BILLmanager 5 Documentation
en En
es Es
Your feedback is an opportunity for improvement!
Take part in the survey and contribute to the development of the ISPsystem ecosystem.
Take the survey

IPSec VPN

IPSec VPN is used for creating a Virtual Private Network (VPN). In BILLmanager you can configure VPN between organization routers and between an organization network and a VPN-gateway. Navigate to Products/Services  Virtual DC  Routers IPsec VPN Add

Note:
If your network is behind the NAT, enter its public IP address in Products/Services  Virtual DC  Routers IPsec VPN IP addresses

Enter the following parameters:

  • Tunnel name;
  • Description; 
  • Connection type — select a VPN-tunnel type:
    • To organization network — VPN between routers of one organization. In VMware it is called "a network in this organization"; 
    • To remote network — VPN between an organization and a remote VPN-gateway.  In VMware, it is called "a remote network". 

Connecting to an organization network

Enter the following parameters:

  • Router — select an organization network router for which the VPN-tunnel will be created; 
  • Local/External networks — select networks that will be included in the VPN; 
  • Local/External connection point — set the IP-address of the local/external network routers;
  • Encryption protocol; 
  • Encryption key; 
  • MTU — the size of the maximum transmission unit. 

Connecting to a remote network

Enter the following parameters:

  • Local networks — select a local network connected to the router and used in VPN-connection; 
  • External networks — select a network connected to the external VPN-gateway; 
  • Local connection point — select a network to connect to the external VPN-gateway. Usually, the external network (Internet) is used;
  • Local ID — VPN unique identifier in the local network; 
  • External ID — VPN unique identifier in the public network  (Internet); 
  • External IP address — enter an external IP address of the remote network router;
  • Encryption protocol; 
  • Encryption key; 
  • MTU — the size of the maximum transmission unit.

Configuration rules

  • you cannot create two VPN-channels with the same source and destination connection points; 
  • local and external ID VPN must not repeat; 
  • an external IP address must not match the external IP address of the load balancing server;
  • VPN  external IP address must not be included in the source range of IP addresses of the DNAT rule.

VPN deletion rules: 

  • deleting the VPN will automatically delete its connection to networks;
  • "network-network" VPN connections are deleted as follows: deleting one VPN will automatically delete the second one. 
The article was last updated on 06.24.2020. The article was prepared by technical writers of ISPsystem.