3.1.9. VPNGW

This OpenNAC Enterprise module, allows the remote centralized management of the VPN Gateway nodes and its configuration. It maintains the system update packages and the object base (networks, hosts, protocols, means of authentication, etc.) to distribute among the different VPN Gateways.

It is a mandatory component for the Secure Remote Access 2SRA module, that includes the memory of the solution where all the configuration, assets, and parametrization are saved.

../../../_images/vpngw_menu.png


About the VPNGW License

If you have an existing license for VPNGW, this will appear enabled by default, meaning that you will be able to access and use the VPNGW features without any additional setup.

However, if the VPNGW module is disabled on your license, you won’t be able to access the VPN features. The module will not be displayed in the Administration Portal frontend menu, and and API calls will return an error.

If you need to create a new license that includes the VPNGW module, you can use a specific command:

./create_license.php -i {inputPath} -vpngw_mod

However, please note that by default the VPNGW module will be disabled on the new license. So, you will need to enable it manually if you want to use the VPN features.

Before performing any configuration task, it is important to understand the terminology related to the VPNGW module and its corresponding concepts, representing levels of configuration and customization:

  • Manage VPNGW: This section allows you to manage the VPN Gateway nodes, configure workers and also manage the OpenVPN, WireGuard and Shorewall protocols.

  • CMDB: From this section you can manage your Objects, Radius authentications, Certificate authorities, and Server certificates

  • FARM: This section allows you to manage and configure the farms you have previously created in the “Manage VPNGW” section.