Authentication
OIDC Authentication
VNS3 Licensing
Access Management
Clientpack Generation
Installing HTTPS
Firewall 2.0
Firewall
AWS Specific features
Firewall FWSets
VNS3 Variables
VNS3 Router
IPsec Configuration
IPsec Parameters
VNS3 Peering Mesh
Setting Topology Name
VNS3 Overlay Network
Snapshot Management
VNS3 Event Alerting
Network Address Translation
Traffic inspection
SNMP Support
VNS3 BGP Configuration Guide
Remote Support
Resetting VNS3
Upgrading
VNS3 Release Notes
VNS3 EOL Policy and Milestones
IPSec Connection Checklist
VNS3 Known Issues
VNS3 Specifications
VNS3 VPN Client tools
VNS3 Control Center
VNS3 setup
VNS3 Specifications
VNS3™ delivers cloud networking and NFV functionality for virtual and cloud environments. The VNS3 virtual network security appliance includes a router, switch, stateful firewall, VPN support (IPsec and SSL), and protocol redistributor, and extensible NFV optimized for all major cloud providers. VNS3 cloud networks are configured and managed through the VNS3 Manager web-based UI or resetful API.
Availability
Available for Public Clouds
Amazon Web Services EC2, Amazon Web Services VPC, Microsoft Azure, CenturyLink Cloud, Google Compute Engine (GCE), IBM SoftLayer, ElasticHosts, InterRoute, Abiquo.
Available for Private Clouds
Openstack, Flexiant, Eucalyptus, Abiquo, HPE Helion, and more.
Available for Virtual Infrastructure
VMware (all formats), Citrix, Xen, KVM, and more.
Device and Connectivity Support
VNS3 Supports Most IPsec Data Center Solutions:
Preferred Most models from Cisco Systems*, Juniper, Watchguard, Dell SONICWALL, Netgear, Fortinet, Barracuda Networks, Check Point*, Zyxel USA, McAfee Retail, Citrix Systems, Hewlett Packard, D-Link, WatchGuard, Palo Alto Networks, OpenSwan, pfSense, and Vyatta.
Best Effort
Any IPsec device that supports: IKE1 or IKE2, AES256 or AES128 or 3DES, SHA1 or MD5, and most importantly NAT-Traversal standards.
*Known Exclusions
- Checkpoint R65+ requires native IPSec connections as Checkpoint does not conform to NAT-Traversal Standards.
- Cisco ASA 8.4(2)-8.4(any) and Cisco ASA-X 9.2(any)-9.6.1 bugs prevent a stable connection from being maintained.
- FortiGate 6.2.3+ uses the same SPI value to bring up Phase 2 IPsec negotiations for all subnets/tunnels. Policy-based IPsec VPN tunnels configured on VNS3 will expect different SPI values for each tunnel. Documentation on how to Use multiple phase 2 tunnels on the FortiGate to create different SPI values for each subnet can be found in the Fortinet Administration Guide (example: v6.4.5 Guide).
Updated on 07 Apr 2021