3.1.10.2.31. wireGuardSync

The wireGuardSync plugin enables communication with the VPN Gateway FW to manage and receive information about VPN users in the corporate network. It can be used along with the policy engine in order to isolate users in different “dynamic zones”. It also generates events on the disconnection of Multiplatform Agent users from the Business Profiles section.

The following fields must be configured to set up the plugin:

../../../../_images/wireguardsync123.png


  • TTL: The duration of the connection’s activity.

  • VPNGW-Role: Dynamic zone name.

  • Send email when login into the VPN: Flag to send an email to advise the user whether they have logged into the VPN or not. The user will receive an email similar to the following one:

../../../../_images/wireguardsync_email.png


  • E-mail sender: The sender email address.

  • Execution order: Determines the order in which sync plugins are executed, with higher priority assigned to lower numerical values (0 being the lowest priority). In situations where multiple plugins share the same execution order value, the execution order will follow an alphabetical arrangement.

forceFullTunneling

The wireGuardSync plugin includes a property called forceFullTunneling that provides the option of forcing full tunnelling by policy. It is a property that is disabled by default and can only be enabled within Custom params of a Policy.

To enable this property:

  1. Scroll down to the Postconditions configuration when creating or editing a policy.

  2. Click on Add new Custom params and assign to the wireGuardSync_forceFullTunneling property the value true:

../../../../_images/wireguardsync_tunnel.png


Ensure that the WireGuard configuration is correctly set up in its corresponding section, whether you use the Defautl Portal or the NextGen Portal.