Create a VPN Broker Gateway element in the NGFW Manager
The VPN Broker Gateway element defines the endpoints used in the configuration.
The same VPN Broker gateway can belong to more than one VPN Broker domain.
Steps
Example
Fields marked with an asterisk in the user interface are mandatory.
Option | Definition |
---|---|
Endpoints table To edit the contents of a cell, click the cell. Click or to add a row. |
|
Info | You can enter a name and a comment for the endpoint. |
Endpoint Address | Select NGFW Engine IP Address, select Static Address, then select an element from the Static IP Address folder that represents the interface to use for the endpoint. Type part of the name of an element or browse through the drop-down list to select an element. |
Endpoint Class |
Select a default system Connectivity Type element that has the appropriate mode selected. Type part of the name of an element or browse through the drop-down list to select an element. The following system Connectivity Type elements are available:
|
Enabled | When selected, the endpoint is enabled. You can temporarily disable the endpoint without deleting it. |
Used for Client Gateways | When Yes is selected, VPN Broker members can communicate using the endpoint. If there is an intermediate NAT device between this VPN Broker and VPN Broker members, add a contact address. |
Used for Broker Servers |
When Yes is selected, other VPN Broker gateways can communicate using the endpoint. If there is an intermediate NAT device between this VPN Broker and other VPN Broker gateways, add a contact address. |
VPN Broker Gateway ID |
Enter a unique ID number for the VPN Broker Gateway as an integer. The allowed range is 1–255. Note: In the NGFW Manager, you enter
the VPN Broker Gateway ID as a decimal number. However, the ID is converted internally to a hexadecimal number. For example, an ID of 10 is converted to 0A
in the MAC address of the VPN Broker Gateway. The allowed range in hexadecimal numbers is
1–FF.
When a log entry is generated, the SMC uses this value to identify the VPN Broker that generated the log entry. Tip: We recommend that you make a note of the VPN Broker Gateway ID for each VPN Broker Gateway.
|