Networks
Managing Networks in ETM Dashboard
ETM Dashboard enables you to group Edge Threat Management NG Firewall and Micro Edge appliances into a network. By grouping appliances, you can obtain information specific to the collection of appliances in the Network. You can also apply a standard set of WAN Routing Rules to all Micro Edge appliances that belong to the same Network.
Creating a Network
To create a Network:- Click the Networks tab. The Networks screen shows a list of your Networks.
- Click Create Network.
- Select the NG Firewall and Micro Edge appliances to add to your Network.
- Click Next to review the summary of your Network.
- Click Create.
Managing Appliances in your Network
Your Networks appear in the Networks panel of the Networks screen. Select a Network to manage its associated appliances.
Appliances Widget
Map Widget
Software-defined Networks Widget
Network Performance Widget
WAN Rules Widget
Setting up Software-defined Networks in the ETM Dashboard
You can automatically set up one or more software-defined networks to connect remote office networks managed by Micro Edge and NG Firewall. The ETM dashboard controls each software-defined network and uses WireGuard VPN tunnels to route traffic between each network in a site-to-site mesh topology. Managing your software-defined networks via ETM Dashboard reduces the complexity of manually configuring VPN tunnels.
Prerequisites
Before configuring your Software-defined network, confirm that your appliances meet the following requirements:
- Version 3.1 or newer
- Version 16.1 or newer.
- IPsec and OpenVPN must be disabled or uninstalled.
- NG Firewall Complete or Trial License.
- You must install the WireGuard app.
Setting up the Software-defined Network
To set up your software-defined network, you must first create one. See Managing Software-defined Networks in ETM Dashboard for steps to create your Software-defined Network.
- From the Networks list, select your network.
- Locate the Software Defined Network widget containing the appliances in your network.
- Select each appliance and click Configuration.
- Turn on the Enable option to activate VPN access for this appliance and the networks behind it.
- After enabling access, choose the local subnets you want to make accessible to other appliances in this network.
- You can also specify a new Endpoint Address if you would like to choose the WAN IP address used when other appliances connect to this appliance. You can enable the 'Automatic' option to allow the ETM Dashboard to determine the appropriate endpoint address.
- Selecting shared subnets is optional. If no local subnets are enabled, this appliance network acts in client mode and can access resources of remote networks but not vice versa.
- If a local subnet conflicts with a shared subnet from a different appliance, you cannot enable VPN access, which may result in routing issues.
Synchronizing the Software-defined Network
After you enable access to your appliances and specify shared subnets, you must synchronize your changes. This action adds, removes, or updates VPN tunnels for each appliance in the network.
Troubleshooting
If there is a specific reason that an appliance cannot sync, the Software Defined Network widget provides information in the Notes column next to the associated appliance.