VPN requirements
-
The customer must create one single, secure, site-to-site, VPN tunnel per environment.
-
Tunnels from different environments may terminate at the same device at the customer site.
-
Additional tunnels to the same environment, for example, from multiple customer sites are not supported.
Note: M3 Cloud deployment architecture is dependent on the
presence of a VPN tunnel. Without this, fundamental parts of the solution, including
administration, UI tools, integrations and printing will be unusable.
The table shows IPSec device recommendations:
| Recommended | Cisco Systems*, Juniper, WatchGuard, Dell SONICWALL, Netgear, Fortinet, Barracuda Networks, Check Point*, Zyxel USA, McAfee Retail, Citrix Systems, Hewlett Packard, D-Link, WatchGuard, Palo Alto Networks, OpenSwan, pfSense, and Vyatta. |
| Acceptable | Any IPsec device that supports: IKE1 or IKE2, AES256 or AES128 or 3DES, SHA1 or MD5, and most important, NAT-Traversal standards |
| *Not supported--known issues |
Checkpoint R65+ requires native IPsec connections as Checkpoint does not conform to NAT-Traversal Standards. Cisco ASA 8.4(2)-8.4(4) bugs prevent a stable connection. |