Uploading Tunnel Configuration Files

Harmony SASE Managers and Admins can import a Site-2-Site VPN connection configuration file. This will automatically populate the Harmony SASE tunnel configuration fields with the corresponding information from the remote site.

This will reduce admin work by eliminating the need to populate fields manually and reduce the possibility of tunnel misconfigurations during the initial tunnel creation process. Admins can manually change the imported values after the uploading process.

To upload a configuration file from the Tunnel Creation or Edit dialogue, locate the 'AWS/Azure VPN Connection Configuration File' section under General Settings, then click the 'Upload File' button to the right of the window:

Supported Vendors and Tunnel Types

• Amazon Web Services (AWS)
  • Single Tunnel
  • Redundant (High-Availability) Tunnels
• Microsoft Azure
  • Single Tunnel
    
    Redundant (High-Availability) Tunnels with Azure

    Currently, the import feature is not supported for Redundant (High-Availability) Tunnels on Azure Cloud. Please follow our Azure Redundant Tunnels - Virtual network gateway guide for manual instructions.

Downloading the configuration file

Amazon Web Services (AWS)

After setting up your Site-to-Site tunnel, navigate to your VPC -> Virtual Private Network (VPN) -> Site-to-Site VPN Connections, and click Download to get the configuration file,

• When exporting configuration files from AWS for a single tunnel, please choose the Strongswan format:
  
• When exporting configuration files from AWS for a redundant tunnel, please choose the Generic format:
  

Microsoft Azure

After setting up your Site-to-Site tunnel, navigate to your Virtual network gateway, then Click Connections. Choose your connection with Harmony SASE and click Download configuration to get the configuration file:

• When exporting configuration files from Azure for a single tunnel, please choose the Generic Samples format:
  

Value extracted