Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Configuring Dynamic VPN Tunnels Threshold for all Tenants

 

CSO can dynamically create or delete a VPN tunnel (that does not pass through a gateway site or a cloud hub) between two spoke sites if the following conditions are met:

  • The number of sessions closed between two spoke sites crosses the threshold value.

  • The WAN links of the two spoke sites have matching mesh tags.

For more information on dynamic VPN tunnels, see Dynamic VPN Tunnels Overview.

To modify threshold values at the global-level (for all tenants):

  1. Select Administration > Dynamic VPN.

    The Dynamic VPN page appears.

  2. Complete the configuration according to the guidelines in Table 1.Note

    Fields marked with * are mandatory.

  3. Click Save to save the changes.

    A confirmation message appears indicating that the threshold values are saved and you are returned to the Dynamic VPN page.

    The threshold values that you specify here are immediately applicable for all the tenants that you add after modifying the threshold value.

    Note

    You can also modify the threshold values while adding a tenant. The threshold value that you specify on the Add Tenant page for a specific tenant overrides the threshold value that you specified on the Dynamic VPN page of the Administration Portal at the global level (for all tenants).

Table 1: Fields on the Dynamic VPN page

Field

Description

Threshold for Creating a Tunnel

Sessions Closed

Specify the number of sessions closed (for a duration of 2 minutes) between two spoke sites.

If the number of sessions closed (for a duration of 2 minutes) is greater than or equal to the value that you specified, a dynamic VPN tunnel is created between two spoke sites.

The default threshold value (the number of sessions closed for 2 minutes) is 5.

For example, if you specify the number of sessions closed as 10, dynamic VPN tunnels are created if the number of sessions closed between two spoke sites in 2 minutes is greater than or equal to 10.

Threshold for Deleting a Tunnel

Sessions Closed

Specify the number of sessions closed (for a duration of 15 minutes) between two spoke sites.

If the number of sessions closed (for a duration of 15 minutes) is lesser than or equal to the value that you specified, a dynamic VPN tunnel is deleted between two spoke sites.

The default threshold value (the number of sessions closed for 15 minutes) is 2.

For example, if you specify the number of sessions closed as 20, dynamic VPN tunnels are deleted if the number of sessions closed between two spoke sites in 15 minutes is less than or equal to 20.

Related Documentation