English (US) Italiano
Follow

How to Connect a Security Gateway to a Switchboard - Manual

Applies to Platform: Switchboard, 4i, UTM 6.0
Last update: 12 Dec 2024

Introduction

This article will walk a user through the necessary steps to connect an Endian Security Gateway appliance to their Endian Switchboard by manually creating a VPN connection.

In order to proceed, you need to satisfy the following prerequisites and in particular you need to have:

  1. An accessible instance of the Endian Switchboard available by FQDN or IP address
  2. A certificate file from your specific Endian Switchboard
  3. An Endian Security Gateway hardware appliance with Internet access to the Switchboard VPN protocol and port (default UDP 1194)

Retrieve Switchboard Certificate

In order to manually create a VPN connection from an Endian Security Gateway to an Endian Switchboard you will need the CA certificate file. To do this, you will need access to the Devices > Gateways page and select Download CA certificate. This will automatically download the certificate file to your local computer's file system (take note of where it's stored).

If this is not possible, you should request an administrator of the Switchboard to securely send you the certificate file.

Endian Security Gateway

In order to create the VPN client connection, you need to navigate to VPN > OpenVPN client (Gw2Gw) and click the Add new VPN tunnel button.

On the Configure a new VPN tunnel page, you will need to enter the following details:

  1. Tunnel name:  A descriptive name for this tunnel (e.g. "switchboard-vpn")
  2. Connect to:  A fully-qualified domain name or IP address and the port and protocol used by the Switchboard for VPN connections

    Format:  <domainname / IP address>:<port>:<protocol>
    Example 1:   vpn.example.com:1194:udp (connects to vpn.example.com on UDP 1194)
    Example 2:  1.2.3.4:443:tcp (connects to 1.2.3.4 to TCP 443)

  3. Upload certificate file:  Choose the certificate file downloaded in the previous step
  4. Username:  The name of the gateway created on the Switchboard
  5. Password:  The password of the gateway created on the Switchboard
  6. Fallback VPN servers (optional): An alternate FQDN or IP address, protocol and port of the Switchboard following the same format as the Connect To field <FQDN/IP:port:protocol>
  7. Device Type: This should usually be set to TUN (default)
  8. Protocol: The default is UDP but can be changed to TCP if required on the Switchboard

Click the Save tunnel button to save the connection information.

Once done, you will then see the status of the connection on the VPN > OpenVPN Client (Gw2Gw) page. If successful you will see the tunnel status as Established.

Have more questions? Submit a request

Comments