Use the Global Configuration screen to configure IPsec VPN authentication settings at an edge gateway level. On this screen, you can set a global pre-shared key and enable certification authentication.

A global pre-shared key is used for those sites whose peer endpoint is set to any.

Prerequisites

Procedure

  1. Open Edge Gateway Services.
    1. From the top navigation bar, select Resources, and click the Cloud Resources tab.
    2. In the left panel, click Edge Gateways.
    3. Click the radio button next to the name of the target edge gateway, and click Services.
  2. On the IPsec VPN tab, click Global Configuration.
  3. (Optional) Set a global pre-shared key:
    1. Enable the Change Shared Key option.
    2. Enter a pre-shared key.
      The global pre-shared key (PSK) is shared by all the sites whose peer endpoint is set to any. If a global PSK is already set, changing the PSK to an empty value and saving it has no effect on the existing setting.
    3. (Optional) Optionally enable Display Shared Key to make the pre-shared key visible.
    4. Click Save changes.
  4. Configure certification authentication:
    1. Turn on Enable Certificate Authentication.
    2. Select the appropriate service certificates, CA certificates, and CRLs.
    3. Click Save changes.

What to do next

You can optionally enable logging for the IPsec VPN service of the edge gateway. See Statistics and Logs for an Edge Gateway.