browse to VPN > Sites.
    • Browse to SD-WAN > VPN Gateways, double-click the External VPN Gateway element, then click the Sites tab.
  3. Right-click the site, then select Remove.
  4. Save the changes in one of the following ways:
    • In the Engine Editor, click Save and Refresh.
    • In the External VPN Gateway Properties dialog box, click OK.

Next steps

If you edited a previously configured VPN, refresh the policy on all affected gateways to transfer the changes. The configurations of external gateways might also require an update.

Engine Editor > VPN > Sites

Use this branch to select the protected IP addresses that are behind the gateway.

Option Definition
Add and update IP addresses based on routing When selected, the site content updates automatically according to changes made in the routing configuration for the NGFW Engine (for interfaces that are not disabled).
Note: When the option is not selected, you must manually define the addresses that you want to be routable through the VPN.
Search Opens a search field for the selected list.
Up Navigates up one level in the navigation hierarchy. Not available at the top level of the navigation hierarchy.
Tools
  • New — Creates an element of the specified type.
  • Show Deleted Elements — Shows elements that have been moved to the Trash.
Left pane Shows elements that you can add to the site definition.
Add Adds the selected element to the site content.
Remove Removes the selected element from the site content.
Search Opens a search field for the selected element list.
Up Navigates up one level in the navigation hierarchy. Not available at the top level of the navigation hierarchy.
New Creates an element of the specified type.
Tools
  • Expand All — Expands all levels of the status tree.
  • Collapse All — Collapses all levels of the status tree.
  • Refresh View — Updates the view.
Right pane Allows you to change the IP addresses that are included in the site definition.

External VPN Gateway Properties dialog box

Use this dialog box to define the properties of an External VPN Gateway element.

Option Definition
General tab
Name Specifies the unique name of the element.
Gateway Profile Shows the selected gateway profile.
Select Opens the Select Element dialog box.
Category Shows the assigned category.
Select Opens the Category Selection dialog box.
Comment An optional comment for your own reference.
Option Definition
Endpoints tab
Search Opens a search field. Enter a search parameter to locate an endpoint. Clicking X removes the search field.
New External Endpoint — Adds an external endpoint IP address. Opens the External Endpoint Properties dialog box.
Tools
  • Expand All — Expands all elements.
  • Collapse All — Collapses all elements.
  • Refresh View — Updates the element list.
  • Remove — Removes the selected row from the table.
Add Opens the External Endpoint Properties dialog box.
Edit Opens the External Endpoint Properties dialog box for the selected endpoint.
Remove Removes the selected endpoint from the list.
Option Definition
Sites tab
Search Opens a search field for the selected element list.
Up (Backspace) Navigates up one level in the navigation hierarchy. Not available at the top level of the navigation hierarchy.
Tools
  • New — Creates an element of the specified type.
  • Show Deleted Elements — Shows elements that have been moved to the Trash.
Add Adds the selected element to the content list.
Remove Removes the selected element from the content list.
Content Shows the selected elements.
Option Definition
Trusted CAs tab
Trust All The gateway accepts any valid CA that is configured, unless restricted in the VPN element.
Trust only selected Only selected CAs are accepted. Select the CAs that the Gateway must trust.