Properties

Name

Specifies a symbolic name for the interface. (Identifier)

OuterInterface

The physical interface that the OneConnect interface will listen on.

ServerPort

The listening port for the OneConnect interface. (Default: 443)

UseDTLS

DTLS increases VPN performance significantly but makes it easier to detect VPN tunnels. (Default: Yes)

DTLSPort

The port used for the DTLS connection for the OneConnect interface. (Default: 443)

ServerIP

The listening IP Address for the OneConnect interface.

HostName

(Optional) Limit server to only respond to matching hostname from client. (Optional)

IPAddressPool

A range, group or network that will be the IP pool from which the OneConnect clients will receive their IP addresses.

Netmask

Netmask sent to the OneConnect Client. (Default: 255)

InnerIP

The inner IP Address of the OneConnect interface.

PrimaryDNS

The IP Address of the primary DNS Server. (Optional)

SecondaryDNS

The IP Address of the seconday DNS Server. (Optional)

DNSSuffixes

(Optional) DNS suffixes to be pushed to the client. (Optional)

AutoProxyURL

(Optional) Proxy URL to be pushed to the OneConnect client. (Optional)

Routing

Describes how the traffic from the client should be routed. (Default: All-Nets)

ClientRoutes

Networks that the OneConnect Client will route through the tunnel.

AuthSource

Specifies if existing Authentication Rule should be used or if an internal simplified Authentication Rule should be created.

LocalUserDB

Specifies the local user database that will be used to authenticate users matching this rule.

OIDCProvider

Specifies the authentication server that will be used to authenticate users.

RadiusServer

Specifies the authentication server that will be used to authenticate users.

LDAPServer

Specifies the authentication server that will be used to authenticate users.

EasyAccess

OneTouch/Passwordless login. (Default: No)

EasyAccessUserMsg

Message sent to the user directing her/him to use her/his OneTouch app. (Default: "Please use \'OneTouch\' mobile app. to authenticate yourself.")

Groups

Specifies the user groups a user must belong to to be allowed to login. (Optional)

MTU

Maximum Transmission Unit. (Default: 1400)

SNMPIndex

Interface index assigned by the system when persistent interface indexes are enabled. (Default: 0)

Attribute

Special Attribute of the current object. (Optional)

MemberOfRoutingTable

All or Specific. (Default: All)

RoutingTable

Specifies the PBR table to insert the interface IP route into. It also means that the specified routing table will be used for all routing lookups, unless overridden by a PBR rule. (Default: main)

ProxyARPAllInterfaces

Always select all interfaces, including new ones, for publishing routes via Proxy ARP. (Default: No)

ProxyARPInterfaces

Specifies the interfaces on which the firewall should publish routes via Proxy ARP. (Optional)

Zone

(Optional) Specifies the Zone that this interface is a member of. (Optional)

Comments

Text describing the current object. (Optional)