VPN Community Settings

On the VPN community Settings page, you can configure the community settings.

When you configure VPN Communities for a plan, all gateways that belong to the plan become members of those VPN Communities. A gateway can be a member of more than one community. Gateways in the same community do not have to be from the same plan.

You can override the VPN community settings set by a plan for a specified gateway. You must first unlock the community settings from the plan.

Make sure that the Site to Site VPN blade is turned on in the appliance for the gateway to get the community settings.

Note - The VPN Community Settings are available from the Gateways and Plans tabs.

To configure community settings (from the Plans tab)

  1. Go to Home > Plans.

  2. Click the plan name.

    The Edit page opens.

  3. Click VPN > Community.

    The Participates in the following communities table shows.

  4. To add a community, click New and select the Community.

    Note - Member Type cannot be configured in a plan. All gateways are Normal Members.

  5. To delete a community, click the community name and click Delete.

  6. Optional - Click Do not encrypt connections originating from the local gateway.

    This means that packets whose original source IP address is the IP address used by the local gateway to connect to the internet will not go through a VPN tunnel.

  7. The excluded gateways are from the same plan.

  8. Click Save.

To configure community settings (from the Gateways tab):

  1. Go to Home > Gateways.

  2. Click the gateway name.

    The Edit page opens.

  3. Click VPN > Community.

    The Participates in the following communities table shows.

  4. If the settings are locked, click Unlock from plan.

  5. To add a community, click New and select the Community and Member Type.

    If the selected community is a Star Community, the Member Type is Normal or Center. To change a gateway to be the Center, configure the gateway properties.

  6. To delete a community, click the community name and click Delete.

  7. To use a DNS name instead of an IP address, click Use DNS name.

  8. Optional - Click Do not encrypt connections originating from the local gateway.

    This means that packets whose original source destination IP address is the IP address for the local gateway to connect to the internet will not go through a VPN tunnel.

  9. Click Save.

When you access the VPN > Community page from the Gateways tab, you can also configure the internal network topology and authentication method.