A tunnel defines a pair of subnets (one local, one remote) which will be able to communicate via a particular endpoint. An IPSec phase 2 SA is negotiated for each tunnel.

Tunnel definition are associated with a particular IPsec endpoint and allow some local subnet (e.g. the VNS3 Overlay or an unencrypted VPC VLAN) to connect to a remote subnet (e.g. your data center subnet, partner subnet, customer subnet).

You may define multiple tunnels per endpoint if you need to connect multiple local and/or remote subnets to a given peer.

You may NOT define tunnels whose remote subnets overlap, unless those tunnels are to the same endpoint.

The number of tunnels you can define is limited only by your license. Please contact us at sales@cohesive.net for questions about licensing or billing.

Watch a visual guide for IPsec tunnels, endpoints, and cloud configurations:

[Watch the video on YouTube: https://youtu.be/ms5u2e7Mmxo]


Next, watch CEO Patrick Kerpan walk through IPsec basics to create and manage IPsec based tunnels in your virtual network:

[Watch the video on YouTube: https://www.youtube.com/watch?v=E2z2TpkeFqM]