[NEBULA] zero touch vpn

FrankIversen
FrankIversen Posts: 92  Ally Member
First Anniversary Friend Collector First Comment Ideas master
edited April 2021 in Nebula
will zero touch vpn work when the customers have dynamic wan ips?

Comments

  • Zyxel_Irene
    Zyxel_Irene Posts: 118  Zyxel Employee
    First Anniversary Friend Collector First Answer First Comment
    @FrankIversen
    What is your VPN scenario, Nebula-to-Nebula or Nebula-to-NonNebula?

  • Zyxel_Irene
    Zyxel_Irene Posts: 118  Zyxel Employee
    First Anniversary Friend Collector First Answer First Comment

    If your NSG is not behind the NAT, Site-to-Site VPN with dynamic peer is supported by NSG for Nebula-to-Nebula VPN topology now. When NSG public IP is changed, VPN tunnel will disconnected and re-connected automatically. (Because if your NSG is behind the NAT, you need to set NAT-traversal on NCC.)


    For     Nebula-to-nonNebula VPN topology, if your nonNebula device is set up with a static IP and you can set it as Server Role, and Nebula device which is not behind the NAT run with DHCP, then when NSG public IP is changed, VPN tunnel will also disconnected and re-connected automatically.




  • FrankIversen
    FrankIversen Posts: 92  Ally Member
    First Anniversary Friend Collector First Comment Ideas master
    nebua-to-nebula, not behind nat. (the nsg will be the first firewall).
    Thanks.
  • Zyxel_Irene
    Zyxel_Irene Posts: 118  Zyxel Employee
    First Anniversary Friend Collector First Answer First Comment
    edited September 2017
    @FrankIversen
    You are running on zero touch VPN. ;)
    Once NSG public IP is changed, VPN tunnel will disconnected and re-connected automatically.

Categories

Nebula Tips & Tricks


    Read more

    Nebula Help Center

    EnglishTiếng ViệtРусскийไทย中文(台灣)