Clientpack Generation


Clientpack Generation is required regardless of use-case. In deployments where the Overlay Network is un-used, clientpacks can be disabled after generation.

The Controller is now configured to the License specs (how many Controllers it can peer with, how many clientpacks are available, and how many ipsec links are available).

Generating TLS Certificates

The first step in Controller configuration is to generate the X.509 cryptographic keys associated with each Overlay Network IP called clientpacks. The clientpacks are used along with an TLS client (OpenVPN is recommended) to connect a client server to the Overlay Network using a specific IP address over an encrypted SSL tunnel.

Click “Generate New” under “Overlay” in the left column.

During key generation you can specify a Topology name to be displayed in the Controller UI for a given set of peered Controllers. This can be changed at anytime by clicking on the Topology Name under Admin in the left column menu.

Also specify a security token. This is a passphrase used for Controller peering and Remote Configuration.

VNS3 Config Gen Keyset Page

Click “Generate Keys” link. The credential generator will be started in the background, and you can refresh your screen to observe progress.

Skip to VNS3 Peering Mesh