Configure a VPN Between USM Appliance Systems

Applies to Product: USM Appliance™ LevelBlue OSSIM®

To set up a VPN between two USM Appliance components, for example, between a USM Appliance All-in-One and a USM Appliance Sensor, or between a USM Appliance Server and a USM Appliance Logger, you need to configure through the LevelBlue Setup menu, on the System Preferences > Configure Network > Setup VPN screen:

AlienVault Setup menu > System Preferences > Configure Network > Setup VPN

Note: You must have completed the USM Appliance registration to see the VPN-related configuration options in the LevelBlue Setup menu.

If setting up VPN in USM Appliance version 5.0 or earlier, you first enable VPN, then configure the VPN server.

If setting up VPN in USM Appliance version 5.1 or later, these tasks are reversed, with the VPN server configuration first, then VPN enablement.

When you configure a VPN server, you create the VPN interface by specifying the following parameters:

  • Virtual network IP — 10.67.68
  • VPN network mask IP — 255.255.255.0
  • VPN port — 33800

To configure the VPN server

1. Log in either locally or remotely to the LevelBlue appliance that you want to act as the VPN server.

2. From the Setup Main menu, go to System Preferences > Configure Network > Setup VPN > Configure VPN server, then press Enter (<OK>).

3. On the Configure VPN server screen, press Enter (<Yes>) again.

4. Enter a virtual network IP to use and press Enter (<OK>).

Note: By default, the network IP is always 10.67.68.

5. Enter a VPN mask and press Enter (<OK>).

Note: By default the mask is always 255.255.255.0

6. Enter a VPN port and press Enter (<OK>).

Note: By default, it is always 33800.

7. Use the <Back> option and press Enter until the LevelBlue Setup menu reappears.

8. Go to Apply all Changes and press Enter (<OK>):

Apply All Changes console for AlienVault Setup Menu.

9. Press Enter (<Yes>) to confirm.

The system applies the changes and restart the services, then console displays: Changes Applied.

10. Press Enter (<OK>).

To enable the VPN

  1. From the LevelBlue Setup Main menu, go to System Preferences > Configure Network > Setup VPN > Enable/Disable VPN, then press Enter (<OK>).

  2. Use the arrow keys to move the asterisk(*) to "yes", press the spacebar to select, and then press Enter (<OK>).

    Enable/Disable VPN

  3. Press Enter (<OK>) again.
  4. Use the <Back> option and press Enter until the LevelBlue Setup menu reappears.
  5. Go to Apply all Changes and press Enter (<OK>).

You must complete the following VPN client creation tasks in the order presented:

This task builds a tunnel between the configured VPN server and the node intended to act as the VPN client.

To build a tunnel between the VPN server and a client

  1. Log in either locally or remotely to the VPN server appliance.
  2. From the Setup Main menu, go to System Preferences > Configure Network > Setup VPN > Configure VPN client.
  3. Press Enter (<OK>).
  4. Enter the Administration IP Address of the VPN client, and press Enter (<OK>).
  5. Enter the root password of the remote system, and press Enter (<OK>).

  6. Press Enter (<Yes>) to confirm.

    The system confirms that the VPN client node was successfully contacted:

    VPN creation confirmation console for AlienVault Setup menu.

    Note: Make note of the VPN IP address, because you will need it for the client configuration task.

  7. To continue, press Enter.

If the tunnel creation process does not finish successfully, the following message appears instead:

no connectivity error when building the VPN tunnel

In this case, see Building a VPN Tunnel Without a Client-Server Connection.

If the VPN client you are configuring is a USM Appliance Sensor or USM Appliance Logger, you need to finish the configuration by performing some additional steps. Click the corresponding link below for details.

Important: Make sure to use the VPN IP address you noted from the output in step 6 in creating the VPN client.