VPN Configuration

Establishing a Virtual Private Network (VPN) connection between LevelBlueUSM Appliance components encrypts all network traffic that passes through a secure VPN tunnel. The LevelBlue VPN environment consists of a single VPN server that connects to at least one, but usually multiple, VPN clients. In general, you configure a USM Appliance Server (Standard or Enterprise) or an USM Appliance All-in-One to act as the VPN server.


  • A USM Appliance system cannot serve both as a VPN server and a VPN client at the same time.
  • You cannot configure a USM Appliance Enterprise Server to be the VPN client.


You must have already set up your USM Appliance Server, USM Appliance Sensor, or USM Appliance Logger, with one exception. If you intend for your Sensor or Logger to act as the VPN client, you only complete setup up to, but not including, the tasks in Configure the USM Appliance Sensor after Deployment or Configure the USM Appliance Logger after Deployment, as applicable.

Before completing that configuration task, you must have first created a VPN tunnel between the VPN server and VPN client. This gives you the VPN IP address required to configure the Sensor or Logger in that role.